Home > Categories > Governance, Risk and Compliance > IAPP’s 2020 Privacy Tech Vendor Report Highlights Data Subject Request (DSR) Feature

Software Category

Governance, Risk and Compliance

Write Review

IAPP’s 2020 Privacy Tech Vendor Report Highlights Data Subject Request (DSR) Feature

The International Association of Privacy Professionals (IAPP) has released its 2020 Privacy Tech Vendor report, reviewing key software solution vendors within the space. This year’s report highlighted the recent addition of Data Subject Request (DSR) to the feature categories.

This most recent iteration of the IAPP Tech Vendor Report chose to include the DSR category within its evaluated features as this continues to present significant obstacles for organizations in-scope of the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Due to the complexity of taking on the DSR process as a manual task, especially for those organizations with large volumes of unstructured data, many key players in the privacy software space have opted to include it as a product feature, represented in 49 of the 304 total vendors assessed within the IAPP’s report. Although this feature provides an element of ease within the DSR steps, there still exist complications and nuances around elements of the DSR process. One key problematic area for organizations is in the identity verification step of the DSR, an area of focus that many key vendors have taken note of and promised to address through on-going feature improvements.

Source: IAPP Privacy Vendor Report

Our Take

Privacy may no longer be center stage, but it isn’t dead yet. While privacy has taken a back seat during the flurry of activity that has followed in the wake of COVID-19, the IAPP’s annual Privacy Tech Vendor report provides valuable insight around the primary issues that organizations continue to face with respect to privacy regulation adherence. While the initial cost involved in acquiring an automated DSR software solution may seem difficult to justify, IT leaders must consider the implications of the following:

  • Non-adherence to data privacy regulations and the potential resulting fines.
  • Time and financial cost involved in establishing an in-house DSR solution.
  • Process changes and re-education involved in altering current data collection methods.

Though the introduction of solutions that support DSR responses is not a cure-all, it may well be the more viable and resource-realistic option for organizations processing large volumes of complex, unstructured data. It is advised that organizations consider the expanded feature sets of privacy software vendors and weigh the financial cost with the support of streamlined processes, specifically those pertaining to the DSRs, prior to making their final purchase decision.

Want to Know More?

Build a Privacy Program

Comply with the California Consumer Privacy Act

Fast Track Your GDPR Compliance Efforts

Other Recent Research in Governance, Risk and Compliance

Governance, Risk and Compliance

Twilio Breach and Cloud Security

By exploiting a five-year-old configuration error, a hacker was able to access Amazon’s S3 cloud storage buckets on which Twilio’s code was loaded. As a result, customers were able to unknowingly download the modified code for twenty-four hours.

Governance, Risk and Compliance

Qualys and Ivanti Partnership Boasts an Incredibly Robust Vulnerability Management Platform

Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.

Governance, Risk and Compliance

IBM Raises Price on Software Support; Shoves Customers Toward the Cloud

IBM is changing the terms of its ubiquitous Passport Advantage agreement to remove entitled discounts on over 5,000 on-premises software products, resulting in an immediate price increase for IBM Software & Support (S&S) across its vast customer landscape.

Governance, Risk and Compliance

RiskSense Releases a Unified Infrastructure Security Risk Management Program

RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.