IAPP’s 2020 Privacy Tech Vendor Report Highlights Data Subject Request (DSR) Feature

The International Association of Privacy Professionals (IAPP) has released its 2020 Privacy Tech Vendor report, reviewing key software solution vendors within the space. This year’s report highlighted the recent addition of Data Subject Request (DSR) to the feature categories.

This most recent iteration of the IAPP Tech Vendor Report chose to include the DSR category within its evaluated features as this continues to present significant obstacles for organizations in-scope of the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). Due to the complexity of taking on the DSR process as a manual task, especially for those organizations with large volumes of unstructured data, many key players in the privacy software space have opted to include it as a product feature, represented in 49 of the 304 total vendors assessed within the IAPP’s report. Although this feature provides an element of ease within the DSR steps, there still exist complications and nuances around elements of the DSR process. One key problematic area for organizations is in the identity verification step of the DSR, an area of focus that many key vendors have taken note of and promised to address through on-going feature improvements.

Source: IAPP Privacy Vendor Report

Our Take

Privacy may no longer be center stage, but it isn’t dead yet. While privacy has taken a back seat during the flurry of activity that has followed in the wake of COVID-19, the IAPP’s annual Privacy Tech Vendor report provides valuable insight around the primary issues that organizations continue to face with respect to privacy regulation adherence. While the initial cost involved in acquiring an automated DSR software solution may seem difficult to justify, IT leaders must consider the implications of the following:

  • Non-adherence to data privacy regulations and the potential resulting fines.
  • Time and financial cost involved in establishing an in-house DSR solution.
  • Process changes and re-education involved in altering current data collection methods.

Though the introduction of solutions that support DSR responses is not a cure-all, it may well be the more viable and resource-realistic option for organizations processing large volumes of complex, unstructured data. It is advised that organizations consider the expanded feature sets of privacy software vendors and weigh the financial cost with the support of streamlined processes, specifically those pertaining to the DSRs, prior to making their final purchase decision.


Want to Know More?

Build a Privacy Program

Comply with the California Consumer Privacy Act

Fast Track Your GDPR Compliance Efforts