According to Bryan Cave Leighton Paisner LLP, questions still surround the requirements of the General Data Protection Regulation (GDPR), even though it has been in force since May. In answer to the question about how much time a company has to respond to an access request, Paisner had this to say: The GDPR requires that an organization provide a person that makes an access request with information on action[s] taken within one month of receiving the request. The time period could be extended two additional months, depending upon the complexity and number of requests that a person makes.

Read more

Post By Nix (1,198 Posts)