Produce Documents

The third and last step in this process, which is different from a DSAR process, is producing the documents. When handling an access request, the goal is to provide the data subject with the various personal data that your organization is processing regarding the requester. It is then important to conceal and redact all personal data relating to third parties and to hereby protect their privacy.

When handling an erasure request, the goal is to find all personal data regarding the requester and remove their personal data where possible, and to justify the areas and instances in which such data cannot be erased.

Another important difference between the two processes, is that the objective of handling an erasure request is to create a report where the location and hash value of the data are visible, which must be sent to the IT department to find and erase the data.

ZyLAB ONE enables the user to easily download such a report and send it to the IT department. By clicking the wheel icon at the right side of the page, the user can select the preferred view, which in this case is “IT”.

Once the view is selected, click “Reports”.

You can then export the data to CSV or to Excel and send this report to the IT department of your organization. We recommend CSV for these purposes. The location and hash value of the data are then stated in the report.

This report contains the following columns:

• Hash value/MD5, a unique fingerprint of a document;
• Source Path, here you can see where the document is located (which drive), for instance F-drive;
• Name, here the name of the document is mentioned;
• Custodian, here you can see the custodian/owner of the document;
• File Type, here you see what kind of document it is, i.e. a photo, audio, email etc.

The IT-department can use this information to easily locate the documents and delete them.

For a more detailed overview of producing the documents and creating a pivot table— see DSAR - Produce Documents