Processing GDPR Data Subject Requests with Office 365

MVP


GDPR comes into force on May 25, 2018. To help Office 365 tenant administrators respond to GDPR data subject requests, a new DSR case feature is available as a preview in the Security and Compliance Center. The feature is based on the existing eDiscovery case and content search functionality, so it should be very familiar to anyone who has searched Office 365 for email, documents, and other information.
https://www.petri.com/processing-gdpr-data-subject-requests-office-365

5 Replies

Am I missing something here?

 

As far as I am concerned, a DSR may come from employee, ex-employee, or member of the public.  But this tool only deals with the first of these use cases - I  have to specify someone who has an account to search against.  Or have I missed something?

You can input the email address of a non-employee... the search will find anything relevant to that address.

I can't.  I get the error message Please make sure all required fields in this step are filled out when I try to enter a non org email address. 

 

Also, does it have to be an email address.  Could it be just a name?

I can type in names or email addresses that don't belong to the tenant.

Adding names to a DSRAdding names to a DSR

Ah.  Looks like a UI issue.  Far too easy to hit next thinking you have a name in the data subject field when you haven't.  I'll wind my neck back in :)

 

Thanks for your help @Tony Redmond