I've been approached by our GRC and I'm struggling to find a decent answer on this one.
A UK data subject has made a request for their right to access data we have on them. The GRC team have created a Subject Rights Request in Priva and gone through the usual process of assigning applicability and refining the review set.
As part of the subject access request we obviously need to provide a the subject with a redacted version of the organisation data holds in line with the ICO recommendations and requirements.
The challenge is that this subject has been with the organisation for a long time and the review set comprises of a few thousand documents (despite aggressive pruning by the GRC team).
I've been unable to find a way to
- pattern match and annotate within the UI
- identify a rest API to achieve the same
- find any way to annotate at scale within Priva/Graph
I don't believe this would be a unique use case for organisations so I'm curious how everyone's handling this, using Priva for redaction at scale, if I've missed something obvious, or even if Priva is the right tool for the job?
Advise/tips/thoughts are appreciated!