GDPR: Market & DXC processes for handling Data Subject Requests
Since the introduction of GDPR in May 2018, the LMA and DXC have been working collaboratively to ensure there is a clear documented process in place to assist Data Controllers (in this case carriers) and DXC (as a Data Processor) in complying with Data Subject Access, Erasure or Rectification requests in an efficient and robust manner.
The documentation below provides details of the roles and responsibilities of both the market and DXC, and also process maps which set out the processes for handling specific data requests from receipt through to completion.
Also included is the pro-forma the market will be required to complete for DXC to act on and process any requests.
Currently, there is an expectation that these requests will be limited in numbers and on that basis DXC has agreed to perform this service at no cost to the market. However, DXC may need to review this position if there is a significant increase in the number of requests being raised.
If you have any questions regarding this service, please contact:
Senior Executive, Claims