Login or sign up: Please either login to Lexology or sign up for our free legal news service to be able to register for this event.

Key Considerations and Technologies for Responding to Employee DSARs



Complex Data Subject Access Requests (DSARs), especially from current or former employees, often require handling a wide range of data (often sensitive) across the enterprise. What’s more, recent events such as Brexit and Covid to name just two, have created additional challenges for effectively managing organisational data. The ‘new norm’ with remote working and the increase of Shadow IT have increased the burden on professionals responsible with fulfilling DSARs.

Whether it’s wading through the review process of thousands of emails, baring the cost of external counsel, or working with IT to ensure you have all the personal data you need from various (tricky to collect/legacy/remote) data sources, employee DSARs can be an extremely challenging exercise to fulfil.

Join Exterro and industry experts on this webinar panel to discuss key considerations when responding to employee DSARs and how technology can help fulfil complex requests. Notable points of discussion will include:

  • Exemptions and logistical considerations
  • Managing the end-to-end request lifecycle using a DSAR Portal and automated workflows
  • Overcoming data challenges – using technology to streamline the search, identify, collect, review, redact and approve phases of the DSAR.


Stuart Davidson
Senior Director of International Marketing at Exterro




Stuart Davidson is the Senior Director of International Marketing at Exterro. Exterro empowers legal teams to proactively and defensibly manage their complex Legal Governance, Risk and Compliance (Legal GRC) requirements. We are the only software provider offering a comprehensive Legal GRC software platform that automates the complex interactions of privacy, legal operations, digital investigations and cybersecurity response, compliance and information governance.

Thousands of legal teams around the world within corporations, law firms, and government and law enforcement agencies, trust our integrated Legal GRC platform to manage their risks and drive successful outcomes at a lower cost. For more information, visit exterro.com.

Robert Grosvenor
Managing Director at Alvarez & Marsal



Robert brings over 20 years of experience advising on global and cross border privacy, secrecy, records management and related data regulation requirements. With deep European regulatory and legal knowledge, Robert has developed strategic programs and led international compliance projects for major organisations across the financial services, life sciences, technology, media and retail/manufacturing sectors including GDPR readiness and BCR implementations. Robert’s areas of expertise include the compliant management of data in major digital transformation and data strategy initiatives. These initiatives include digital ethics and the impact of AI, ePrivacy including AdTech and IoT, blockchain, big data analytics, and cloud migrations.

Prior to joining A&M, Robert was a Managing Director at Promontory, an IBM Company, for nine years where he led the Global Privacy and Data Protection practice that specialises in international privacy and data protection compliance and risk management. Prior to establishing the practice in 2011, Robert also had a 13 year career with Deloitte, where he worked both in London and Brussels

Marie Bradley
Head of Risk & Compliance & DPO at By Miles



Marie focuses on Information Security, GDPR and operational process improvements through a risk-based approach, examining what the business needs and how these can be best supported by the existing culture, infrastructure, client needs, compliance and most importantly, the people. Marie is also a highly experienced Business Analyst and has written and taught Business Analysis courses, including those accredited by the BCS. Throughout her career, Marie has advised on data protection for marketing solutions, gaining formal certification as an ISO 27001 Lead Implementer, and has ran the GDPR programme for her former agency, Tribal Worldwide.


21 September 2021
13:00 - 14:00 UTC
60 min