01604 261655

What is the right to data portability?

Probably the least known of the individual rights is the right to data portability and what this does is gives individuals the right to receive personal data they have provided to a business in a structured, commonly used and machine readable format like excel or csv. It also gives them the right to request that a business transmits this data directly to another business. 

The right to data portability only applies when: 
  • your lawful basis for processing this information is consent or for the performance of a contract; and
  • you are carrying out the processing by automated means (ie excluding paper files).
  • Sometimes the personal data an individual has provided to you will be easy to identify (eg their mailing address, username, age).
Data Protection, GDPR

What are the limits when transmitting personal data to another business? 

Individuals have the right to ask you to transmit their personal data directly to another business without hindrance. If it is technically feasible, you should do this.
You should consider the technical feasibility of a transmission on a request by request basis.
Without hindrance means that you should not put in place any legal, technical or financial obstacles which slow down or prevent the transmission of the personal data to the individual, or to another organisation.
Now more than ever, organisations need a high level of assurance that users are who they say they are. To be effective, and to ensure their businesses stay agile, they also need a secure access solution that won’t slow users down, but instead provide them with a common and convenient experience to any application, from any device. RSA SecurID® is that solution. We can make password security become a highly controllable matter, designed to give total security and protection to corporate data.