GDPR: Performing Data Requests

Updated Jan 14th, 2022

Who is this guide for?

Accounts Users, Case Workers, Case Management Supervisors and System Supervisors

In line with GDPR regulations, Osprey Approach offers authorised personnel the ability to request data held on a client’s file and extract all data held, at the client’s request.

We have also produced a short video if you prefer to watch these steps.

Step 1

To utilise this functionality, relevant access must be granted to suitable personnel. There will be a two-step level of authorisation required, therefore, you will need to nominate users whom are requesters and users whom will authorise the requests. Authorisation is set up within the supervisor menu as shown below.

Please note that a user cannot be both an authoriser and a requester!

Authorisation is set up within the supervisor menu as shown below.

If any users have been assigned rights, they will appear in the list.

Step 2

Select the ‘Add’ button. The screen below will appear and will allow you to select a user from the drop-down list, then allocate Erasure or Data Request permissions to them.

Click ‘Save’ and the user will be added to the list.

Step 3

You may amend a user’s rights by selecting the ‘Edit’ icon or delete the user from the list of Request Rights by selecting the ‘Delete’ icon.

To access the GDPR options to request either a file deletion or a data request, navigate to the ‘Clients & Matters’ area, then select ‘Clients’.

You will now see an option for GDPR as shown here. Select this to bring up the options available to you.

Step 4

First, we have logged in as a requester.

We will look at Data Requests. Select this from the GDPR menu under ‘Clients & Matters’ as shown above.

Select ‘New Request’ and then choose or search for a client in the available field.

Step 5

Once selected, the amount of matters, time ledger entries, client ledger entries and matter history entries will be displayed.

Select ‘Save’ to confirm the request, as seen below.

The following message will be received by email. ” Your data request has been approved. We’ll notify you as soon as the data is available in your matter history.”; 

Step 6

For the final part of this guide, we will log in as an authoriser.

To approve a data request, Select ‘Data Request Approval’ from the GDPR menu. The list of requests will appear. As with data erasure, you will be able to undo a request should you wish. Click the ‘Select’ icon to approve.

The following message will then appear to advise that the data will be ready in 24 hours.

Select the ‘Yes’ button to confirm approval or click ‘No’ to return to the list of requests.

Following the 24 period, the data will be available as a zip file from the chosen client’s Matter History and can then be emailed or downloaded as required.

Please note: Emails exported using the Office 365 Outlook Add-in will be shown in a file named emails.pdf within the zip file.

The following message will be received by email “Your data request is ready for download. Please check your matter history.”;