The GDPR requires organisations to fulfil subject access requests within one month of receipt of the request. It’s also no longer acceptable to send personally sensitive information via insecure email, to internal or external parties.

Credit Unions in particular, process copious amounts of personal data including bank statements, copies of passport or other forms of identification, PPS numbers, signed documents, contact information, and much more. This often creates challenges because in many cases, such large organisations aren’t aware of where all the personal data is stored, or how to retrieve it. To add to this, internal staff may make copies of such documents and file them in various locations, in hard or soft copy format.

Consider this… a new member joins your branch. They fill in a hard copy form that the Credit Union adds to its internal digital system. This form contains a huge amount of personal data. To accompany the application, they provide a copy of their passport and a bank statement as proof of address.

  • What happens to the hard copy application form?
  • Information relating to the new member must be sent to the processing office – how is this done? Email? USB?
  • Where does the new member’s photocopied passport and bank statement go? Hard and soft copies?

If for example, a member is looking for a loan – how may departments are involved in this? How many emails are sent internally? Where is the information provided by the member stored i.e. past bank statements, how many internal staff have separately saved this information, and where?

So, when a member, or an employee for that matter, requests a Credit Union to send them all the personal information they have on them, it can be very time consuming. To date, much of the processes for fulfilling subject access requests have been manual, such as logging when the request was received, photocopying the proofs of ID, retrieving the data, getting the documents sent to them by registered post, filing a copy of the signature confirming receipt etc.

Wizuda provides a centralised hub for managing your Subject Access Requests and email transfers securely, compliantly, and efficiently……

Like any new solution, much consideration goes into its implementation decision. It’s important the new solution gives added value and benefit in order to justify its roll out. With Wizuda you can rest assured you can:

  • Prove you’ve managed all Subject Access Requests compliantly and within SLA timeframes.
  • Have a more efficient and secure way of sharing data which will clearly show your members how seriously you take GDPR compliance.
  • Improve operational efficiencies through the Wizuda DSARs centralised hub for managing the request from initial receipt right through to completion.
  • Reduce resource costs significantly by moving to digital.


There is no doubt that technology and superior IT systems can standardise how financial institutes receive and fulfil Digital Subject Access Requests (DSARs) to ensure compliance under the GDPR. The Wizuda solution maintains a complete record of Data Subject Access Request activities in order to demonstrate compliance. Furthermore, it provides a smart email transfer system that allows users to send emails directly from their Outlook accounts or via a secure online portal, all the while enabling you to do so compliantly.

Wizuda works with some of the country’s largest Credit Unions including HSSCU, Progressive, Civil Service, and Skibbereen and Bandon. Here is why they chose Wizuda:

  • Email files of any size securely
  • Digital Subject Access Request management
  • Integration with Outlook email or use the Wizuda secure online portal
  • An easy and secure way for clients to upload data to them
  • Demonstrate and prove GDPR Compliant File Sharing
  • Easy to use
  • Full audit trails
  • Reduces the risk of ransomware attacks
  • Avoids the most common data breach of sending emails to the wrong person

We would welcome the opportunity to meet with you at CUMA this year, or another suitable date. Click here to arrange a meeting with a member of our team.

Read more about our work with Credit Unions here.

About Wizuda

At Wizuda we focus on developing IT solutions that help businesses grow and empower people to collaborate and stay connected, securely and compliantly. Headquartered in Dublin, Ireland, our ethos is, “Because Data Deserves Privacy.” Our Compliant File Share (CFS), Compliant Data Transfer (CDT) and Digital Subject Access Requests (DSARs) products, simplify GDPR compliance and enable secure file transfers for companies throughout the world, every minute of every day.

Wizuda is the innovation leader in providing software solutions that allow organisations to take control and track all data flows, internally and externally, to create an environment of compliance and data privacy. Wizuda customers have peace of mind that their data transfers are secure, compliant, visible, and audit ready at all times.

Follow Us On LinkedIn                   |       Follow Us On Twitter            |     Check Out Our Videos