ABSTRACT
The data protection regime provides, or enshrines, a number of key rights for individuals in relation to their informational personal data. When considering the respective rights, organizations should not forget to consider the potential recipients of the various data protection rights. Possibly the most important right relates to the right of individual data subjects to access or obtain a copy of their personal data as held by organizations. Individual data subjects have a right of access to personal data. The individual data subject has a right to prevent processing likely to cause damage or distress. Importantly, individual data subjects have specific rights in relation to rectification, blocking, erasure, and destruction and what is becoming known as the right to be forgotten. The rights are expanding, more explicit, and more nuanced in the GDPR. It is important that organizations keep abreast of the expanding rights and obligations.
