Working in Consent, DSAR, and PAIA
SOP-style guide for consent records, DSAR handling, subject self-service, PAIA manual tracking, PAIA reporting, and appeals in the current VerityLaw UI.
Working in Consent, DSAR, and PAIA
This page explains how to use the consent, request-handling, and PAIA routes that are currently visible in VerityLaw, including the internal queues and the employee self-service pages.
Product: VerityLaw
Module: Consent, DSAR, PAIA
Role: Information Officer, privacy operator, employee user, support staff
Difficulty: Beginner
Time: 12 to 18 minutes
Last Updated: 2026-03-10
Version: Current repo baseline
Before You Start
- Know whether you are acting as an internal privacy user or as the individual submitting a self-service request.
- Keep the requester name, purpose, and reference details ready.
- Read Working in Privacy Overview and Information Officer first if you need the broader privacy context.
What does this module cover?
This manual covers:
- Consent Management
- Consent Monitoring
- DSAR Management
- Submit SAR
- My Consents
- PAIA Manual
- PAIA Report
- PAIA Requests
- PAIA Appeals
Important route note
The PAIA Requests route currently redirects to DSAR Management. Treat DSAR Management as the working request queue for PAIA-style access handling in the current UI.
Record and maintain consent
Review the consent register
- Open Consent Management.
- Review the summary cards:
- Total Records
- Active Consents
- Withdrawn
- Pending
- Review the table for:
- Data Subject
- Organisation
- Purpose
- Status
- Method
- Date
- Use Edit, Withdraw, or Delete where needed.
Create a new consent record
- Click New Record.
- Complete Data Subject Details:
- Name
- Email if available
- ID Number if available
- Complete Consent Details:
- Purpose
- Consent Date
- Method
- Evidence Path if you have one
- Expiry date if applicable
- Click Create Record.
- Confirm the record appears in the consent register.
Update an existing record
- From Consent Management, click Edit on the correct row.
- Update the stored details.
- Click Update Record.
Use Consent Monitoring for supervisory review
- Open Consent Monitoring.
- Review the top metrics:
- Active Consents
- Expired
- Withdrawn
- Expiring Soon (30d)
- If the warning banner appears, review expiring records immediately.
- Use the Consent Health by Purpose table to identify the weakest consent area first.
Honest scope note
This page is a monitoring dashboard grouped by purpose. It does not expose direct row-level edit actions.
Run the DSAR queue
Review the request queue
- Open DSAR Management.
- Review the top counters:
- Total DSARs
- Pending Verification
- In Progress
- SLA Overdue
- Review the table columns:
- Reference
- Data Subject
- Type
- Status
- SLA Due Date
- Assigned To
- Open Edit for the request you need to work.
Create an internal DSAR
- Click New DSAR.
- Complete:
- Request Type
- Data Subject Name
- Data Subject Email if available
- Data Subject ID Number if available
- Description
- Click Submit DSAR.
Update request status and ownership
- In the request row, click Edit.
- Review the read-only details:
- Reference
- Data Subject
- Type
- Update:
- Status
- Assigned To
- Response Notes
- Click Update DSAR.
Honest scope note
The current DSAR edit workflow manages status, assignment, and notes. It does not expose a full identity-verification, evidence-upload, or fulfilment-document process on this screen.
Use self-service SAR correctly
- Open Submit SAR.
- Choose the request type.
- Enter a clear description.
- Submit the request.
- Record the returned reference number.
What happens after submission?
The screen shows a success panel with the generated request reference and sends the user back toward My Compliance. That is the confirmed current self-service outcome.
Use My Consents for employee self-service
- Open My Consents.
- Review the Active, Withdrawn, and Total counters.
- Review each consent card for:
- Purpose
- Given date
- Method
- Expiry
- If the consent is still active and should end, click Withdraw.
- Enter a reason.
- Click Confirm Withdrawal.
Use the PAIA Manual page honestly
- Open PAIA Manual.
- Review the overview text and the manual status cards:
- Last Updated
- Version
- Submitted to Regulator
- Next Review Date
- Review the mandatory-section table.
- If no manual exists, click Create Manual.
Honest scope note
The current PAIA manual route is a status and section-tracking screen. It is not a section-by-section editor for all manual content.
Use PAIA Report for annual review
- Open PAIA Report.
- Review each year block separately.
- Check:
- Total Requests
- Average Response Days
- Granted
- Refused
- Review the By Status and By Decision breakdowns.
Use PAIA Appeals as a review register
- Open PAIA Appeals.
- Review the summary cards:
- Total Appeals
- Submitted
- Under Review
- Resolved
- Review each appeal row for:
- Appeal Ref
- PAIA Ref
- Requester
- Grounds
- Status
- Outcome
- Filed
- Resolved
Honest scope note
The current PAIA appeals page is a reporting and review register. It does not expose create, edit, or decision-entry actions from the page.
Common mistakes to avoid
"PAIA Requests and DSAR Management are different current queues"
Why this happens: The sidebar has a separate PAIA label, but the route currently redirects.
Fix: Work from DSAR Management for the active request queue unless the product changes.
"Consent withdrawal and request completion are the same thing"
Why this happens: Both are privacy rights actions, but they serve different legal and operational purposes.
Fix: Use Consent Management or My Consents for withdrawal, and DSAR Management or Submit SAR for access, correction, deletion, or objection requests.
What's Next
Related Pages
- Working in Privacy Overview and Information Officer
- Compliance Operations
- Finding the Right VerityLaw Screen
Still Stuck?
- Return to VerityLaw Module Manuals.
- Use Working in Privacy Overview and Information Officer if you first need the privacy dashboard or processing register.
- Contact support:
support@veva.co.za
Was this page helpful? [Yes] [No]