The references come out of principle eight of the 1984 act and associated
guidance.
One area you should look at carefully is you e-mail policy. Does it clearly
state what e-mail can/cannot be used for.
Ian
----- Original Message -----
From: Charles Christacopoulos <[log in to unmask]>
To: <[log in to unmask]>
Sent: Thursday, March 16, 2000 2:18 PM
Subject: Re: DPA & email security
> ** Reply to note from "John MacNeill" <[log in to unmask]>
Thu, 16 Mar 2000 09:33:40 +0000 (GMT)
>
>
> > A question ...
> >
> > Manager A emails manager B with information (taken from electronic or
manual records)
> > about job applicants C, D, E, ... and employees J, K, L ...
> >
> > Given the insecurity of email, is there a breach of the 1998 Data
Protection Act?
>
> Under the previous Act (I see no reason why it should still not be the
case)
> you had to take adequate precautions to safeguard the data. Don't ask for
> any reference, I read it or found it and the ref. is inside my head.
>
> That is you should use PGP and not EMail disclaimers. I woudl say if you
> used PGP you'll be covered. As far as disclaimers go, check:
>
> http://somis.ais.dundee.ac.uk/dataprotect/emaildis/emaildis.htm
>
> If anyone wishes to donate their disclaimer to stick on my page you shall
get
> listed there.
>
> Charles
>
> ==============================================
> Charles Christacopoulos, Secretary's Office, University of Dundee,
> Dundee DD1 4HN, (Scotland) United Kingdom.
> Tel: +44+(0)1382-344891. Fax: +44+(0)1382-201604.
> http://somis.ais.dundee.ac.uk/
> Scottish Search Maestro http://somis2.ais.dundee.ac.uk/
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|