Have tried to encourage some form of effective document management processes
to be used as a helper. Some areas better than others. Unfortunately the
world is never perfect hence the need for effective search tools.
Ian W
----- Original Message -----
From: <[log in to unmask]>
To: <[log in to unmask]>
Sent: Thursday, February 01, 2001 11:05 AM
Subject: Re: 40 days or not 40 days that
> Date: 1 February 2001
> To: I0000284 EXTERNAL
> From: John Hanson GBSAFE00 SFWY2-3, atrium SW
>
> Subject: Re: 40 days or not 40 days that is t
>
> To really track personal data would involve forcing all data users to
> classify
> data every time they want to save anything (data labelling). A tad too
> onerous
> for most users I imagine :-)
>
> Whereas military use Mandatory Access Controls (rate data with security
> levels)
> and each of their personnel a security clearance up to a certain level,
> business would be more likely to adopt Discretionary Access Controls and
use
> ratings like "Secret/Commercially Confidential/Personal/Internal
Only/Open"
> just to help "data owners" to define a ruleset for administrators to use
> when
> giving access to data. Data labelling in this way may not however be
> available
> outside mainframe environs, except sticky labels for manual data of course
> :-)
>
> As well as classifying data, its intended retention period would be also
be
> useful metadata with particular data protection benefits.
>
> Anyone think their users would accept this level of effort even if it were
> technically possible ?
> :-b
>
>
> --------------------------------------------------------------------------
--
> --
> Date: February 1, 2001
> From: {SMTP:[log in to unmask] EX074924 -
> EXTERNAL
> To: [log in to unmask] I0000284 -
> EXTERNAL
> Subject: Re: 40 days or not 40 days that is t
> --------------------------------------------------------------------------
--
> --
> In a message dated 01/02/2001 10:12:55 GMT Standard Time,
> [log in to unmask] writes:
>
> << Software tools would be wonderful, but alas probably a non-existent
> nirvana
> as every platform would need something specific. And most companies will
> have proprietary databases etc etc. So there are still going to be jobs
for
> everyone after all. Phew. >>
> ----------------
>
> I agree. And don't forget that some managers (and staff) hold manual and
> computer records that sometimes are not divulged during a data audit -
> assuming you have done one.
>
> If a data subject fails to get a copy of these files they may complain to
> the
> ODPC.
>
> Ian B
> www.keepitlegal.co.uk
>
>
>
>
> John Hanson
> Information Security
>
>
>
>
****************************************************************************
> * Unencrypted electronic mail is not secure and may not be authentic.
*
> * If you have any doubts as to the contents please telephone to confirm.
*
> * The information contained in this message is confidential and is
*
> * intended for the addressee(s) only. If you have received this message in
*
> * error or there are any problems, please notify the originator
*
> * immediately. The unauthorised use, disclosure, copying or alteration of
*
> * this message is strictly forbidden. Opinions, conclusions and other
*
> * information expressed in this message are not given or endorsed by
*
> * Safeway unless otherwise indicated by an authorised representative
*
> * independent of this message.
*
>
****************************************************************************
|