Can someone please clarify for me the procedure when deleting personal data.
Must every item and every individual record be recorded as destroyed (
which then by itself becomes P.D by having to record the destruction
against each D.S) or can more general terms be used.
My situation is that an extremely large amount of data has been collected.
Basic details of personal identifiers,collected during a canvassing process
to test knowledge level and provide subsequent requested information.
At the end of this process we have no need nor desire to retain this data.
Is it sufficient to say e.g 50,000 records from electoral roll at Feb 2002
for "given" area containing personal identifiers were dstroyed by shredding
at a "given" date?
Any thought extremely welcome.
Thanks
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|