s77 of the Freedom of Information Act makes it an offence for public
authorities to alter, deface, destroy etc. records with the intention of
preventing disclosure where a request has been received either under the FOIA
or a SAR under DPA s7. This offence extends to employees etc. of the public
authority.
-----Original Message-----
From: [log in to unmask]
Sent: 19 April 2002 12:05
To: [log in to unmask]
Subject: Re: Subject Access Request - Procedure
We have looked at this matter as a part of our own internal policies and not
come to a "legal based" conclusion. What we are doing is adopting a set of
policies. The policies are along the lines of tests of reasonableness.
For example we wish to prevent wilful destruction of records to prevent an
offence or potential offence from being committed. There is even an
argument that says that early destruction of data is "unfair processing",
though I am not sure if I subscribe to that view.
We view "Document/Data Destruction Cycles" as things that require
documentation, and are formalising these. Anything destroyed outside those
cycles automatically puts the person doing it at professional risk.
We view the time period for a Subject Access request as being a guideline
for reasonableness and add 50% to it, taking, since we are global, the
longest world-wide SAR period as our yardstick.
Hope this is of some use.
_____________________________________________________________
Tim Trent
Director of Database Marketing; Chief Privacy Officer EMEA
> Gartner
EMEA Marketing, Tamesis, The Glanty, Egham, Surrey, United Kingdom,
TW20 9AW
Switchboard +44 (0)1784 431 611, Direct Line +44 (0)1784 267 335, Mobile +44
(0)7710 126 618
Visit our home on the web: http://www.gartner.com
The opinions expressed in this message are my own, and may or may not
reflect those of my employer. They are expressed as a part of the
discussion on the JISCMail mailing list on data protection and for no other
purpose. They have no legal standing and are offered as part of informed
and informal discussion. They may NOT be attributed to Gartner in any way.
Any personal data provided is provided expressly for use of discussions on
the JISCMail Data Protection Discussion list. Under the UK Data Protection
Act 1998 I expressly forbid any individual or organisation to make
commercial use of my data published either on the email list or in the
archives of that or other lists whether this message appears or not. This
includes messages already published in the archives.
-----Original Message-----
From: S.Allely [mailto:[log in to unmask]]
Sent: 19 April 2002 11:44
To: [log in to unmask]
Subject: Subject Access Request - Procedure
We are reviewing our DP procedure for Departments and Schools relating to
the handling of SARs.
We would like to make it clear to them that once a SAR has been received
(Fee and proof of identity) they cannot start shredding information that
they do not wish to disclose!
Obviously this is an offence, Principle 7 particularly applies, but is it
an offence particularly under DP. None of the offences in DP Act seems to
apply or would it fall under other legislation?
Any guidance gratefully received.
Sue
--
__________________________________
Susan Allely
Director's Secretary / Data Protection Administrator
Gwasanaethau Gwybodaeth / Information Services
Adeilad Deiniol
Ffordd Deiniol
Bangor
Gwynedd
LL57 2UX
Tel: 01248 382961
Fax: 01248 383826
E-mail: [log in to unmask] / [log in to unmask]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
******************** E-mail confidentiality notice ********************
This message is intended for the addressee only. It is private,
confidential and may be covered by legal professional privilege or
other legal or attorney/client privilege. If you have received this
message in error, please notify us and remove it from your system.
If you require assistance, please contact our London office
(telephone +44 (0) 20 7490 4000).
Masons is an international law firm with offices in London, Bristol,
Edinburgh, Glasgow, Leeds, Manchester, Brussels, Dublin, Hong Kong,
Guangzhou and Singapore.
Further information about the firm and a list of partners is
available for inspection at 30 Aylesbury Street, London EC1R OER
or from our Web site at www.masons.com
***********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|