Thanks for your reply, i'm glad i'm not on my own.
The only way round this issue that I can see so far, is to conduct an
audit of every area, every room etc to see who, what and where data
storage is handled. As we are a large college this could take some
time!
I'm hoping we can reduce the problem by eliminating duplication of
storage, not sure exactly what impact this will have yet.
Chriss
>>> "Fothringham, Teresa Steuart" <[log in to unmask]> 02/05/02
>>>
I have to agree with Colette. I don't think this is something that has
been
tackled seriously, if at all, in HE. It seems very difficult to make
staff
feel that the DPA applies to *them* and the paperwork *they* hold in
*their*
offices.
We are trying to undertake a survey of all offices and ensure that all
desk
drawers and filing cabinets etc have keys (although some of them are so
old
that they may have to be replaced which is giving the facilities
manager and
budget holders some financial worries), but how we enforce the locking
of
these, and indeed office doors, is a different matter. This is
especially
difficult in offices which are shared (a common occurrence here) and
in
departmental offices which are busy crossroads and are expected always
to be
open.
I think that the key may be in identifying specific people who have
access
to data and thus only they have keys to filing cabinets etc. This does
however then necessitate the creation of systems to work when those
dedicated people are on holiday or off sick and policies that all
those
involved cannot be off at the same time etc...
Teresa
-----Original Message-----
From: Colette Healiss [mailto:[log in to unmask]]
Sent: 02 May 2002 09:42
To: [log in to unmask]
Subject: Re: Security of Manual Records
Hi Chriss
Though I am ready to be contradicted, I doubt there are many HE
institutions which have so far taken this area seriously. I used to
work
at Manchester University and I am sure that even the existence of the
DP
officer was an obscure fact only a handful of people were in possession
of.
Perhaps FE & FE/HE colleges are a different kettle of fish in this
respect
(as in many others).
Chriss Howes
<[log in to unmask] To:
[log in to unmask]
C.UK> cc:
Sent by: This list is Subject: Security
of
Manual Records
for those interested
in Data Protection
issues
<data-protection@JISCM
AIL.AC.UK>
01/05/2002 16:26
Please respond to
Chriss Howes
We are currently in the flow of providing awareness and training for
college staff on the DPA.
I am looking at the security aspects of the Act and would be interested
to
know how other Colleges are dealing with the security of manual
records.
These are held in various locations, do colleges have 'clear desk'
policies
where nothing is left out unattended? Are all forms kept in locked
cabinets/drawers? Is a locked room sufficient?
Any comments would be gratefully received.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
**********************************************************************
This message is sent in confidence for the addressee only. It may contain confidential or sensitive information. The contents are not to be disclosed to anyone other than the addressee. Unauthorised recipients are requested to preserve this confidentiality and to advise us of any errors in transmission.
Any views expressed in this message are solely the views of the individual and do not represent the views of the College. Nothing in this message should be construed as creating a contract. Thank you.
**********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|