Could someone enlighten me here?
In the Pre-Durant era, when I got a Subject access request I used to supply
the data subject with [more or less] all existing email correspondence to
and from him/her - basically on the grounds that they were identified in
the headers.
Most of this correspondence would be of a business nature -- eg X agreeing
to do Y; discussion of some issue; exchange of facts; reasons for taking a
particular course of action etc.
Now, I weed the correspondence in an effort to identify what is personal
data under the new regime and supply only that. Is this the route everyone
else is taking, or do others still supply such correspondence unweeded?
Cheers
alison
-
Data Protection Co-ordinator
Business Improvements
Butts Wynd
University of St Andrews
Tel: 01334 463528
email: [log in to unmask]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|