Ian Mansbach on 16 September 2004 at 11:13 said:-
> Oops, my previous post was badly written!
>
> It is the record of the request for disclosure that might "be
> kept forever,
> disclosed to anyone, transferred outside the EEA etc etc" not the
> information requested which may well be personal data and
> protected by the
> DPA.
Not necessarily.
Those parts of any exemption or SAR response which contain personal data
relating to the data subject after redaction, and which then fall within the
personal data definition as amended by Durant would be subject to the DPA.
Dependent upon the filing system thought appropriate by the responding
organisation that could be all, part, or none of the response.
I have certainly dealt with responses in the past when, after redaction, and
taken out of context, some of the data would certainly no longer be personal
data.
Ian W
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|