In message <003201c4c2cc$29e49660$0500a8c0@DAD1>, at 00:12:39 on Fri, 5
Nov 2004, davidwyatt <[log in to unmask]> writes
>There are however many 'retention' obligations in existence ie Company
>incorporation records, appointment of officers (personal data) as one
>example. It does also however depends on how 'emails' are used as part of
>records management. Emails content can form part of many contracts ie
>between employer and employee or customer and financial services supplier
>(whose products are information based).
>
>If your organisation uses email and is subject to any such retention
>obligations then appropriate tools to secure and retrieve the information
>are required not because of DPA but because of the other obligations.
>However as we know once any personal data is created or held in the email
>management systems then DPA starts to bite.
The issue that's very much a "live one" with respect to Data Retention
of Communications Data is whether or not you can say that because you
are legally obliged to retain *some* of the data, it's OK to retain
*all* of the data (because it's "too hard" to weed out one set from the
other when the normal business purpose expires on the majority).
--
Roland Perry
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|