Anoninette,
I am not sure this is a higher standard than that within the UK, based
on the example you have given. This could be considered a normal policy
under ISO17799/BS7799, and so a requirement for compliance with the 7th
principle.
Ian Barker
Group Data Protection & Information Security Officer
MORI
+44 (0)20 7347 3318
+44 (0)20 7347 3805
-----Original Message-----
From: Jo Archer [mailto:[log in to unmask]]
Sent: 01 December 2004 09:35
To: [log in to unmask]
Subject: Re: [data-protection] Poland DPA
Antoinette,
My first thought would be that you'd have to apply the local (higher)
standards but then having signed up to the EU Poland is not supposed to
do anything which could be construed as a barrier to trade. So if the
additional requirements/restrictions of Polish law amount to
protectionism then someone is bound to challenge it.
Jo
----- Original Message -----
From: Antoinette Carter <[log in to unmask]>
To: <[log in to unmask]>
Sent: Tuesday, November 30, 2004 4:41 PM
Subject: [data-protection] Poland DPA
I have been contacted by our office in Poland, who were one of the ten
countries to join the EU this year. The Polish DPA appears to set much
higher standards with regard to system user access/security than we do
in the UK. For example, they insist that users' passwords are changed
at least every 30 days. Our corporate policy is to apply the UK DPA
globally unless local legislation is stronger, which appears to be the
case here. But on reading the text of the Polish Act, Article 4 reads
"The provisions of the Act shall apply, save where otherwise provided
for by any international agreement to which the Republic of Poland is
party." Would you construe from this that signing up to the EU is just
such an international agreement, and that it is sufficient for us (as
registered data controllers in the UK) to continue to apply the UK
standards rather than the Polish. Any thoughts would be much
appreciated....
Antoinette Carter
Data Protection Officer
Tel: 0207 389 4970
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
_____________________________________________________________________
This e-mail has been scanned for viruses for MORI by MessageLabs. For
further information visit http://www.mci.com
============================
Disclaimer
This e-mail is confidential and intended solely for the use of the
individual to whom it is addressed. Any views or opinions presented are
solely those of the author and do not necessarily represent those of
MORI Limited.
If you are not the intended recipient, be advised that you have
received this e-mail in error and that any use, dissemination,
forwarding, printing, or copying of this e-mail is strictly
prohibited. If you have received this e-mail in error please either
notify the MORI Servicedesk by telephone on 44 (0) 20 7347 3000
or respond to this e-mail with WRONG RECIPIENT in the title line.
============================
_____________________________________________________________________
This e-mail has been scanned for viruses for MORI by MessageLabs. For further information visit http://www.mci.com
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|