What is someone doing sending sensitive personal data between individuals
which is nothing to do with the work to a work email address.
As the policy of the Univ of Aberystwyth
http://www.aber.ac.uk/~datwww/email-policy.shtml suggests emails are not a
confidential service.
It points out that they can be:
"- intercepted by third parties (legally or otherwise)
- wrongly addressed
- forwarded accidentally
- forwarded by initial recipients to third parties against your wishes
- viewed accidentally on recipients’ computer screens"
When I worked for a Primary Care Trust I sent an email to what I thought was
an internal colleague within the Trust. On looking at the Sent folder I
realised that I had sent the email by mistake to a journalist on a local
paper. I realised that the PC had been used previously by the Communications
Team - this was one of their contacts and the PC had "remembered" the email
address.
I told our Complaints Manager about this for some reason - it turned out
that she had previously been a journalist and she wrote to the journalist
pointing out to him that this email had been sent to him in error etc.
Obviously I would have really been in the mire if it had been nothing to do
with work and I had sent an embarrassing email to an unintended recipient.
Caveat scriptor - or something similar.
Nick Landau
----- Original Message -----
From: "Christopher Spray" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Wednesday, October 25, 2006 6:04 PM
Subject: Re: [data-protection] Email quarantine systems
>I Agree that consent is generally unlikely to be necessary, but they would
> need to give fair processing information - what is in the friend's
> employer's email footer? What if the emails contain sensitive personal
> data - consent needed then?
>
>
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]]On Behalf Of Carter, Antoinette
> (MCS)
> Sent: Wednesday, October 25, 2006 5:28 PM
> To: [log in to unmask]
> Subject: Re: [data-protection] Email quarantine systems
>
> I would say that the data controller has a legitimate business purpose
> for processing this data, and therefore has satisfied the "Schedule 2"
> requirement; and therefore does not require your consent to legitimise
> the processing.
>
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.1.408 / Virus Database: 268.13.11/496 - Release Date:
> 24/10/2006
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list
> owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|