I have only glanced at PD0008 but from my recollection, you need to have a records management policy, information security policy and audit procedures and retention schedule in place prior to the scanning taking place. IF your policies and procedures weren't in place prior to the scanning then you may need to retain the originals
Janette
Janette Young
Information and Records Manager
The University of Wolverhampton
Wulfruna Street Wolverhampton WV1 1SB
Tel: 01902 322444
Fax: 01902 322281
This email, together with any attachment, is for the exclusive and confidential use of the addressee(s) and may contain legally privileged information. Any use, disclosure or reproduction without the sender's explicit consent is unauthorised and may be unlawful.
Any e-mail including its content and any attachments may be monitored and used by The University of Wolverhampton for reasons of security and for monitoring internal compliance with the University's policy on internet use. E-mail blocking software may also be used. The University cannot guarantee that this message or any attachment is virus free or has not been intercepted and amended.
If you believe you have received this message in error please notify the sender by email, telephone or fax and destroy the message and any copies.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Paul Dodgson
Sent: 18 May 2006 14:00
To: [log in to unmask]
Subject: Re: [data-protection] Destroying Personal Data
I would only suggest that you consider the Standard PD0008. Then I
started to ramble.....
Personally is great but would your opinion be any different
professionally?
Are there adequate disaster recovery measures in place re the electronic
content?
Did you have a fair processing notice which detailed how content would
be stored?
Who is the Data Controller?
How will they dispose of the content?
Who will audit the disposal process?
Is it a like to like process?
Paul
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Aston Information
Security
Sent: 18 May 2006 13:45
To: [log in to unmask]
Subject: [data-protection] Destroying Personal Data
Afternoon all
I just need confirmation on something.
A Primary Care Trust client has been asked by a GP practice whether they
can
destroy all their paper patient records, as they have now all been
scanned
into their computer.
Personally, I do not think there is a problem destroying the paper docs,
as
long as there has been an audit to ensure that the docs scanned
accurately.
Does anyone have a different view?
Thanks
JASON PARKER-SMITH
BS7799/ISO17799/ISO27001 Consultant
www.astoninfosec.co.uk
This e-mail is confidential and intended solely for the use of the
individual to whom it is addressed. Any views or opinions presented
(including attachments) are solely those of the author and do not
necessarily represent those of Aston Information Security Ltd.
If you are not the intended recipient, be advised that you have received
this e-mail in error and that any use, dissemination,
forwarding, printing, or copying of this e-mail is strictly prohibited.
If you have received this e-mail in error, please contact the sender.
Whilst every effort has been taken to ensure protection against virus
infection, we cannot accept any responsibility for viruses.
Consequently,
please ensure that all attachments are virus checked prior to opening.
^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
_______________________________________________________________________
Leicestershire County Council - rated a 'four-star' council by the Audit Commission
_______________________________________________________________________
This e-mail and any files transmitted with it are confidential. If you are not the intended recipient, any reading, printing, storage, disclosure, copying or any other action taken in respect of this e-mail is prohibited and may be unlawful. If you are not the intended recipient, please notify the sender immediately by using the reply function and then permanently delete what you have received.
Incoming and outgoing e-mail messages are routinely monitored for compliance with Leicestershire County Council's policy on the use of electronic communications. The contents of e-mails may have to be disclosed to a request under the Data Protection Act 1998 and the Freedom of Information Act 2000.
The views expressed by the author may not necessarily reflect the views or policies of the Leicestershire County Council.
Attachments to e-mail messages may contain viruses that may damage your system. Whilst Leicestershire County Council has taken every reasonable precaution to minimise this risk, we cannot accept any liability for any damage which you sustain as a result of these factors. You are advised to carry out your own virus checks before opening any attachment.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|