I think the issue here is probably one of terminology - we're referring to 'live' data without pinning down what we mean by the term.
A database comprising current, up to date customer data is just a load of data until you feed it into a service delivery system. If that system delivers an actual service / outcome to (or directly involving / affecting) the customer, it's a Live (capital L) system and - by extension, the data in it is also Live.
However, if you take an exact duplicate of the original database and feed it into a service delivery system that delivers a modelled / notional service / outcome that's just to see what happens, and doesn't come close to involving / affecting the original database subjects - then it can't really be said to be 'live' in any real-world affecting way.
It's still using personal data, so we still need to ensure it's not misused, abused and cast aside unsafely, but I don't see an automatic block on using in it in a decidedly non-Live simulation / system solely for research purposes.
Owen Thomas
Deputy Data Protection Officer
Data Protection Office
Strategy, Performance and Transformation Directorate
Sunderland City Council
0191 5611263
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|