As always, the answer is "it depends". As this is now the stock answer for all queries on data protection training courses and message boards, we should be able to save a lot of time - there is now no point in asking the question. It depends, in this case, on the nature of the in-tray. We could in fact re-name it the "depending" tray. Some staff have an in-tray where all the contents are always pre-input documents or forms in a prescribed format and the employee moves them to the out-tray when the data have been inputted. The "intent" is a matter of fact. In other cases, the in-tray is of a more generic nature where it is possible that none of the data will ever form part of a record. Usually, most in-trays contain some of each and it is up to each data controller to determine the likelihood of personal data occurring and to instruct each member of staff accordingly. Incidentally, one of my clients insists on a clear desk policy which includes locking away all desk trays at the end of the day! Ian B -------- In a message dated 24/01/05 10:31:26 GMT Standard Time, [log in to unmask] writes: > Would a physical 'In-Tray' or 'Pending-Tray' be categorised as a post > Durant > filing system? > > If not, why not and what DPA issues would capture 'any' personal data so > held? ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving message please send to the list owner [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^