As always, the answer is "it depends". As this is now the stock answer for
all queries on data protection training courses and message boards, we should
be able to save a lot of time - there is now no point in asking the question.
It depends, in this case, on the nature of the in-tray. We could in fact
re-name it the "depending" tray. Some staff have an in-tray where all the
contents are always pre-input documents or forms in a prescribed format and the
employee moves them to the out-tray when the data have been inputted. The
"intent" is a matter of fact. In other cases, the in-tray is of a more generic
nature where it is possible that none of the data will ever form part of a record.
Usually, most in-trays contain some of each and it is up to each data
controller to determine the likelihood of personal data occurring and to instruct
each member of staff accordingly.
Incidentally, one of my clients insists on a clear desk policy which includes
locking away all desk trays at the end of the day!
Ian B
--------
In a message dated 24/01/05 10:31:26 GMT Standard Time,
[log in to unmask] writes:
> Would a physical 'In-Tray' or 'Pending-Tray' be categorised as a post
> Durant
> filing system?
>
> If not, why not and what DPA issues would capture 'any' personal data so
> held?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
