Print

Print
In addition to the point James raises, if you deal with it strictly as a SAR there will most likely be a large number of emails which are not the PD of the requester at all (other than his / her name) as the content will be about work issues and not about the data subject.

 

----- Original Message -----

From: James Walkom

Sent: 03/31/14 10:19 AM

To: [log in to unmask]

Subject: Re: [data-protection] Access to email account

 

Hi Matt,

 

 

 

 

 

If it is a SAR then you have to comply with it but I would be hesitant about giving access to all e-mails between a set period as the individual is no longer an employee and (depending on what their job was) there could be the personal data of 3rd parties contained in them – or at least commercially sensitive information – and this could result in a breach of the DPA.

 

 

 

 

 

You don’t have to provide a copy of the actual e-mails so I would consider extracting their personal information and provide a hard copy of this. As a minimum, I would ensure the e-mails are reviewed beforehand and anything that isn’t their personal data, redacted

 

 

 

 

 

James

 

 

 

 

 

 

 

 

 

 

 

James Walkom   
Regulatory Consultant
Jelf
Tel: 01454 525182   

 

 

 

 

 

Insurance | Employee Benefits | Financial Planning

 

 

 

 

 

Jelf
Hillside Court, Bowling Hill, Chipping Sodbury, BS37 6JX    Tel: 01454 272727    Fax: 01454 272728

 

 

P   Think green - please do not print this email unless you really need to

 

 

 

 

 

This email, and all related attachments, is strictly confidential and intended solely for the person or organisation to whom it is addressed. If you have received this information in error, please notify us as soon as possible and delete the email. If you are not the intended recipient, you must not copy, distribute or take any action in reference to it. Any such action may be unlawful.

Jelf Insurance Brokers Ltd* (Reg No. 0837227), Jelf Wellbeing Ltd* (Reg No. 2647586), Jelf Financial Planning Ltd* (Reg No. 3072281) and Jelf Commercial Finance Ltd (Reg No. 4333281) are part of Jelf Group plc (Reg No. 2975376) and are all registered in England and Wales at Hillside Court, Bowling Hill, Chipping Sodbury, BS37 6JX. *Authorised and regulated by the Financial Conduct Authority (FCA). Not all products and services offered are regulated by the FCA.

 

 

 

 

 

www.jelfgroup.com

 

 

 

 

 

 

 

 

 

 

From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Matt Morrison
Sent: 31 March 2014 09:55
To: [log in to unmask]
Subject: [data-protection] Access to email account

 

 

 

 

 

Hi all

 

 

 

 

 

Monday morning question here.

 

 

 

 

 

We have received a request from a former member of staff for access to the emails held in their account between a set period (we still hold the emails). I don't know all the circumstances of the request, but suspect it may be related to an HR issue. 

 

 

 

 

 

The request has been made as a SAR and I am wondering if others have dealt with something similar and, if so, did you deal with it as a SAR? Are emails sent in a work capacity a number of months ago personal data? I suspect they may well be, depending on the content. 

 

 

 

 

 

We do also have an authorisation procedure for allowing access to email accounts in appropriate circumstances (this could even be supervised access).

 

 

 

 

 

Any thoughts welcome!

 

 

 

 

 

Best wishes

 

 

 

 

 

Matt Morrison

 

 

 

 

 

Information Rights Officer

 

 

University of Bristol

 

 

0117 3317751 (ex.17751)

 

 

 

 

 

This e-mail is for the above named recipient(s) only. It

 

 

may contain proprietary material, confidential information and/or be

 

 

subject to legal privilege. It should not be disclosed to or used, retained

 

 

or copied by, any other party. If you are not an intended recipient then

 

 

please delete this e-mail and all copies and promptly

 

 

inform the sender. Thank you.

 

 

 

 

 

Please note that in order to protect the security and working of University

 

 

network and computer systems, it may be necessary to intercept, monitor,

 

 

record, copy, audit, inspect and/or disclose to authorised University and

 

 

law enforcement personnel any files, messages and any or all uses of the

 

 

systems. The University may also be required to disclose this email as a

 

 

result of a freedom of information or data protection request, or in

 

 

connection with litigation.

 

 

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

 

 

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

 

 

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

 

 

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

 

 

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)

 

 

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)

 

 


 

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)