 |
 |
Hello Everyone This thread is very pertinent to the GDPR related database things we are working on right now. I’m interested in knowing what your thoughts are on: a; the retention period for a Reader’s personal data after they have visited you : 3 years, 5 years or longer? How far would you go back to check to see if something was damaged or missing? b; the Reader’s rights of erasure - should they be given the right to perform this themselves, or request erasure for staff to then check first? What is your process to manage objections to this? Does the right to protect the documents trump those of the Reader’s immediate erasure request? All the best -- James Grimster Orangeleaf Systems Ltd 01743 352000 www.orangeleaf.com -- Privacy and Confidentiality Notice The information contained in this email message is intended only for the named person, firm or company to whom it is addressed. Such information may be confidential and privileged and no mistake in transmission is intended to waive or compromise any such privilege. If you have received it in error please destroy it and notify us on the address shown. Registered in England No. 3648762 | VAT 709 2483 28 > On 16 Apr 2018, at 12:17, susanhealy230 <[log in to unmask]> wrote: > > Further on GDPR, I think it is worth considering the details to be written in search room/attendance/sign-in registers, especially if they will be visible to the next signatory. Should you expect researchers to write contact details somewhere other researchers can see them? > > And I remember one conversation with someone in a private archive which allows access only after correspondence on the research topic but then requires the researcher to repeat details in the sign-in book. My question was why do you need all this if you have it already ? > > Of course, what this is all about is asking yourself rigorous questions about what personal details you need, knowing why you need them , and documenting it all so that you can point to a policy and justification if challenged. Good professional practice as well as contributing to GDPR compliance! > > All the best > > Susan Healy > > >> On 16 Apr 2018 at 11:53, <Groom, Tim (F&C)> wrote: >> >> Archives do also have paper trails of individual archival items requested in their reading rooms by identity-verified readers, in the form of document request slips kept in either date order or customer name order or both for a period of years. Those with electronic ordering systems have a further advantage. >> >> Further measures are also used such as the weighing of bundles of loose documents, which can alert the archivist to missing items, and CCTV cameras which can aid in investigation and deter potential thieves. >> >> Tim Groom >> >> <image001.png> >> Tim Groom | Senior Archivist >> Staffordshire & Stoke on Trent Archive Service >> >> Staffordshire Record Office, Eastgate Street, Stafford ST16 2LZ >> ': (01785) 278396 >> *: [log in to unmask] >> 8: www.staffordshire.gov.uk/archives >> Follow the Archive Service on Facebook and Twitter Contact the list owner for assistance at [log in to unmask] For information about joining, leaving and suspending mail (eg during a holiday) see the list website at https://www.jiscmail.ac.uk/cgi-bin/webadmin?A0=archives-nra