Tim & Others,
Funnily enough, this questions arose here only last week when a
headteacher was caught using a live pupil record system to assess
competence of candidates at interview!
My understanding of the issue is roughly :-
1) The old - sorry former - Registrar advised years ago that live data
cannot be used for test systems. Full stop, no arguments. Just don't do
it. By live, I take this to mean real data relating to real people that is
about individuals who can be identified.
2) So, by implication, if you have a test system (prototype system, copy
of the live one to test new ideas, etc) you must not populate it with live
data of any form. You need to make up the data. Obviously, this could be
a time consuming job if it is necessary to create large data files.
(Equally obviously, if you want a test system to test interview
candidates, you MUST NOT use live data!)
3) The only possible exception will be where a new system is being subject
to final commissioning. Here, live data must be present otherwise the
test cannot take place. This is a special case. Normally, I would expect
such testing to be undertaken by the supplier in close conjunction with
the client Department. Here it will be essential to cover the Data
Protection issues though the contract with the supplier. It MUST have DPA
and associated confidentiality clauses that not only bind the contractor
but any subcontractors that may be hiding in the background.
4) When constructing dummy data files beware of the obvious but often
forgotten dangers of allowing the programmers to think up "clever" names.
While the odd "Mr. M. Mouse" might be excused, there is a real danger that
the names of living individuals will be created by accident and of some
idiot finding the test results and acting upon them. Some while ago when
our housing applications were being transcribed from paper to electronic
copy, the team amused themselves by finding "famous names" on the waiting
list. Believe it or not, there was a real Ena Sharples living in Leeds at
the time. So, use totally spurious names.
Roger Cook
______________________________ Reply Separator _________________________________
Subject: Live personal data for system testing
Author: "Wright; Tim" <[log in to unmask]> at Internet
Date: 04/10/00 11:07
I've been trying in vain to find some guidance on the DPC's website
(incidentally why on earth can't they call themselves the "Data Protection
Commission" instead of the long-winded "Office of the Data Protection
Commissioner"?) regarding the use of live data for testing systems.
It's taken as read that this should only be used where necessary. I seem to
remember in the old Act's "Guidelines" there was some mention of anonymizing
data. There are the obvious things about covering security of access to test
data when it's real, and being careful with test printouts etc. But I
wondered if there was anything comprehensive out there?
Anyone produced their own guidelines?
Tim
--
Tim Wright
Director - Technology Audit
Charles Schwab Europe
Tel: +44 190 852 7793
Mobile: +44 7932 669 074
Fax: +44 190 852 7593
__________________________________________________________________________
Please ensure that any attachments to this E-Mail are checked for viruses.
__________________________________________________________________________
________________________________________________________________________
The information in this email (and any attachment) may be for the
intended recipient only. If you know you are not the intended recipient,
please do not use or disclose the information in any way and please
delete this email (and any attachment) from your system.
________________________________________________________________________
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|