This is very true, where other legislation supersedes the former (DPA) -
Joseph
-----Original Message-----
From: Eldin Rammell [mailto:[log in to unmask]]
Sent: 28 September 2004 14:57
To: [log in to unmask]
Subject: Re: Direct Debit Guarantee Scheme
Indeed. There is sometimes a misconception that the Data Protection Act
requires us to destroy all records containing personal data as soon as they
become inactive. Not so.
We are required to keep records for no longer than is necessary for the
purpose for which they were created or held.
Since financial records are required to be held for 6 years beyond the end
of the applicable financial year, retaining them for this period does not
contravene the DPA, per se.
Regards,
Eldin Rammell.
Rammell Consulting
Organisational Effectiveness through
Records & Information Management
Mobile: 07940 859721
Tel: 01304 381691
Fax: 0871 661 0507
Email: [log in to unmask]
http://www.rammell.com
-----Original Message-----
From: The UK Records Management mailing list
[mailto:[log in to unmask]] On Behalf Of Jim Whitaker
Sent: 28 September 2004 11:54
To: [log in to unmask]
Subject: Re: Direct Debit Guarantee Scheme
Would you not keep records supporting financial transactions for the six
years after the end of the relevant financial year?
Jim
----------------------------------------------
Jim Whitaker
Head of Information Management and Internal Communications
British Educational Communications and Technology agency
Millburn Hill Road
Science Park Telephone 024 7679 7452
Coventry 024 7641 6994 (Ext 3341)
CV4 7JJ Fax 024 7684 7071
===================================================
-----Original Message-----
From: Phillip Bradshaw [mailto:[log in to unmask]]
Sent: 28 September 2004 11:48
To: [log in to unmask]
Subject: Direct Debit Guarantee Scheme
Has anyone considered or taken into account the provisions of the DDGS
in relation to retention periods - in particular the fact that banks
will on request refund a customer who claims payments have been made
after he 'cancelled' the DD - and this part of the guarantee is without
time limit.
For example we operate a club where monthly subscriptions are collected
from members by DD. The member resigns in September 2004 and we stop
collecting.
After 12 months (to comply with Data Protection) we destroy our records
of the member as 'we no longer need to keep them'. A month later he
writes to his bank and alleges he ceased to be a member in 2000 and the
bank, as it must, refunds 4 years subscriptions and claims it back from
us. We no longer have any records to show that this is fraudulent (we
cannot keep the financial records without keeping the personal details).
Do we keep the records indefinitely or do a risk assessment and just
keep them for a couple of years accepting a potential loss in a
(hopefully) small number of cases ?
If I ever emigrate to Brasil I will claim back 20 years Council Tax paid
by DD just before I leave !
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************
**********************************************************************
This e-mail, and any files transmitted with it, are confidential.
If you are not the intended recipient, please notify our Help Desk
(e-mail: [log in to unmask] or phone: +44-1293-573333)
immediately.
You should not copy or use this e-mail or attachments for any purpose
nor disclose their contents to any other person.
Please note that all e-mail messages sent to the Civil Aviation Authority
are subject to monitoring / interception for lawful business purposes.
**********************************************************************
|