Comments on: Looking after personal data…or not? The UCA and the DPA. http://www.zenosblog.com/2009/07/looking-after-personal-data-or-not-the-uca-and-the-dpa/ The random thoughts of a sceptical activist Thu, 12 Jan 2012 14:01:37 +0000 hourly 1 http://wordpress.org/?v= By: Zeno http://www.zenosblog.com/2009/07/looking-after-personal-data-or-not-the-uca-and-the-dpa/comment-page-1/#comment-310 Zeno Wed, 15 Jul 2009 00:29:16 +0000 http://tricia.asmallorange.com/~zeno/?p=42#comment-310 DavidP<br /><br />The ICO produce a good <a href="http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_specialist_guides/160408_v1.0_determining_what_is_personal_data_-_quick_reference_guide.pdf" rel="nofollow">guide</a> on how to determine what is 'personal data' and therefore covered by the DPA. Although there are several criteria to be met, basically it is any data from which I can be idnetified as an individual and includes emails, whether live or on an archive or back-up system. DavidP

The ICO produce a good guide on how to determine what is 'personal data' and therefore covered by the DPA. Although there are several criteria to be met, basically it is any data from which I can be idnetified as an individual and includes emails, whether live or on an archive or back-up system.

]]> By: DavidP http://www.zenosblog.com/2009/07/looking-after-personal-data-or-not-the-uca-and-the-dpa/comment-page-1/#comment-309 DavidP Tue, 14 Jul 2009 23:38:34 +0000 http://tricia.asmallorange.com/~zeno/?p=42#comment-309 G'day Zero,<br />Speaking from general IT knowleddge (I'm in Australia, and don't know the UK's rules specifically), generally acts like the DPA cover data held in "information systems" which can be organised filing cabinets. The key is that the data is held in a way that it can be processed. Emails in someone's personal mail account, and references to you in letters filed under the sender's name should not count as data about you held by the organisation - otherwise it becomes an impossible burden. G'day Zero,
Speaking from general IT knowleddge (I'm in Australia, and don't know the UK's rules specifically), generally acts like the DPA cover data held in "information systems" which can be organised filing cabinets. The key is that the data is held in a way that it can be processed. Emails in someone's personal mail account, and references to you in letters filed under the sender's name should not count as data about you held by the organisation – otherwise it becomes an impossible burden.

]]>