It would make my life as an Exchange Admin a bit easier if we could just wipe all emails more than a year old and then blame the Data Protection Act :-)
Phil --------------------------------------------- Phil Randal Network Engineer Herefordshire Council Hereford, UK > -----Original Message----- > From: F Tincey [mailto:[EMAIL PROTECTED]] > Sent: 13 December 2001 12:09 > To: Exchange Discussions > Subject: FW: UK Data Protection law changes affect Exchange > Administrators > > > > Are UK Exchange Admins feeling the impact of this ????? > Do the group have comments ? > > This is taken from some marketing material forwarded to me, > I've removed > advertising blurb from the end of the mail. > > Fiona > > -----Original Message----- > Sent: 12 December 2001 17:39 > Subject: UK Data Protection law changes affect Exchange Administrators > > > Included in here > > > > * the law changes and how they affect YOU > > * the eight principles of the Data Protection law > > * how the Exchange Admin can help your company comply > > * three actions you should take to help uphold the law > > > > -------------- > > > How the new Data Protection Act affects the Exchange Administrator > > > > > Are you aware that the Data Protection Act changed on 24 > October 2001, and > that > > some of the clauses of its enforcement affect YOU? > > > > If you don't like reading e-mail about implications on the > law, read just > this one, > > it may save your company a lot of time and money. > > > > Changes in the law mean that even previously exempt companies > now have to > comply. > > Much of the law revolves around employees being able to > request access to > information > > held about themselves and it being held securely. And this > includes data > held in e-mails > > and public folders! > > > > So here is a good question for you. How would your Data > Protection Officer > search for > > personnel type information in your Exchange environment > (mailboxes and/or > folders)? > > > > Here are the 8 basic principles for Data Protection and work > out which can > be > > affected by the Exchange Administrator. Personal data must be ... > > 1 fairly and lawfully processed > > 2 processed for limited purposes > > 3 adequate, relevant and not excessive > > 4 accurate > > 5 not kept longer than necessary > > 6 processed in accordance with the data subject's rights > > 7 secure > > 8 not transferred to countries without adequate protection > > > > Obviously these are under the jurisdiction of the Data > Protection Officer > (DPO) or > > Information Officer (IO). > > But in terms of data held as e-mail YOU as the Exchange Admin > have high > levels of > > control on points 5, 7 and 8. > > > > What do you need to do? > > 1 - discuss the length of time that your DPO/IO wants such > information held > (point 5) > > and show him/her how you can manage that in Exchange. > > 2 - ensure that only the correct people have access to the > e-mails/folders, > and that > > no inadvertent rights have been granted (point 7). > > 3 - ensure none of this information has been > exported/replicated to other > servers (point 8). > > If it has, check where these servers are located, if in > European Union, you > are probably > > OK. If they are outside the EU (US or elsewhere) then talk to > your DPO/IO, > you need > > advice and they need to be aware. > > > > Remember Data Protection is not just about information coming > and going from > your > > system, but primarily about the information already stored there. > > *** If its there, you must be able to find it and ensure it > is secure.*** > > > > > > Principles of Data Protection can be found at > http://www.dataprotection.gov.uk/principl.htm > <http://www.dataprotection.gov.uk/principl.htm> > -- > ______________________________________________________________ > _________________ > > The information in this email and in any attachment(s) is > commercial in confidence. If you are not the named > addressee(s) or if you receive this email in error then any > distribution, copying or use of this communication or the > information in it is strictly prohibited. Please notify us > immediately by email at [EMAIL PROTECTED], and then delete > this message from your computer. While attachments are virus > checked, AWE plc does not accept any liability in respect of > any virus which is not detected. > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
