+ Post New Thread
Results 1 to 12 of 12
School ICT Policies Thread, Data Retention Policies. in School Administration; I've been watching with interest how this is unfolding over the pond. So I'm wondering if anyone has pro-actively addressed ...
  1. #1

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,813
    Thank Post
    110
    Thanked 586 Times in 507 Posts
    Blog Entries
    1
    Rep Power
    225

    Data Retention Policies.

    I've been watching with interest how this is unfolding over the pond. So I'm wondering if anyone has pro-actively addressed this before we get encumbered with similar laws? If so how do you approach it? Do you apply you standard Record Retention Policy/Schedule that's used for paper based documents? Or do you do something else?

  2. #2
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,490
    Thank Post
    282
    Thanked 196 Times in 167 Posts
    Rep Power
    76

    Re: Data Retention Policies.

    Surely we can't be expected to keep every email for an almost indefinite period? This would require a constant backup system (so people can't delete emails before the nightly backup gets them) and warehouses full of backup tapes.

    The article interestingly doesn't say for how long we should keep this information, even if we did have it to keep. I would be interested to see how this new law, if it ever happens, fits in with DPA laws which state a maximum time period for which things should be kept.

  3. #3

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,992
    Thank Post
    1,359
    Thanked 1,828 Times in 1,135 Posts
    Blog Entries
    19
    Rep Power
    602

    Re: Data Retention Policies.

    The most commonly proposed solution is to have a silent archiver that is part of your filtering system. As mail is pushed through the filter it gets archived. The problem is that not all mail is relayed via a filter and it can be expensive to buy. Some mail servers also lose some of the additional functionality they may have (over and above that specified within the RFCs) when they are forced to route via a relay before delivering back to the originating server.

  4. #4
    ChrisP's Avatar
    Join Date
    Apr 2007
    Location
    norfolk
    Posts
    150
    Thank Post
    4
    Thanked 8 Times in 8 Posts
    Rep Power
    17

  5. #5
    greenfieldsupport's Avatar
    Join Date
    Mar 2007
    Location
    Newton Aycliffe, Durham
    Posts
    240
    Thank Post
    14
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    Re: Data Retention Policies.

    We looked into this as we have a mail server, which was almost ready for the students to use..

    We use postfix here and one of the commands in our main.cf file was:

    always_bcc = mailoutlog


    Which means EVERY e-mail sent or recieved would end up also written to an inbox called "mailoutlog", just a standard user with an almost impossible password for security...

    We could then as root archive the /home/mailoutlog file to DVD or CD, every few months... as most e-mails are small...


    perfect <3

  6. #6
    greenfieldsupport's Avatar
    Join Date
    Mar 2007
    Location
    Newton Aycliffe, Durham
    Posts
    240
    Thank Post
    14
    Thanked 3 Times in 3 Posts
    Rep Power
    16

    Re: Data Retention Policies.

    It was also possible we found to mount /home/mailoutlog on another system with a windows share, or a linux share... , for all you who like your networked backup...

  7. #7

    Join Date
    Jun 2007
    Posts
    2
    Thank Post
    0
    Thanked 0 Times in 0 Posts
    Rep Power
    0

    Re: Data Retention Policies.

    With Exchange 2007 and the introduction of the Hub Transport, all e-mail (even internal e-mail within the same server) goes through this Hub Transport, this means you can setup policies to acheive this goal.

  8. #8
    mrforgetful's Avatar
    Join Date
    May 2006
    Posts
    1,639
    Thank Post
    7
    Thanked 15 Times in 15 Posts
    Rep Power
    23

    Re: Data Retention Policies.

    Man, the privacy issues.

  9. #9

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,813
    Thank Post
    110
    Thanked 586 Times in 507 Posts
    Blog Entries
    1
    Rep Power
    225

    Re: Data Retention Policies.

    Yes, I was wondering how it could be justified in light of Data Protection.

  10. #10
    mrforgetful's Avatar
    Join Date
    May 2006
    Posts
    1,639
    Thank Post
    7
    Thanked 15 Times in 15 Posts
    Rep Power
    23

    Re: Data Retention Policies.

    I guess there's the old 'Our network, our resources, our information'.

  11. #11
    enjay's Avatar
    Join Date
    Apr 2007
    Location
    Reading, Berkshire, UK
    Posts
    4,490
    Thank Post
    282
    Thanked 196 Times in 167 Posts
    Rep Power
    76

    Re: Data Retention Policies.

    Quote Originally Posted by mrforgetful
    I guess there's the old 'Our network, our resources, our information'.
    All true, however as I understand it, under the DPA, anyone can request to see the information which you have on them. So, when someone's parents contact you and ask for this, you would have to go through every email in your 5-year archive to see if little Johnny gets a mention. Rather you than me!

  12. #12

    Join Date
    Mar 2006
    Posts
    537
    Thank Post
    2
    Thanked 3 Times in 2 Posts
    Rep Power
    19

    Re: Data Retention Policies.

    Quote Originally Posted by mrforgetful
    Man, the privacy issues.

    Doesn't RIPA say that mail stored on an organisations computers can be monitored so long as staff are warned in advance.

    Quote Originally Posted by Geoff
    Yes, I was wondering how it could be justified in light of Data Protection.
    Data protection is more about the accuracy and security reuired of organisations keeping information about an individual. As what has been discussed here is prinicaply email archiving presumably, you would have access to your own mailbox

    The above discussion seems to give the impression that only email matters but what about home directories or shared areas? How should the contents be recorded? just what's on backup at key points or milestone documents such as annual and interim reports, LEA/DfES returns, departmental reviews, development plans etc.?

SHARE:
+ Post New Thread

Similar Threads

  1. Programatic data extraction from SIMS.net Data Base
    By NetworkGeezer in forum MIS Systems
    Replies: 108
    Last Post: 16th February 2010, 09:22 PM
  2. Data Retention Policies?
    By Geoff in forum School ICT Policies
    Replies: 3
    Last Post: 1st May 2007, 12:12 PM
  3. More policies
    By GrumbleDook in forum School ICT Policies
    Replies: 7
    Last Post: 13th March 2007, 09:04 AM
  4. Data retention
    By Dos_Box in forum School ICT Policies
    Replies: 21
    Last Post: 27th March 2006, 08:40 AM
  5. Scottish ICT Policies
    By RobC in forum School ICT Policies
    Replies: 4
    Last Post: 20th June 2005, 10:45 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •