|Current Status||Closed||Implementation Date||N/A|
Executive SummaryWhilst discussing DTC CP3313 Provision of Special Needs Customers’ Telephone Numbers, MDB_10_08 noted concerns with respect to:
- managing data protection when passing between parties’ personal data, especially when this contained third party contact information for vulnerable customers; and,
- when sending automated flows, establishing what controls need be in place to ensure that any data overwritten is accurate and relevant.
- MDB agreed that these were important design considerations for IREG, and with regards to data security it would be helpful to have a guidance note reinforcing parties’ responsibilities as Data Controllers, whilst for overwrites relevant parties will need to consider the form of their exception processing.