T 3.13 Transfer of incorrect or undesired data records

It is possible that data media intended for dispatch might contain data from earlier transactions not meant for disclosure to the recipient. If this data is not physically and intentionally deleted, it will be possible for the recipient to view it.

If the data to be transferred is located within a directory containing additional data requiring protection, there is the danger that they will be transferred inadvertently to the data medium as well (e.g. by copy *.*) and become accessible to the (unauthorised) recipients.

If data records have to be sent directly via data networks instead of 'storage' media (e-mail via the Internet, modem links, Intranets, X400 service), communication programs offer the possibility to use short descriptions for complex address and distribution lists for multiple dispatch. If such distribution lists are not kept centrally or not updated at regular intervals, data records might be sent to addresses of persons who are no longer authorised.