12.11 Daily Occurrence Log Entries (also referred to as DOB, DOL or Activity Log)
Daily Occurrence Log entries in either paper or electronic form may include personal data where there is necessity to process name, contact details and information relating to an occurrence including, but not limited to:-
- RIDDOR – Reporting of Injuries, Diseases and Dangerous Occurrences Regulations 2013 Health and safety matters;
- Lost property; and
- Damage to vehicles and other property.
Right to be Informed – a statement of purpose, should be included in or on a sign adjacent to where reporting is initiated. (see sections 15 G7 & G8)
Consent – consent would not be required for the this processing.
Archive Retention – If the log entry contains personal data a 6 year archive is recommended commencing on the start date of the data controllers financial year following the date of the log entry.
Privacy – Access to previous log entries must not be visible to anyone other than personnel directly involved in the management of the premises.
Where paper records are used, it’s preferable that completed pages are removed once completed and securely filed.
Access to electronic logs shall be password protected and managed on computer devices identified by unique reference numbers logged in a Controlled Data Register.