Data Protection Anyone?

YorkshireBoy

Below is a transcript of my recent e-mail dealings with Scottish Life, my stakeholder pension provider...
________________________________________________

16/2/05
Dear Sirs

Subject: FW: Online Solutions - Failure To Register

I have a Scottish Life pension fund, linked to my employer, and administered by by XXXXXXXXXXXXXXX Financial Services Ltd.

I have tried unsuccessfully this evening to register for your online solutions facility so that I may view my plan "online".

The message given stated that there was already someone else with my plan number!

Could you please look into this failure and, if you cannot obtain my details from the error log generated, please contact me on 077XX XXXXXX at any time.

Regards

XXXXXXXXXX
_________________________________________________-

18/2/05
Dear Sirs

Could you please give me an update on my registration issue as detailed in my message to you on the 16/2/05 (see below).

Regards

XXXXXXXXXX

____________________________________________________

22/2/05
Dear XXXXXXX

Can you please confirm your policy number, date of birth and NI Number.

Regards

Implementation Services
______________________________________________

22/2/05
Dear Sirs

I'd be very happy to confirm my policy number, date of birth and NI Number, although I don't think it would be very wise to do it over an unsecure medium such as web-based e-mail.

When giving this kind of information over the internet, it is normally done via "secure server" and the screen would be "padlocked" on a https:// web address such as that on which I tried to make my initial registration.

I hope you will understand I consider it extremely unwise to carry out your request via e-mail.

Indeed, and to be perfectly honest, I didn't for one minute think you would make such a request! That is why my original e-mail suggested that...

"if you cannot obtain my details from the error log generated, please contact me on 077XX XXXXXX at any time"...

I await your call.

Regards

XXXXXXXXXXXXX
________________________________________________-


So much for Data Protection/security of information. And this request was from one of the biggest financial service providers in the UK!

Am I correct or is it OK to pass this type of information over web-based e-mail?

YB

Paul1_2

Personally I would not consider sending this information by e-mail. If their site does not have the facility for secure communication (a lot of finance houses have this via contact us) then it's phone or snail mail.

Paul1

travelchick

Hi
I would suggest that you send a letter via recorded delivery listing what you want them to do, this way you can be assured that it will be used by the correct person. After all if you wish to comunicate via the net then thats how you must pass on your information, If you are that worrierd about handing over all you information over the internet then why would you be happy giving it to a random stranger on the end of your mobile? which is even less secure?
I do hope that however you do it you get it sorted
Regards
Trav
xx

YorkshireBoy

travelchick wrote:

If you are that worrierd about handing over all you information over the internet then why would you be happy giving it to a random stranger on the end of your mobile? which is even less secure?

Thanks for your reply. I thought about that when I sent them the e-mail, and figured I could ask them some questions about my fund, ie dates, amounts, 5th & 7th digit of my NI number, % fund split etc. That way we could both check each other out.

By the way, still waiting for a response from them!

YB