(1) A data service provider must have procedures for making, collecting, indexing, storing, securing, maintaining, accessing and disposing of the following:
(a) records that identify all incoming and outgoing aeronautical data and aeronautical information;
(b) records that identify each person who is authorised by the provider to process, check, edit, publish or supply aeronautical data and aeronautical information;
(c) records that list the qualifications and competencies of personnel who process, check, edit, publish or supply aeronautical data and aeronautical information;
(d) records that identify each occurrence of an error or omission in:
(i) aeronautical data or aeronautical information that the provider receives; or
(ii) aeronautical data or aeronautical information that the provider publishes or supplies in conducting a data service activity;
(e) records that contain the results of any audit or review of the provider's activities.
(2) The provider must ensure that a record mentioned in
subregulation (1) is legible and permanent.