Colleagues
I wonder if anyone could enlighten me with regards to the
thorny issue of confidential references. My understanding
is that if a conf ref is given for specified purposes then
the giver is not obliged to disclose it to the data subject
under a subject access request, but that the data subject
may be able to obtain a copy from the recipient. However,
in discussions with a solicitor recently, his interpretation
was different: that a confidential reference given for
specified purposes will remain confidential even if the
data subject approaches the recipient for a copy.
I have checked out the DPO booklet and it concurs with the
the former view set out above, as does a number of other
documentation, as does this mailbase group. However, I
have looked at the Act itself and the wording is somewhat
ambiguous and, having thought about the matter in the light
of the solicitor's comments, it could be argued that the
latter point above may be correct. The Act itself states
as follows:-
1. Personal data are exempt from section 7 if they consist
of a reference given or to be given in confidence by the
data controller for the purposes of-
(a) the education, training or employment, or prospective
education, training or employment, of the data subject,
(b) the appointment, or prospective appointment, of the
data subject to any office, or
(c) the provision, or prospective provision, by the data
subject of any service.
Could it be argued that once the confidential reference was
in the hands of the recipient, the reference was given in
confidence and is therefore exempt from disclosure?
----------------------
Lucinda Bennett
Administrative Officer
Registry, Room 159
University of Exeter Tel: 01392 263355
Northcote House Fax: 01392 263108
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|