See the following email sent to the list on 27 April 2000. Surely the advice
given to Nadine is correct?
I have recently had a response from the DPCO clarifying the position re
confidential references, where the data controller (in this case a
university) is not only the giver but also the receiver of the
reference. They advise that personal references are exempt from subject
access while they remain in the hands of the data controller. They
confirm that all information contained in confidential references given
by the University or by its staff acting on behalf of the University are
exempt from subject access.
Heads of Department will gain some comfort from this!
Nadine
--
**********************
Nadine Cleaver GCGI
PA to Vice-Chancellor
University of York
Tel (01904) 432001 (General Enquiries)
Tel (01904) 434461 (Development Office/Data Protection Co-ordination)
Fax (01904) 432003
***********************
Lucinda Bennett <[log in to unmask]> on 04/05/2000 11:44:54
Please respond to Lucinda Bennett <[log in to unmask]>
To: [log in to unmask]
cc: (bcc: Dennis Barrington-Light/REG/Central-Admin)
Subject: Confidential reference given by institution to same institution
Dear List Members
This particular question has been raised before, however, I
am still not 100% sure of the facts.
I was speaking to the O of the DPC this morning and asked
the Enquiries section what the position was where Dept A
provides a confidential reference to Dept B, where both A
and B are part of the same institution. I was advised that
whilst a subject could not obtain a copy of the reference
from Dept A, the subject could approach Dept B in
order to obtain a copy of the reference.
Do list members have any further comments on the matter or
is this the widely accepted view?
----------------------
Lucinda Bennett
Administrative Officer
Registry, Room 159
University of Exeter Tel: 01392 263355
Northcote House Fax: 01392 263108
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|