If we have listed parents/guardians, or for that matter any other third
party, as potential recipients of personal data then surely we are allowed
to respond to an enquiry and issue personal data to that party, unless the
data subject has specifically requested us not to do so.
By referring the data subject to your official notification, or making them
aware of potential recipients, at the point of data collection you are
providing them with the opportunity to object.
Surely this is sufficient to allow us to comply with authorised third party
requests.
If a third party is not listed as a potential recipient then data should not
be released, unless the data subject has specifically this to happen.
Confirming the identity of a third party caller should be covered in your
security procedures.
*-----Original Message-----
*From: This list is for those interested in Data Protection issues
*[mailto:[log in to unmask]]On Behalf Of
*[log in to unmask]
*Sent: 21 June 2001 12:17
*To: [log in to unmask]
*Subject: Re: Dealing with UCAS applicants
*
*
*I think dealings should be with the student unless they have authorised a
*third party to act on their behalf.Re the telephone, we ask for 2
*additional
*pieces of information. This did not apparently prevent a sponsor
*posing as a
*student to withdraw them from a course though!
*Gail Waters
*DP Coordinator
*Open University
*> -----Original Message-----
*> From: [log in to unmask] [SMTP:[log in to unmask]]
*> Sent: 21 June 2001 11:33
*> To: [log in to unmask]
*> Subject: Dealing with UCAS applicants
*>
*> Dear colleagues,
*> Is anyone able to provide insight as to the treatment of queries
*regarding
*> UCAS applications. Here in our institution there are conflicting views as
*> to whether or not we should deal with enquiries from third parties
*> (usually
*> parents). I would like to say that we will always only deal with the
*> applicant themself. However, you get the usual problem with issues of
*> customer care, along with the fact that the applicant's contract is with
*> UCAS at that early stage, not with us.
*> How do others deal with this situation?
*>
*> Also, in more general terms, do other institutions have a policy for
*> dealing with general personal telephone enquiries. Do you have any
*> policies
*> whereby you use a student number as a means of identifying
*individuals? Or
*> do you trust the caller that they are who they say they are? If the
*> information is particularly sensitive then I believe that calling the
*> person back on a number already recorded by the student themselves at
*> enrolment is sensible.
*>
*> Any advice, shared experiences or advice received from the information
*> commissioner greatly appreciated.
*>
*> Thanks,
*>
*> Matt Nunn
*> Southampton Institute
*>
*> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
*> If you wish to leave this list please send the command
*> leave data-protection to [log in to unmask]
*> All user commands can be found at : -
*> www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
*> all commands go to [log in to unmask] not the list please!
*> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
*
*^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
* If you wish to leave this list please send the command
* leave data-protection to [log in to unmask]
* All user commands can be found at : -
* www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
*all commands go to [log in to unmask] not the list please!
*^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
*
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|