Neil Chadwick wrote:
<<Our insurance manager tells me that we often receive claims from members of
the public or staff via their soliciter. In order to process these we need
to exchange sensitive personal data with a number of organisations (medical,
insurance companies etc.). To fully comply with the first principle we would
have to inform the data subject of these disclosures.
If we inform the data subject's soliciter of these disclosures as the
soliciter is representing the subject have our obligations been met or do we
have to inform the data subject directly?>>
----------------------
Neil
I would think in the case of claimants asking their solicitor to act on their
behalf, the data controller is the solicitor, not the local authority. The
solicitor would have the consent of the claimant to pass the details to you
and you would use section 6(1) of Schedule 2 to justify the processing,
including the disclosure to relevant recipients in order to pursue/refute the
claim.
Of course, you may also be in possession of other data - not given to you by
the solicitor - such as CT records, tenant data, CCTV footage, etc. I think
you would need the consent of the individual before any of this could be used
as the processing could be incompatible with the initial purposes.
Ian Buckland
MD
Keep IT Legal Ltd
Please Note: The information contained in this document does not replace or
negate the need for proper legal advice and/or representation. It is
essential that you do not rely upon any advice given without contacting your
solicitor. If you need further explanation of any points raised please
contact Keep I.T. Legal Ltd at the address below:
55 Curbar Curve
Inkersall, Chesterfield
Derbyshire S43 3HP
(Reg 3822335)
Tel: 01246 473999
Fax: 01246 470742
E-mail: [log in to unmask]
|