Dave,
Many thanks. That is the way I have been working so far.
However, the issue arises that where the purpose of the subject access
request is to elicit a response which will be directly used in legal
proceedings, would it be reasonable in all the circumstances to disclose the
data unedited? The reasoning behind that being that a clean version of that
data would become available as part of those proceedings.
Ian W
----- Original Message -----
From: "Dave Wyatt" <[log in to unmask]>
To: "Ian Welton" <[log in to unmask]>
Cc: "Mailbase" <[log in to unmask]>
Sent: Wednesday, May 30, 2001 11:17 PM
Subject: RE: Subject Access - 7(4b) and Section 35(2)
> Ian
>
> Don't you love this Act, who can ever be certain they have the right
> process.
>
> Classic link is witness data. Such information is used in areas such as
> Insurance claims. I would not supply any data to the data subject which
> allows the identity of a witness to be known by the data subject unless I
> was certain from my records they already knew the identity e.g. Case has
> been to court or in the press. If I was certain they knew this persons
> identity I am applying 7(4)b as it is pointless to seek consent. If I was
> not certain the identity is known I would first go to 7(5)and edit and if
> that did not work I would go to 7(4)a - can I get consent. If this not
> possible I would decline supply 7(4)
>
> Joint contracts for Insurance another example where both parties have an
> interest in the insurance. It is reasonable to assume each knows the
others
> identity given it is a joint contract therefore do not need to seek
consent
> to disclose the other parties name or contract factors each knows. Again
Im
> relying on 7(4)b when supplying.
>
> In practice advices are always try to remove names of anyone other than
the
> data subject or own staff before supply but the context, as you know, may
> lead them to identify another individual. In such cases we try to remove
as
> much as possible keeping as evidence a copy of the the original position
pre
> edit with the data subject request file to enable the position to be
> scrutinised as 'fair' should a challenge occur through the commissioner.
> Here we are applying 7(5)
>
> Hope this assists
>
> David Wyatt
>
> > -----Original Message-----
> > From: This list is for those interested in Data Protection issues
> > [mailto:[log in to unmask]]On Behalf Of Ian Welton
> > Sent: 30 May 2001 20:18
> > To: [log in to unmask]
> > Subject: Subject Access - 7(4b) and Section 35(2)
> >
> >
> > Is there any guidance, or has anybody dealt with any subject
> > access request
> > the response of which will probably be directly used in legal
proceedings?
> >
> > If so has the question of " it is reasonable in all the circumstances to
> > comply with the request without the consent of the other
> > individual" arisen,
> > where the answer to that question has been affected by the
> > eventual purpose
> > and knowledge of the data subject making the request, and the solicitor
> > acting on their behalf already have?
> >
> >
> > Ian W.
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > If you wish to leave this list please send the command
> > leave data-protection to [log in to unmask]
> > All user commands can be found at : -
> > www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
> > all commands go to [log in to unmask] not the list please!
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|