I have come across similar.
Is the complex scenario described any more than a set of agreements
supported by relevant security and access levels?
Identifying who the data controllers/processors/users are at any given
point, and that principle one compliance exists seem to be the most
contentious issues. Using a number of spreadsheets to identify how the data
is flowing and its status at any particular time can assist.
Who checks for compliance and how those checks are conducted and reported is
a necessary issue to address.
Ian W
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Colette Healiss
Sent: 14 November 2002 16:03
To: [log in to unmask]
Subject: Data sharing arrangement
Has anyone come across anything like this scenario:
A data sharing partnership overseen by a management board. Officers are
nominated in each partner agency to conduct the data sharing and are
trained accordingly.
Data is fed into the partnership computer system unfiltered from donating
agencies' live systems (regular updates are done).
The partnership computer system is accessed by the nominated officers in
each agency who can query the system and view donated data directly.
Each agency has an agreed level of access to the donated system data (ie.
some agencies are allowed to see all donated systems, others will only have
access to certain of the donated databases).
Now there's a can of worms for you to pore over.....
Colette Healiss
IT Strategy and Regulation
St Helens Council
Town Hall
Victoria Square
Telephone 01744 456052
***************************************************************************
Disclaimer: This e-mail and any file transmitted with it are confidential,
subject to copyright and intended solely for the use of the individual
or entity to whom they are addressed. It may contain privileged
information.
Any unauthorised review, use, disclosure, distribution or publication is
prohibited.
If you have received this e-mail in error please contact the sender by
reply e-mail and destroy and delete the message and all copies from
your computer.
***************************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|