On the internal DP Overview courses I've been running since the back end of
2002 I've always told colleagues that if they have some information which
identifies a living individual then they should treat it as being covered
by the DPA 1998 - to try and prove otherwise will probably cause them more
work and hassle than just to get on with it. I still give the same advice
post Durant.
As it happens, most of our SARs concern social services files so Durant is
irrelevant - but we are a local authority, not a secret society, and there
are plenty of exemptions available for use where the file contains data
that should not be provided to the applicant for good reason.
Regards,
Graham
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|