I normally ask for two forms of identification to verify that the request is genuine. One is the cheque for £10, for the other I suggest a utility bill (obviously one which has the name and the address of the data subject). Is this adequate?
Jon
----------------------------------------------
Jon Leonard
Senior Analyst/Programmer
Applications Support Team
IT Division
HBS Business Services/LCC
Tel: 01522 83 ext. 6155
Fax: 01522 516016
-----------------------------------------------
>>> "Bownes David (CEX)" <[log in to unmask]> 25/02/05 11:17:51 >>>
A data controller needs to confirm the identity of someone making an SAR
under Section 7 of the DPA 98. The data controller may need further
information to locate what is being asked for.
Section 7(3) of the Act provides that the data controller need not comply
with an SAR until identity is established or further information is
provided.
How many of you knew that Section 7(3) was completely replaced by Paragraph
1 of Schedule 6 to the Freedom of Information Act 2000?
The new Section 7(3) places a positive duty on data controllers to inform
the data subject of the need for further identity or "location" information.
The duty to comply with the SAR is not removed until the duty to inform is
discharged.
Just a little Friday snippet.
David Bownes
Data Protection and Security Officer, Sheffield City Council, Chief
Executive's Directorate, Corporate Finance, PO Box 1283, Sheffield S1 1UJ.
0114 2736891
The information in this email is intended for the addressee(s) only. If you are not the addressee, please tell us by using the reply facility in your email software as soon as possible. Sheffield City Council cannot accept any responsibility for the accuracy or completeness of this message as it has been transmitted over a public network. If you suspect that the message may have been intercepted or amended please tell us as soon as possible.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
**********************************************************************
"No contracts may be concluded on behalf of HBS Business Services Group Limited (HBSGL) by means of email communications.
Any information or opinions contained in this message that do not relate to the official business of HBSGL are neither given nor endorsed by it.
HBSGL reserves the right to monitor and intercept emails sent and received on our network.
Internet email is not 100% secure. You must be aware of this lack of
security when emailing us. HBSGL does not accept responsibility for changes made to this message after it was sent
This footnote confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses. www.mimesweeper.com
<http://www.mimesweeper.com>
Although HBSGL have taken these steps to ensure that this email and any attachments are free from any virus, in keeping with good computing practice you should make sure that they are actually virus free.
This email and any files transmitted with it are confidential and intended
solely for the use of the individual or entity to whom they are addressed.
If you have received this email in error you may not take any action based on it, nor should you copy or show this to anyone; please reply to this email and highlight the error to the sender, then delete the message from your system."
**********************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|