Tim,
Thank you for your reply. It is clear to me that the member intends for
this to be actioned under the Act in that they ask:
"I would like to make a "Subject Access Request" under section 7(1) of
the 1998 Data Protection Act. Please could you provide me with complete
disclosure of any information concerning me (if you have any) that I am
entitled to view under the provision of the aforementioned act."
I think my main concern is should we be contacting the member to ask the
reason for their SAR, or could this be considered intrusive to their
privacy?
Thanks.
Jonathan Hodgetts
The MCPS-PRS Alliance
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Tim Trent
Sent: 12 July 2005 11:53
To: [log in to unmask]
Subject: Re: Handling a SAR outside the Act
Sensitivity: Confidential
While it is perfectly reasonable for member Relations to do precisely
that, there is no scope for "handling this outside the act", because
the act tends not to allow that kind of thing.
It really depends on how you are interpreting the SAR. If they have
sent their fee or couched it in DPA 1998 terms, then you very much need
to handle it in accordance with the act. But it could be argued that a
pleasant approach from member relations may defuse any potential
complaint.
A practical suggestion is to work WITH Member Relations in order to
ensure that your existing policies and procedures are followed. I am
kind of assuming you have a procedure for SAR handling
Tim Trent - Consultant
Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
email: [log in to unmask]
Marketing Improvement Limited, Abbey House, Grenville Place, Bracknell,
United Kingdom, RG12 1BP http://www.marketingimprovement.com
Important: This mail contains proprietary information some or all of
which may be legally privileged. It is for the intended recipient only.
If an addressing or transmission error has misdirected this email,
please notify the author by replying to this email. if you are not the
intended recipient you must not use, disclose, distribute, copy, print
or rely on this email. If you are not the named recipient please notify
us immediately. This email and any attachment(s) are believed to be
virus-free, but it is the responsibility of the recipient to make all
the necessary virus checks. This email and any attachments to it are
copyright of Marketing Improvement Limited unless otherwise stated.
Their copying, transmission, reproduction in whole or in part may only
be undertaken with the express permission, in writing, of Marketing
Improvement Limited.
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Hodgetts, Jonathan
Sent: 12 July 2005 11:49
To: [log in to unmask]
Subject: [data-protection] Handling a SAR outside the Act
Sensitivity: Confidential
My company has received our first ever formal subject access request
under the Data Protection Act (aren't we lucky!). We are a membership
organisation, and the SAR is from one of our members. I want to handle
this myself fully in line with the Act, but one of our directors wishes
me to hand this over to our Member Relations department, to contact the
member to find out the reason for the SAR and handle outside the Act.
I am rather uneasy with this approach and would be grateful for views
from those on this discussion group more familiar with the handling of
SARs.
Thank you.
Jonathan Hodgetts
MCPS-PRS Alliance
This e-mail and the information it contains are confidential and may be
privileged. If you have received this e-mail in error please notify the
sender immediately and delete the material from any computer. Unless you
are the intended recipient, you should not copy this e-mail for any
purpose, or disclose its contents to any other person.
The MCPS-PRS Alliance is not responsible for the completeness or
accuracy of this communication as it has been transmitted over a public
network. Whilst the MCPS-PRS Alliance monitors all communications for
potential viruses, we accept no responsibility for any loss or damage
caused by this e-mail and the information it contains. It is the
recipient's responsibility to scan this e-mail and any attachments for
viruses. Any e-mails sent to and from the MCPS-PRS Alliance servers may
be monitored for quality control and other purposes.
The MCPS-PRS Alliance Limited is a limited company registered in England
under company number 03444246 whose registered office is at c/o 29-33
Berners Street, London, W1T 3AB.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This e-mail and the information it contains are confidential and may be privileged. If you have received this e-mail in error please notify the sender immediately and delete the material from any computer. Unless you are the intended recipient, you should not copy this e-mail for any purpose, or disclose its contents to any other person.
The MCPS-PRS Alliance is not responsible for the completeness or accuracy of this communication as it has been transmitted over a public network. Whilst the MCPS-PRS Alliance monitors all communications for potential viruses, we accept no responsibility for any loss or damage caused by this e-mail and the information it contains.
It is the recipient's responsibility to scan this e-mail and any attachments for viruses. Any
e-mails sent to and from the MCPS-PRS Alliance servers may be monitored for quality control and other purposes.
The MCPS-PRS Alliance Limited is a limited company registered in England under company number 03444246 whose registered office is at c/o 29-33 Berners Street, London, W1T 3AB.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|