Section 68 of the FOIA amends the DPA to include the new category of
data, known as category 'e' data. As such Durant is not relevant as it
applies to category 'c' data.
Nic Drew
-----Original Message-----
From: Graeme Hawley [mailto:[log in to unmask]]
Sent: 04 January 2006 14:16
To: [log in to unmask]
Subject: DPA interface with FOISA
Hi there,
I suspect that this is old ground, but in trying to fathom out the
Durant
thing in my mind, I came across this advice from the Scottish Executive
about structured / unstructured data:
"16.2.3 New Category of Data
At present the DPA only covers personal data in computerised format and
in
some limited types of manual records. It will be extended for public
authorities subject to the FOISA to cover a new category of data. The
new
category is "recorded information held by a public authority" which does
not fall within any of the other categories. This recorded information
is
broken down into two types:
Structured - this is information structured by reference to individuals
or
criteria relating to individuals but that does not fall within a
relevant
filing system (key word Module 15) (i.e. specific information on
individuals is not readily accessible).
Unstructured - this is all other data and may include notebooks, files
not
structured by reference to individuals, papers etc.
The right of access will be extended to cover both types of this new
category of information. The result will be that ALL recorded
information
about individuals held by a public authority subject to the FOISA
potentially will be covered by the DPA for the purposes of access by the
data subject and correction." (From FOISA Open Learning Workbook, Module
16)
The thing is, although ALL personal data is covered by FOISA, in the
event
of a request for personal data it is likely to be exempt or to be
treated
under the DPA. Which seems to have a narrower definition of
unstructured
personal data if the latest on Durant is anything to go by. So, what is
the point of having a wider definition in the FOISA guidance??
Then... I think 'The UK verdict on Durant may still be overturned by the
EU, so should I operate under a broader definition of personal data on
the
assumption that this will be the long term outcome?'
And besides - by aiming to be compliant with a wider definition, it
hopefully increases the chances of complying fully with the minimum.
Any thoughts on my thoughts, or the Scottish Executive guidance, anyone?
Happy New Year
Graeme
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This message is strictly confidential and intended for the person or organisation to whom it is addressed. If you are
not the intended recipient of the message then please notify the sender immediately. Any of the statements or comments
made above should be regarded as personal and not necessarily those of Cardiff & Vale NHS Trust, any constituent part
or connected body.
All e-mail sent to or from this address will be processed by Cardiff & Vale NHS Trust's Corporate e-mail system and
may be subject to scrutiny by someone other than the addressee.
Please be aware that, under the terms of the Freedom of Information Act 2000, Cardiff & Vale NHS Trust may be required
to make public the content of any emails or correspondence received. For further information on Freedom of Information,
please refer to the Cardiff & Vale NHS Trust website at www.cardiffandvale.wales.nhs.uk
Mae'r neges hon yn gyfrinachol. Os nad chi w'r derbynnydd y bwriedid y neges ar ei gyfer, byddwch mor garedig ÿ rhoi
gwybod i'r anfonydd yn ddi-oed. Dylid ystyried unrhyw ddatganiadau neu sylwadau a wneir uchod yn rhai personol, ac nid
o angenrhaid yn rhai o eiddo Ymddiriedolaeth GIG Caerdydd a'r Fro, nac unrhyw ran gyfansoddol ohoni na chorff
cysylltiedig.
Caiff pob e-bost a anfonir oÿr cyfeiriad hwn ei brosesu gan system e-bost Gorfforaethol Ymddiriedolaeth GIG Caerdydd
a'r Fro, a gallai gael ei archwilio gan rai ac eithrio'r sawl a anfonodd y neges.
Cofiwch fod yn ymwybodol ei bod yn bosibl y bydd disgwyl i Ymddiriedolaeth GIG Caerdydd a'r Fro roi cyhoeddusrwydd i
gynnwys unrhyw ebost neu ohebiaeth a dderbynnir, yn unol ag amodau'r Ddeddf Rhyddid Gwybodaeth 2000. I gael mwy o
wybodaeth am Ryddid Gwybodaeth, cofiwch gyfeirio at wefan Ymddiriedolaeth GIG Caerdydd a'r Fro ar
www.cardiffandvale.wales.nhs.uk
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|