JISCMail - DATA-PROTECTION Archives

Email discussion lists for the UK Education and Research communities
Subscriber's Corner
Email Lists
DATA-PROTECTION Archives

data-protection@JISCMAIL.AC.UK

View:

Message:
[
First
Last
]
By Topic:
[
First
Last
]
By Author:
[
First
Last
]
Font:
Proportional Font
		LISTSERV Archives
		DATA-PROTECTION Home
		DATA-PROTECTION 2006
Options

Subscribe or Unsubscribe
Get Password
Subject:
Re: Request for advice - DPA vs Gender Recognit ion Act
From:
Owen Parry <[log in to unmask]>
Reply-To:
Owen Parry <[log in to unmask]>
Date:
Mon, 16 Jan 2006 16:24:17 -0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (1 lines)
Section 9 Subsection(2) states



(2) Subsection (1) does not affect things done, or events occurring, before the certificate is issued; but it does operate for the interpretation of enactments passed, and instruments and other documents made, before the certificate is issued (as well as those passed or made afterwards).





For which the explanatory gloss is:



Subsection (2) provides amplification of subsection (1), making clear that the recognition is not retrospective, so the certificate does not rewrite the gender history of the transsexual person, and that the new gender applies for the interpretation of enactments, instruments and documents made before as well as after the issue of a certificate.



Clear now?  I interpret this to mean, for instance in an HE context, that we do not have to search and amend all possible records of an ex-student but that our current record - if relevant - should show the reassigned gender and that any transactions we may have (e.g. confirm result, reissue certificate etc.) must show the current gender not the old one.  Similarly, I suppose it to mean that a statistical analysis which includes gender must reflect the current gender regardless of the original gender when the data was collected.



I think I have doubt in my mind as to whether we are permitted to record in an audit trail or note that the reassignment has taken place.



I also think I am a little worried by Section 22(1) which states that 



"It is an offence for a person who has acquired protected information in an official capacity to disclose the information to any other person."



because although it lists a number of exclusions, none of them seem to apply if I receive the information in my official capacity to pass that on to someone in the same organisation !  They can receive it 'officially' but I am breaking the law in supplying it.









Owen Parry

Pennaeth Cyfrifiadura Gweinyddol / Head of Administrative Computing

Prifysgol Cymru / University of Wales

Tel: (029) 2038 2656 Ffacs/Fax: (029) 2039 6040





-----Original Message-----

From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Chris Catton

Sent: 16 January 2006 16:11

To: [log in to unmask]

Subject: Re: Request for advice - DPA vs Gender Recognit ion Act



To make restrospective changes to "correct" a record that was not wrong at 

the point of creation sounds like pretty bad records management practice 

to me, and one that is fraught with untold dangers.



Chris Catton







Duncan James <[log in to unmask]> 

Sent by: This list is for those interested in Data Protection issues 

<[log in to unmask]>

16/01/2006 15:53

Please respond to

Duncan James <[log in to unmask]>





To

[log in to unmask]

cc



Subject

Re: Request for advice - DPA vs Gender Recognit ion Act













What does the change have on their legal status? Are they classed as a 

"New

individual" or are they still classed under their original status?



Maybe you should consider following the same practice as either the 

criminal

records bureau, or the national health, but I don't know what either of

those would be.





-----Original Message-----

From: This list is for those interested in Data Protection issues

[mailto:[log in to unmask]] On Behalf Of Tim Trent

Sent: 16 January 2006 15:41

To: [log in to unmask]

Subject: Re: [data-protection] Request for advice - DPA vs Gender

Recognition Act



Logic suggests this be treated like nationality.  What do you do if the

individual changes nationality? 



-----Original Message-----

From: This list is for those interested in Data Protection issues

[mailto:[log in to unmask]] On Behalf Of Emma Bothamley

Sent: 16 January 2006 15:30

To: [log in to unmask]

Subject: [data-protection] Request for advice - DPA vs Gender Recognition

Act



Dear all,



Question on the Gender Recognition Act.  What should we do if we receive

notice from one of our customers that they have swapped gender?  How 

should

we go about capturing the information for that individual on our systems 

to

ensure compliance with the Gender Recognition Act and DPA?  Should we:



   Remove all reference to the individual's original gender from all our

   computer systems?

   Set up a new computer record for the individual, linked to the old one,

   thereby ensuring there was an audit of trail of when genders changed?

   Make a note on the system that the individual has changed gender, 

update

   their new name and salutation but leave the underlying record 

unchanged?



The view here is that we should ensure that all our computer records show

the new acquired gender and name for the individual concerned.  Their view

is that all records would need to be amended, rather than just putting a

note on the system.  This is because it is always open to the individual 

to

make a SAR.  If a SAR was made, we would need to disclose all information

about that person.  If our records still showed the original name and

gender, even for audit trail purposes, this could be a breach of the Data

Protection Act for failing to ensure that we maintain accurate information

on our records.



I'm not sure I agree with this.  As we are a Life Assurance company, I 

would

have thought it would be necessary and legitimate to keep some

historical record of the previous gender.   I was wondering how others 

were

approaching this issue?



I'd be grateful for your views / comments / thoughts.



Many thanks in advance,

Emma







Emma Bothamley

Data Protection Consultant



01733 471226



[log in to unmask]





Pearl Group Ltd No.05282342 and Pearl Group Services Ltd  No. 05549998. 

The

following companies are subsidiary companies of Pearl Group Ltd and are

authorised and regulated by the Financial Services Authority:  Pearl

Assurance plc No. 1419, Pearl Assurance (Unit Funds) Ltd No. 1027138, 

Pearl

Assurance (Unit Linked Pensions) Ltd No. 1122485, Pearl ISA Ltd No. 

3597973,

London Life Ltd No. 1179800, London Life Linked Assurances Ltd No. 

1396188,

NPI Ltd No. 3725037, National Provident Life Ltd No. 3641947, UKLS 

Financial

Services Ltd No. 3715118.  All companies are registered in England at The

Pearl Centre, Lynch Wood, Peterborough PE2 6FY. Tel. 01733 470470. We may

record or monitor telephone calls to improve service and for our mutual

protection.



The information in this e-mail is confidential and may be legally

privileged. It is intended solely for the addressee and access to this

e-mail by anyone else is unauthorised. Although this message and any

attachments are believed to be free of any virus or other defect that 

might

affect any computer system into which it is received and opened, it is the

responsibility of the recipient to ensure that it is virus free and no

responsibility is accepted by any of the companies of Pearl Group Limited

for any loss or damage in any way arising from its use.



^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

       All archives of messages are stored permanently and are

      available to the world wide web community at large at

      http://www.jiscmail.ac.uk/lists/data-protection.html

      If you wish to leave this list please send the command

       leave data-protection to [log in to unmask]

            All user commands can be found at : -

        http://www.jiscmail.ac.uk/help/commandref.htm

Any queries about sending or receiving message please send to the list 

owner

              [log in to unmask]

  (all commands go to [log in to unmask] not the list please)

   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^



^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

       All archives of messages are stored permanently and are

      available to the world wide web community at large at

      http://www.jiscmail.ac.uk/lists/data-protection.html

      If you wish to leave this list please send the command

       leave data-protection to [log in to unmask]

            All user commands can be found at : -

        http://www.jiscmail.ac.uk/help/commandref.htm

Any queries about sending or receiving message please send to the list 

owner

              [log in to unmask]

  (all commands go to [log in to unmask] not the list please)

   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^



-- 

This message has been scanned for viruses and dangerous

content by the NorMAN MailScanner Service and is believed

to be clean.



The NorMAN MailScanner Service is operated by Information

Systems and Services, University of Newcastle upon Tyne.





====

This e-mail is intended solely for the addressee. It may contain private 

and

confidential information. If you are not the intended addressee, please 

take

no action based on it nor show a copy to anyone. Please reply to this 

e-mail

to highlight the error. You should also be aware that all electronic mail

from, to, or within Northumbria University may be the subject of a request

under the Freedom of Information Act 2000 and related legislation, and

therefore may be required to be disclosed to third parties.

This e-mail and attachments have been scanned for viruses prior to leaving

Northumbria University. Northumbria University will not be liable for any

losses as a result of any viruses being passed on.



^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

       All archives of messages are stored permanently and are

      available to the world wide web community at large at

      http://www.jiscmail.ac.uk/lists/data-protection.html

      If you wish to leave this list please send the command

       leave data-protection to [log in to unmask]

            All user commands can be found at : -

        http://www.jiscmail.ac.uk/help/commandref.htm

Any queries about sending or receiving message please send to the list 

owner

              [log in to unmask]

  (all commands go to [log in to unmask] not the list please)

   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^





This message has been cleaned by Blackspider mailcontrol for the 

International Secretariat, if you wish to report this message as Spam 

please use the link below this line.



Click 

https://www.mailcontrol.com/sr/wQw0zmjPoHdJTZGyOCrrhg== 

 to report this

email as spam.





^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

       All archives of messages are stored permanently and are

      available to the world wide web community at large at

      http://www.jiscmail.ac.uk/lists/data-protection.html

      If you wish to leave this list please send the command

       leave data-protection to [log in to unmask]

            All user commands can be found at : -

        http://www.jiscmail.ac.uk/help/commandref.htm

Any queries about sending or receiving message please send to the list owner

              [log in to unmask]

  (all commands go to [log in to unmask] not the list please)

   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Top of Message | Previous Page | Permalink
JiscMail Tools

Files Area | help
RSS Feeds and Sharing

Search Archives

Advanced Options