I haven't been a Data Protection Officer, but as the FoI Officer in a Trust
I certainly saw confidential information - indeed the actual request might
contain confidential information - although, of course, that would imply
that any employee of a public organisation should require a check - as
anyone in a public organisation can be handed a FoI request.
Nick Landau
----- Original Message -----
From: "Chris Brogan" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Thursday, May 04, 2006 10:48 AM
Subject: Re: [data-protection] Criminal Record Checks DPO's - was - RE:
Criminal Record Check of Traffic Wardens?
Interesting discussion developing here. If a DPO had been prosecuted by the
ICO would the DPO be a fit and proper person to fill a DPO's position?
A data controller should ensure that any Data Processor employed is a fit
and proper/qualified person to process personal data on their behalf.
Does that mean that the onus is on the Data Controller in both these
instances to check the ICO's Annual returns to see if a prosecution has
taken place? As it is sensitive data would a schedule 3 condition apply.
Regardless of the above are you aware that CRB will check anything that you
send to them? Shocking? Ring there help line and see what they say.
Regards Chris Brogan
-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Samantha Hill
Sent: 04 May 2006 10:30
To: [log in to unmask]
Subject: Re: Criminal Record Checks DPO's - was - RE: Criminal Record
Check of Traffic Wardens?
My understanding of the need for CRB checks is that they are carried out
when people
are likely to come into contact with vulnerable people - here at the Uni we
run checks on
any students and staff on our education, health and social work courses
where a
working placement is involved in their degree, but would not do the same for
any other
student with no cause to be interacting with vulnerable adults.
On that basis I would say that the data protection officer does not need to
be CRB
checked as the role does not - or does not in my case - come into contact
with the
individuals, only their personal data.
Samantha
On 4 May 2006 at 10:00, Ian Welton wrote:
A spin-off from the other thread and of interest from many
perspectives.
Given that persons exercising data protection responsibilities within
organisations have a very high level of access to personal data should
they all be required to be vetted and if so to what level?
I am speaking of the role here not the organisation or sector.
Why?
Why not?
What roles would not require vetting?
Ian W
--
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.392 / Virus Database: 268.5.3/331 - Release Date: 5/3/06
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list
owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Samantha Hill
Information Disclosure Officer
University of Portsmouth
Winston Churchill Avenue
Portsmouth PO1 2UP
Tel: 023 9284 3642
E-mail: [log in to unmask]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|