Where there is a clear breach of the principles, I have found the best
option is to admit that we were in the wrong, apologise and if possible
show that as a result we have taken action to ensure that the breach is
not repeated. In many cases, all the complainant wants is someone to admit
a mistake and to say sorry.
Fudging the issue does not help. It winds the complainant up and as a
consequence they start finding more and more issues to find fault with. In
addition, I don't think the ICO would look upon it kindly upon such a
response. Whereas, I know from experience that when the above approach is
presented to the ICO, they are likely to simply agree that you have done
wrong but not pursue the matter. Obviously, if this was a regular
occurrence, they may adopt a different stance.
I do not inform our insurers until such time as any actual claim for
compensation is received. In most cases, initial claims are easily dealt
with by explaining that under the DPA it is not possible to claim for
distress alone, damage must first be established, so most claims fail at
this point. Only where it looks likely that the subject has suffered
damage, would I alert our legal and insurance sections.
Many Thanks
David Wilson
Data Protection Officer
01305 225175
"This e-mail is intended for the named addressee(s) only and may contain information about individuals or other sensitive information and should be handled accordingly. Unless you are the named addressee (or authorised to receive it for the addressee) you may not copy or use it, or disclose it to anyone else. If you have received this email in error, kindly disregard the content of the message and notify the sender immediately. Please be aware that all email may be subject to recording and/or monitoring in accordance with relevant legislation."
Scanned by MailDefender - managed email security from intY - www.maildefender.net
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|