Happy Friday everyone!
"Dare to share" really annoys me as this is the bit that all non-DP "experts" hear, and they tend not hear the following "as long as you've got consent/it's legislated".
Case in point - Troubled/Complex Families. I was told we needed to ask other orgs to share details of the work they had undertaken with the family with the cost of this work. I said we needed consent. I then faced weeks of debate about how getting consent was a barrier to the work, the govt were telling us we had to do it, it was for the wellbeing of the families etc. until finally the consent model was accepted. Lo and behold, practitioners are now having trouble getting consent, because people don't want their information shared (although admittedly due to the nature of these people it might just be because they don't want to engage with services any more than they already have to. Either way...). I do know of some authorities who have dared to share without consent, but I can't understand how this is lawful if you are getting details of a service which reveals sensitive personal data e.g. CAMHS involvement cost £XX reveals a teenager with mental health concerns; cost of a cancer treatment reveals a person has cancer, police involvement cost reveals criminality etc.
Occasionally, people ask me how ContactPoint was "allowed" without consent, to which I explain that sharing for this purpose was legislated.
Next problem... CRM (don't get me started!)
If the Government want us to "dare to share" WITH consent - surely this is what we're already doing? And how is this daring?! If they want us to "dare to share" WITHOUT consent, they might as well rephrase it "risk a fine". Give us clear, legislated purposes for sharing, or we will continue to work within the bounds of the DPA using consent where it is required. I fail to see what the change would be!
TGF!!!
Best wishes,
Michelle
Michelle Peel
CYPS Information Governance Officer
Trafford Council
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|