Dear All,
Thank you for your detailed responses on the list. I appreciate your help in dealing with this scenario.
By way of context, I should have explained the Adult Child was the main carer and had the power of attorney for the parent. The parent had never indicated any concerns about the child or their handling of their care. The adult child had been involved in all the care and strategy meetings involving the parent so they were aware of and had copies a number of documents relating to the parent.
My concern was that social care files fall into a nether world between FOI/DPA and AtHR (deceased).
As such, it would appear that the Adult child, the estate's representative (not an interested relative), has no way to access the social care records without a court order. By that I mean there is no legislation that provides access, expressed or implied, so they cannot have the documents.
Thus, the organisation can choose to disclose but they are not required or compelled to disclose.
On the MP question that related to the exemption under the DPA for the MP to access SPD of a constituent (all caveats aside) as required to act on behalf of their constituent. However, the DPA only applies to the living so I was wondering if an equivalent power exists for an MP. I am leaving aside any institutional desire to help/hinder (depending on the relationship) the MP. In other words, does the MP revert back to an interested party without legislative power to compel disclosure.
What this all means is that an organisation could take the position on all such requests that no disclosure without a court order. The position would be consistent but it could potentially appear obtuse. Then again, no one ever went to jail for being obtuse. :) (Not yet).
Thanks again for your help.
Best,
Lawrence
-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Gudge Teresa (AVON AND WILTSHIRE MENTAL HEALTH PARTNERSHIP NHS TRUST)
Sent: 23 April 2014 15:35
To: [log in to unmask]
Subject: Re: Would you disclose even though the law does not compel you to disclose?
Hello All
I put your question to our Health and Social Care Records Manager and she came back with the following :
My immediate reaction is no to disclosure.
Firstly you don't know what the family dynamics have been between parent and child. What has the parent stated about disclosure. If they had capacity at the start of their care and didn't at the end, can a judgement be made as to whether the child was involved in the care and the parent would have wanted the child to have access. These are considerations.
The social work access - Where there is information sharing protocols in place, I would be seeking to obtain some form of communication from social services. Although if the information is held within the record and care/ data has resulted from those documents, then I would still be making them aware of a request but it may be considered that we are the controller and not the processor in this instance. This would also need to be considered.
The requester could seek probate through the court and given the right of access is granted on this basis but this would follow a legal process in its self.
If you go down the complaint route, it is to consider whether there is a complaint to answer to. Therefore to weigh up the risk of disclosure to the business against the risk of care failure would need to be investigated. The Ombudsman would not get involved until the complaint procedure had been followed.
As you treat each case on a case by case basis, I would suggest this is not about setting precedents.
I don't believe a deceased person is still a constituent. Constituent is part of a whole i.e. the MP can't act for them if they are no longer living in the sense that they are not able to change by vote. This is an interesting point though!
In all cases you follow the process. If it is felt there are legal implications i.e. there is a case to answer, then I would still wait for a court order.
Teresa Gudge
IT Security Specialist
BCS - ISEB Certificate Information Security Management; BCS - ISEB Data Protection Avon & Wiltshire Mental Health Partnership NHS Trust Bath NHS House, Newbridge Hill, Bath, BA1 3QE
Tel: 01225 731774 Mobile 0782 6953268
[log in to unmask]
www.awp.co.uk
-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Lawrence Serewicz
Sent: Wednesday, April 23, 2014 12:30
To: [log in to unmask]
Subject: [data-protection] Would you disclose even though the law does not compel you to disclose?
Dear All,
Interesting case to consider.
An adult child of person who died in care comes to the organisation and asks for the care records and the health records of the deceased. They are the legal representative of the deceased. They believe there was a failure of care by one or more parties.
They cannot get the information under FOIA (personal data and confidentiality). They cannot get this under DPA. The person is deceased. They can only get half of the records under Access to Health records (Deceased).
They have no immediate legal access to social work files. So can you disclose? Would you disclose?
The applicant could go to court and seek a discovery motion to sue the organisations. Do you pre-empt this by disclosing to them, under a duty of confidence, the care files (with appropriate redactions, if required, of 3rd party data)?
You could treat this as a complaint, but that would not lead to a disclosure of files, it would only lead to an investigation and a judgement about the care or the subject of the complaint. I am not sure the Ombudsman can compel disclosure of records. (Does anyone know if they can?)
As an aside, if an MP asked for the records, would they be able to receive them? Is a deceased person still a constituent? Or is it that the court is the only venue for receiving access to the files?
Do you take the view that no disclosure unless compelled?
If you disclose, have you set a precedent? If you don't disclose do you wait for a court order? Or do you weigh up the likelihood of a court case and what that would entail and pre-empt that by disclosing.
I would be interested in your approach to such a case.
Thanks
Lawrence
________________________________
Help protect our environment by only printing this email if absolutely necessary. The information it contains and any files transmitted with it are confidential and are only intended for the person or organisation to whom it is addressed. It may be unlawful for you to use, share or copy the information, if you are not authorised to do so. If you receive this email by mistake, please inform the person who sent it at the above address and then delete the email from your system. Durham County Council takes reasonable precautions to ensure that its emails are virus free. However, we do not accept responsibility for any losses incurred as a result of viruses we might transmit and recommend that you should use your own virus checking procedures.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
********************************************************************************************************************
This message may contain confidential information. If you are not the intended recipient please inform the sender that you have received the message in error before deleting it.
Please do not disclose, copy or distribute information in this e-mail or take any action in reliance on its contents:
to do so is strictly prohibited and may be unlawful.
Thank you for your co-operation.
NHSmail is the secure email and directory service available for all NHS staff in England and Scotland NHSmail is approved for exchanging patient data and other sensitive information with NHSmail and GSi recipients NHSmail provides an email address for your career in the NHS and can be accessed anywhere
********************************************************************************************************************
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
________________________________
Help protect our environment by only printing this email if absolutely necessary. The information it contains and any files transmitted with it are confidential and are only intended for the person or organisation to whom it is addressed. It may be unlawful for you to use, share or copy the information, if you are not authorised to do so. If you receive this email by mistake, please inform the person who sent it at the above address and then delete the email from your system. Durham County Council takes reasonable precautions to ensure that its emails are virus free. However, we do not accept responsibility for any losses incurred as a result of viruses we might transmit and recommend that you should use your own virus checking procedures.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|