Hi Phil,
I agree, the first example in the document about a second opinion is a bad example as in most cases a second opinion would not be consent based processing. The only basis I can think consent could be used for here is where in the view of the original clinician, the second opinion is beneficial but not necessary? i.e. it can't be processed based on any other processing condition as it hasn't met the necessity test? But that of course raises the issue of whether not realising a potential benefit is by default then causing a 'detriment'?
The second example I read in the document is a research one into dental treatments? I think this is a better consent example, but in reality it depends on whether the conclusion of a research programme has any real benefit to the patient? In many cases the benefit will be for future patients, with arguably limited benefit on current patients. Added to that not all research programmes will need the records of all potential participants? So if a research programme needs 1000 patients if more than 1000 are approached and the keep asking until 1000 have consented, then those who are not consenting are not likely to suffer detriment, but still may get the direct/indirect benefits of the research programme utilising data of those who have consented?
Best regards
Adam
-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Phil Bradshaw
Sent: 12 February 2018 21:29
To: [log in to unmask]
Subject: Re: [data-protection] Friday Question - Consent and Detriment
The simplest answer is that I am wrong and that I do not understand what GDPR means by detriment.
Some support for this appears in the Art 29 guidance http://ec.europa.eu/newsroom/just/document.cfm?doc_id=48849
There are two examples of "explicit consent" in a medical context at the top of page 20. I struggle to see how one can avoid detriment in both cases.
The first relates to a second opinion. If a clinician feels a second opinion is justified, surely there is detriment if "consent" is refused? One could perhaps contrive a scenario where there was not, but that would be a strange way to use an example.
The second example looks even stronger in terms of detriment - at least if the "specific purpose" relates to treatment. If so the purpose must be beneficial (or is could not ethically be proposed) in which case there must be a detriment. If the drafter did not intend to encompass treatment purposes, why did he use a medical example and risk confusing the issue.
If anyone can more easily reconcile these examples with recital 42, and the statements about detriment elsewhere in the guidance (pages 4 and 21) I (and perhaps the NHS?) would be very grateful.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask] All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
********************************************************************************************************************
This message may contain confidential information. If you are not the intended recipient please inform the
sender that you have received the message in error before deleting it.
Please do not disclose, copy or distribute information in this e-mail or take any action in relation to its contents. To do so is strictly prohibited and may be unlawful. Thank you for your co-operation.
NHSmail is the secure email and directory service available for all NHS staff in England and Scotland. NHSmail is approved for exchanging patient data and other sensitive information with NHSmail and other accredited email services.
For more information and to find out how you can switch, https://portal.nhs.net/help/joiningnhsmail
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|