Cor, that’s full of errors...!
(For starters: “General Data Protection Regulation as Implemented by the
Data Protection Act 2018”).
Jon Baines,
Chair,
NADPO
> On 17 Oct 2018, at 14:21, Harvey Andrew (Western Sussex Hospitals) <[log in to unmask]> wrote:
>
> Have you seen this guidance on reporting written by NHS Digital?
>
> https://www.dsptoolkit.nhs.uk/Help/29
>
> Kind regards,
> Andrew.
>
> New Data Protection legislation arrived on 25 May 2018! For more information click here.
>
>
> Andrew Harvey AMIRMS, PG Cert (DP and IG)
> Head of Information Governance / Data Protection Officer
> Chair, Sussex-Wide Information Governance Group
> Chair, National Health and Social Care Strategic Information Governance Network
>
> Brighton & Sussex University Hospitals Trust
> Western Sussex Hospitals NHS Foundation Trust
> Worthing Hospital, Lyndhurst Road, Worthing, West Sussex, BN11 2DH
> Tel 01903 205111 x84508
> Mob 07900 736922
> Email for BSUH business [log in to unmask]
> Email for WSHFT business [log in to unmask]
> NHSmail [log in to unmask]
> If unavailable [log in to unmask]
> Is your Information Governance Mandatory Training up to date? If not, click here.
>
> www.westernsussexhospitals.nhs.uk
> The information contained in this e-mail may be subject to public disclosure under the NHS Code of Openness or the Freedom of Information Act 2000.
> Any processing, redistribution, disclosure, or reproduction of this message, except as intended is prohibited. Unless the information is legally exempt from disclosure, the confidentiality of this e-mail and your reply cannot be guaranteed.
> If you received this e-mail in error, please notify the sender and remove all copies of the message, including any attachments. Any views or opinions expressed in this e-mail (unless otherwise stated) may not represent those of Western Sussex Hospitals NHS Foundation Trust.
> E-mails are not considered a secure medium for sending personal, sensitive or confidential information outside the Trust network unless encrypted and may therefore be at risk.
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Speirs, Seth
> Sent: 16 October 2018 15:52
> To: [log in to unmask]
> Subject: Re: [data-protection] Notifiable breach - straw poll
>
> In the words of the GDPR you have to be able to demonstrate a risk to the individuals rights and freedoms.
>
> On the face of it I would say no as the disclosure was limited and additionally one could argue that despite it being medical data it does not necessarily cause any significant detriment to the subject.
>
> However there are any number of additional factors that could change that conclusion. For example:
>
> The nature of the disease might call be embarrassing or call into question the morals of the data subject (eg an STD)
> The two John Smith's know each other or at least work in the same place
> The recipient has circulated the information more widely
> John Smith is a well-known public figure
>
> I know John Smith is a placename here but actually you can argue that common names are more difficult to pinpoint to an individual so the amount of detail in the letter allowing the specific John Smith to be identified might also be a factor
>
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Phil Bradshaw
> Sent: 16 October 2018 09:38
> To: [log in to unmask]
> Subject: [data-protection] Notifiable breach - straw poll
>
> Your HR department discovers that a student John Smith may have contracted an infectious disease whilst on an assignment in Africa.
>
> It writes to John setting out its concerns and asking him to contact the medical service before returning to college in October. The letter is sent to the wrong John Smith. John’s condition is not public knowledge.
>
> Is this personal data breach notifiable to the Information Commissioner?
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask] All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
> Any queries about sending or receiving messages please send to the list owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask] describing your needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
> Any queries about sending or receiving messages please send to the list owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask] describing your needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
> Any queries about sending or receiving messages please send to the list owner
> [log in to unmask]
> Full help Desk - please email [log in to unmask] describing your needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|