My own view is that there is no doubt as to the status of consultants under
the Act.
Legally, consultants are 'independent contractors', not employees. My law
lecturers many years ago explained the difference quite simply: an employee
is employed under a contract of service; an independent contractor under a
contract FOR SERVICES.
Thus, external consultants brought in by a University to advise, say, on
appropriate staffing structures, and who process personal data on behalf of
the University, are quite clearly 'data processors' within the Act, and the
security requirements of the Seventh DP Principle must apply.
Michael Jacoby
Data Protection Project Manager
University of Northumbria at Newcastle
> ----------
> From: [log in to unmask][SMTP:[log in to unmask]]
> Reply To: [log in to unmask]
> Sent: 13 October 1999 10:48
> To: [log in to unmask]
> Subject: Data Processors
>
> The definition of data processors under the '98 Act excludes employees of
> the of the data controller. The question arose in my mind as to whether
> consultants are employees for this purpose or whether they are processors
> and if the latter whether we should be incorporating specific clauses in
> their contracts about security. We would expect them to take the same care
> as employees but is there a higher duty imposed on us?
> The DPR's office suggest writing in to their legal department which I am
> doing(and will report back).
> It seems that the numbers of consultancy contracts are growing in some
> areas and that the group may be one where dp awareness may need to be
> raised?
> Gail Waters
> DP Coordinator
> Open University
>
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
|