We will all receive many different forms from organisations requesting employee personal information.
(DSS, Inland Revenue, etc...)
The onus is now on us to make sure that (where there is no mandate from the individual) we satisfy ourselves that a legal framework exists which covers the disclosure. (e.g. I'm currently looking at a Child Support Agency request, CSA form 154, that appears to be covered by the Child Support (Information, Evidence & Disclosure) regulations 1992)
I'm trying to think of a way to make all this practical for our staff.
One possibility would be to create a list of "approved forms".
So an employee receiving a request form could check it against the approved list.
If the form is listed we can disclose. If not we need to check it out first.
Assuming it checks out OK, we make the disclosure, and update the list.
It occurs to me that this must be a universal issue, and I wondered what others had done ?
Is there a simpler way ?
Or maybe another LA has taken this approach and would be willing to share an existing list ?
as usual any guiding comments gratefully received.
Tommy Kennedy
DPO (etc...)
South Ayrshire Council
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
all commands go to [log in to unmask] not the list please!
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
