JISCMail - DATA-PROTECTION Archives

They can allege from the reports and potentially from the minutes of a
minuted meeting.  And such allegation may well be sufficient to be the
legitimate grounds to ask for an investigation.

-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Carter, Antoinette
(CCM)
Sent: Wednesday, April 28, 2004 2:04 PM
To: [log in to unmask]
Subject: Re: [data-protection] Identifying an individual

Without having been present at the meeting, which they obviously weren't,
how can they prove, or even be aware of, what was said by whom, and whether
or not it was sufficient information to identify them.

-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Tim Trent
Sent: 28 April 2004 12:59
To: [log in to unmask]
Subject: Re: [data-protection] Identifying an individual

The crux is whether personal identification information was revealed.
It
could be argued that it was, since those with the extra knowledge required
can now identify the individual (cf photographs).  It could be argued that
it was not, which you are seeking to do.

The problem is that the employee has issued a formal complaint, as they have
the right to do.  And the outcome of this will depend in no small way on how
you handle this complaint and on what the employee wants as an outcome of
the complaint.  If they want a simple apology, and will limit their action
to receiving the apology and closing the matter, I suggest you opt for that
route whether you feel in the right or not.

The reason I suggest this is that the employee has legitimate recourse to
pursue this with the UKIC, and it seems to me to be borderline enough for
him to decide to investigate completely.  It always seems to me to be worth
defusing such investigation by pouring oil on waters.

Sickness records are a minefield.  The very fact of sickness, ignoring the
ailment, is sensitive data.




Tim Trent - Consultant
Direct: +44(0)1344 392644 Mobile:+44(0)7710 126618
email: [log in to unmask]
Marketing Improvement Limited, Abbey House, Grenville Place, Bracknell,
United Kingdom, RG12 1BP http://www.marketingimprovement.com



This message is for the intended addressee's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mis-transmission.
If
you receive this message in error, please immediately delete it and all
copies of it from your system, destroy any hard copies of it and notify the
sender. You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended
recipient. Any views expressed in this message are those of the individual
sender, except where the message states otherwise and the sender is
authorised to state them to be the views of any such entity.



-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Brenda Scourfield
Sent: Wednesday, April 28, 2004 9:22 AM
To: [log in to unmask]
Subject: [data-protection] Identifying an individual

During a council meeting a comment was made about an employee who had x
number of days sick leave. The department involved is a very large
department and it is unlikely that they could be identified from this,
except perhaps by their line manager, who wasn't present. No other working
associates were present, merely members. The employee's name was not
disclosed.
However, the employee has now made a complaint that they were identified by
disclosing the number of days sickness. They have also complained that the
Leader of the Council should not have been given this information.
However, LA employees are employed by the members so as our employers I
would say they are entitled to see our attendence records.

I know that you cannot give information which would directly identify
someone - ie the man living at 10, Downing Street complained that etc '....'

Can anyone give me any advice on this or point me to the part of the Act I
can quote to the employee, which states non-identifying data is ok to
disclose.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^