DPCS Associates on 30 May 2004 at 23:26 said:-
> Have I completely lost the plot? Is this really a data
> protection issue?
It is a DP issue directly relevant to those who are concerned with
disclosure/use issues relating to medical data.
Otherwise personally I perceive it as a more generic but very important
issue covering justificatory cause for principle one compliance when looking
at Schedule 1 or 2 conditions; Hence how to approach any DP matter, what
questions are relevant in that approach and the content of any Code of
Practice.
i.e. Can I collect and use data regarding a persons reading habits or
particular viewpoints for organisational purposes. If that is possible, what
justification could provide legitimacy for that purpose, what restrictions
will exist surrounding that data, and how can the other principles be
effectively implemented to reflect that situation?
My understanding is that answers emanating from the Common law and answers
emanating from Human Rights law can differ, sometimes in fundamental ways:
1. Common law requires individuals to prove they have been harmed after any
event and may need to catch up (Expensive for all involved);
2. Human Rights law requires sufficient cause/reason prior to any personal
data collection and hence before any harm is caused to the data subject.
Human Rights law has a wide international and considered signatory base, so
would seem more widely geographically relevant.
The Common law depends on historical origins and is frequently focused for
various reasons.
I also think the Human Rights law is what is termed 'superior law', so takes
precedence over the Common law. Perhaps one of the lawyers in the group
could confirm/deny that.
Each EU member states ICO's guidance should actually reflect the base set of
laws which they use to formulate their guidance, and hence the eventual
accuracy, effectiveness, scope and resilience of that guidance. Providing
guidance focused on a set of the common law would seem to inevitably leave
any guidance vulnerable and only of restricted use to international
business.
Ian W
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> DPCS Associates
> Sent: 30 May 2004 23:26
> To: [log in to unmask]
> Subject: Re: Disclosure to defence solicitor
>
>
> Have I completely lost the plot? Is this really a data
> protection issue?
> Please help.
>
> Caution, I have lacked group support on similar issues in the past,
> however, it would be great to hear the views of members who
> may or not agree
> with my comments.
>
>
> Freddie
>
>
> ----- Original Message -----
> From: "Rosemary Pattenden" <[log in to unmask]>
> To: <[log in to unmask]>
> Sent: Sunday, May 30, 2004 10:28 AM
> Subject: Re: Disclosure to defence solicitor
>
>
> In Z v Finland (1998) 25 EHRR 371 the European Court of Human
> rights would
> not have upheld a court order that compelled the applicant's
> doctor to give
> evidence of her HIV status in criminal proceedings against
> her husband had
> the questioning taken place in open court:
>
> "The interference with the applicant's private and family
> life which the
> contested orders entailed was thus subject to important
> limitations and was
> accompanied by effective and adequate safeguards against
> abuse" para 103
>
> In the light of this, I think that cross-examination of a
> witness about HIV
> status without first seeking to have the court closed to the
> public and a
> fortiori establishing that the witness actually knows that s/he is HIV
> positive, is an unjustifiable breach of article 8. Counsel
> should not have
> sought to put the questions in the circumstance that he did
> and as soon as
> the question was put to the witness, the judge should have
> stopped counsel
> and had a discussion about the questioning with counsel.
>
> Rosemary Pattenden
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]] On Behalf Of ianwelton
> Sent: 29 May 2004 20:00
> To: [log in to unmask]
> Subject: Re: Disclosure to defence solicitor
>
> Maurice Frankel on 28 May 2004 at 17:53 said:-
>
> > As Ian suggests, the DPA is not the only potential restraint on
> > disclosure in such cases. The more substantial restriction is the
> > common law obligation of confidentiality, which would
> > normally apply to
> > a patient's medical details. Section 35 wouldn't be relevant to that
> > question.
>
> A strange situation when an older frame of law (common law)
> which works by
> exclusion (you can do whatever is not forbidden) should provide more
> substantial restrictions protecting individual privacy where new laws
> (HRA/DPA) ostensibly regulating by inclusion (do not intrude
> into these
> areas without good and specific cause) do not. That would
> seem to indicate
> the DPA fails at the first hurdle in meeting the Directive
> requirements
> where medical records are concerned. :- "1. In accordance with this
> Directive, Member States shall protect the fundamental rights
> and freedoms
> of natural persons, and in particular their right to privacy
> with respect to
> the processing of personal data."
>
> Reverting to the earlier post by DREW Nic on 25 May 2004 at
> 14:12 if the
> common law confidentiality issues and legal procedure rules
> were the only
> protections for the individual when the witness was informed
> they had HIV in
> a witness box, then clearly such procedures and rules are
> inadequate, unless
> of course the solicitors/lawyers did not take notice of them
> or were able to
> claim exemptions for some reason.
>
> > The question of what is necessary for the legal action is really for
> > the court to decide rather than for an NHS body which isn't
> a party to
> > the proceedings. Presumably this would normally be done in
> accordance
> > with the Civil Procedure Rules via a court order.
>
> Does the court no make a determination on relevancy to a case when the
> material is presented to the court, after the solicitors/lawyers have
> collected it and themselves determined if it meets the
> necessary rules?
>
> Ian W
>
>
> > -----Original Message-----
> > From: This list is for those interested in Data Protection
> > issues [mailto:[log in to unmask]] On Behalf Of
> > Maurice Frankel
> > Sent: 28 May 2004 17:53
> > To: [log in to unmask]
> > Subject: Re: Disclosure to defence solicitor
> >
> >
> > As Ian suggests, the DPA is not the only potential restraint on
> > disclosure in such cases. The more substantial restriction is the
> > common law obligation of confidentiality, which would
> > normally apply to
> > a patient's medical details. Section 35 wouldn't be relevant to that
> > question.
> >
> > When you disclose to the patient's own lawyers, you would
> normally be
> > doing so with the patient's consent - so no question of breach of
> > confidence. From what you say, the disclosure seems to have
> > been to the
> > other side's lawyers, and the patient hasn't consented, which does
> > raise the question of breach of confidence.
> >
> > The question of what is necessary for the legal action is really for
> > the court to decide rather than for an NHS body which isn't
> a party to
> > the proceedings. Presumably this would normally be done in
> accordance
> > with the Civil Procedure Rules via a court order.
> >
> > Maurice Frankel
> > Campaign for Freedom of Information
> >
> > On 28 May 2004, at 09:07, Ian Mansbach wrote:
> >
> > >> I have received a complaint from a patient that we have
> > disclosed some
> > >> medical information (relating to an attendance in our A & E
> > >> department) to
> > >> the defence solicitor in a court case in which he is taking legal
> > >> action
> > >> against his former employer.
> > >>
> > >> Have we done wrong here? S35 expemption in the DP Act states that
> > >> personal
> > >> data are exempt from non-disclosure provisions where the
> > disclosure is
> > >> necessary for the purpose of, or in connection with, any legal
> > >> proceedings
> > >> (ncluding prospective legal proceedings).
> > >>
> > >> It seems clear cut to me - but am I being too simplistic here -
> > >> perhaps we
> > >> should not have disclosed to "the opposition", so to speak.
> > >
> > >
> > > John
> > >
> > > I am NOT a a lawyer but my understanding is that a court
> > order is not a
> > > prerequisite when applying the s.35(2) exemption. However,
> > perhaps more
> > > importantly, exemption from the non-disclosure provisions
> of the DPA
> > > does
> > > not mean one is required to disclose. It just means you are not
> > > prohibited
> > > from disclosing by virtue of the non-disclosure provisions
> > of the Act.
> > > One
> > > may have some other - very good - reason(s) for not
> > disclosing personal
> > > data (or at least not without consent or a court order)
> > such as client
> > > or
> > > patient confidentiality.
> > >
> > > Ian Mansbach
> > > Mansbachs
> > > Data Protection Practitioners
> > > [log in to unmask]
> > > phone: 0871 716 5060
> > > international: +44 (871) 716 5060
> > >
> > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > > All archives of messages are stored permanently and are
> > > available to the world wide web community at large at
> > > http://www.jiscmail.ac.uk/lists/data-protection.html
> > > If you wish to leave this list please send the command
> > > leave data-protection to [log in to unmask]
> > > All user commands can be found at : -
> > > http://www.jiscmail.ac.uk/help/commandref.htm
> > > (all commands go to [log in to unmask] not the list please)
> > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > >
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > All archives of messages are stored permanently and are
> > available to the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> > If you wish to leave this list please send the command
> > leave data-protection to [log in to unmask]
> > All user commands can be found at : -
> > http://www.jiscmail.ac.uk/help/commandref.htm
> > (all commands go to [log in to unmask] not the list please)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
