DPCS Associates on 01 June 2004 at 08:57 said:-
> I really appreciate where you are coming from on this one. I
> simply agree
> with Maurice Frankel that in this instance data protection is not the
> substantive issue, it goes much wider.
We have not disagreed that it is much wider.
There does sound to be some distance between us though on whether it
directly affects DP, and hence is worthy of a fuller debate on this list.
From what you have said you believe it does not, I believe it does.
In my view it seems clearly necessary for DP practitioners to gain a
relatively clear understanding of those elements which will affect them in
their work. Not exploring those issues, even where complex, is fraught with
the danger of misunderstandings and accidents occurring.
There are many areas which DPO's need to be familiar with. Legal
professionals apparently falling foul of confidentiality issues would
indicate a degree of complexity in that area. But it behoves DPO's to at
least gain some understanding of the area of the common law of confidence,
and to attempt to learn how and where conflicts between DPA and the common
law of confidence may arise, as well as which law will be given legal
precedence in what circumstances.
Without such an understanding, knowing when to seek further advice to ensure
their data controllers have adequate information enabling an informed choice
to be made will be down to circumstances appertaining after the event.
I do recognise that conceptually privacy itself is a much broader issue, and
one which neither the common law or the DPA fully accommodate, probably due
to human nature.
Ian W
> -----Original Message-----
> From: This list is for those interested in Data Protection
> issues [mailto:[log in to unmask]] On Behalf Of
> DPCS Associates
> Sent: 01 June 2004 08:57
> To: [log in to unmask]
> Subject: Disclosure to Defence Solicitor
>
>
> Dear Ian
>
> I really appreciate where you are coming from on this one. I
> simply agree
> with Maurice Frankel that in this instance data protection is not the
> substantive issue, it goes much wider.
>
> Regards
>
> Freddie
> ----- Original Message -----
> From: "ianwelton" <[log in to unmask]>
> To: <[log in to unmask]>
> Sent: Monday, May 31, 2004 11:40 AM
> Subject: Re: Disclosure to defence solicitor
>
>
> DPCS Associates on 30 May 2004 at 23:26 said:-
>
> > Have I completely lost the plot? Is this really a data
> > protection issue?
>
> It is a DP issue directly relevant to those who are concerned with
> disclosure/use issues relating to medical data.
>
> Otherwise personally I perceive it as a more generic but very
> important
> issue covering justificatory cause for principle one
> compliance when looking
> at Schedule 1 or 2 conditions; Hence how to approach any DP
> matter, what
> questions are relevant in that approach and the content of any Code of
> Practice.
>
> i.e. Can I collect and use data regarding a persons reading habits or
> particular viewpoints for organisational purposes. If that is
> possible, what
> justification could provide legitimacy for that purpose, what
> restrictions
> will exist surrounding that data, and how can the other principles be
> effectively implemented to reflect that situation?
>
>
> My understanding is that answers emanating from the Common
> law and answers
> emanating from Human Rights law can differ, sometimes in
> fundamental ways:
>
> 1. Common law requires individuals to prove they have been
> harmed after any
> event and may need to catch up (Expensive for all involved);
>
> 2. Human Rights law requires sufficient cause/reason prior to
> any personal
> data collection and hence before any harm is caused to the
> data subject.
>
> Human Rights law has a wide international and considered
> signatory base, so
> would seem more widely geographically relevant.
> The Common law depends on historical origins and is
> frequently focused for
> various reasons.
>
> I also think the Human Rights law is what is termed 'superior
> law', so takes
> precedence over the Common law. Perhaps one of the lawyers
> in the group
> could confirm/deny that.
>
> Each EU member states ICO's guidance should actually reflect
> the base set of
> laws which they use to formulate their guidance, and hence
> the eventual
> accuracy, effectiveness, scope and resilience of that
> guidance. Providing
> guidance focused on a set of the common law would seem to
> inevitably leave
> any guidance vulnerable and only of restricted use to international
> business.
>
>
> Ian W
>
> > -----Original Message-----
> > From: This list is for those interested in Data Protection
> > issues [mailto:[log in to unmask]] On Behalf Of
> > DPCS Associates
> > Sent: 30 May 2004 23:26
> > To: [log in to unmask]
> > Subject: Re: Disclosure to defence solicitor
> >
> >
> > Have I completely lost the plot? Is this really a data
> > protection issue?
> > Please help.
> >
> > Caution, I have lacked group support on similar issues in the past,
> > however, it would be great to hear the views of members who
> > may or not agree
> > with my comments.
> >
> >
> > Freddie
> >
> >
> > ----- Original Message -----
> > From: "Rosemary Pattenden" <[log in to unmask]>
> > To: <[log in to unmask]>
> > Sent: Sunday, May 30, 2004 10:28 AM
> > Subject: Re: Disclosure to defence solicitor
> >
> >
> > In Z v Finland (1998) 25 EHRR 371 the European Court of Human
> > rights would
> > not have upheld a court order that compelled the applicant's
> > doctor to give
> > evidence of her HIV status in criminal proceedings against
> > her husband had
> > the questioning taken place in open court:
> >
> > "The interference with the applicant's private and family
> > life which the
> > contested orders entailed was thus subject to important
> > limitations and was
> > accompanied by effective and adequate safeguards against
> > abuse" para 103
> >
> > In the light of this, I think that cross-examination of a
> > witness about HIV
> > status without first seeking to have the court closed to the
> > public and a
> > fortiori establishing that the witness actually knows that
> s/he is HIV
> > positive, is an unjustifiable breach of article 8. Counsel
> > should not have
> > sought to put the questions in the circumstance that he did
> > and as soon as
> > the question was put to the witness, the judge should have
> > stopped counsel
> > and had a discussion about the questioning with counsel.
> >
> > Rosemary Pattenden
> >
> > -----Original Message-----
> > From: This list is for those interested in Data Protection issues
> > [mailto:[log in to unmask]] On Behalf Of ianwelton
> > Sent: 29 May 2004 20:00
> > To: [log in to unmask]
> > Subject: Re: Disclosure to defence solicitor
> >
> > Maurice Frankel on 28 May 2004 at 17:53 said:-
> >
> > > As Ian suggests, the DPA is not the only potential restraint on
> > > disclosure in such cases. The more substantial restriction is the
> > > common law obligation of confidentiality, which would
> > > normally apply to
> > > a patient's medical details. Section 35 wouldn't be
> relevant to that
> > > question.
> >
> > A strange situation when an older frame of law (common law)
> > which works by
> > exclusion (you can do whatever is not forbidden) should provide more
> > substantial restrictions protecting individual privacy
> where new laws
> > (HRA/DPA) ostensibly regulating by inclusion (do not intrude
> > into these
> > areas without good and specific cause) do not. That would
> > seem to indicate
> > the DPA fails at the first hurdle in meeting the Directive
> > requirements
> > where medical records are concerned. :- "1. In accordance with this
> > Directive, Member States shall protect the fundamental rights
> > and freedoms
> > of natural persons, and in particular their right to privacy
> > with respect to
> > the processing of personal data."
> >
> > Reverting to the earlier post by DREW Nic on 25 May 2004 at
> > 14:12 if the
> > common law confidentiality issues and legal procedure rules
> > were the only
> > protections for the individual when the witness was informed
> > they had HIV in
> > a witness box, then clearly such procedures and rules are
> > inadequate, unless
> > of course the solicitors/lawyers did not take notice of them
> > or were able to
> > claim exemptions for some reason.
> >
> > > The question of what is necessary for the legal action is
> really for
> > > the court to decide rather than for an NHS body which isn't
> > a party to
> > > the proceedings. Presumably this would normally be done in
> > accordance
> > > with the Civil Procedure Rules via a court order.
> >
> > Does the court no make a determination on relevancy to a
> case when the
> > material is presented to the court, after the
> solicitors/lawyers have
> > collected it and themselves determined if it meets the
> > necessary rules?
> >
> > Ian W
> >
> >
> > > -----Original Message-----
> > > From: This list is for those interested in Data Protection
> > > issues [mailto:[log in to unmask]] On Behalf Of
> > > Maurice Frankel
> > > Sent: 28 May 2004 17:53
> > > To: [log in to unmask]
> > > Subject: Re: Disclosure to defence solicitor
> > >
> > >
> > > As Ian suggests, the DPA is not the only potential restraint on
> > > disclosure in such cases. The more substantial restriction is the
> > > common law obligation of confidentiality, which would
> > > normally apply to
> > > a patient's medical details. Section 35 wouldn't be
> relevant to that
> > > question.
> > >
> > > When you disclose to the patient's own lawyers, you would
> > normally be
> > > doing so with the patient's consent - so no question of breach of
> > > confidence. From what you say, the disclosure seems to have
> > > been to the
> > > other side's lawyers, and the patient hasn't consented, which does
> > > raise the question of breach of confidence.
> > >
> > > The question of what is necessary for the legal action is
> really for
> > > the court to decide rather than for an NHS body which isn't
> > a party to
> > > the proceedings. Presumably this would normally be done in
> > accordance
> > > with the Civil Procedure Rules via a court order.
> > >
> > > Maurice Frankel
> > > Campaign for Freedom of Information
> > >
> > > On 28 May 2004, at 09:07, Ian Mansbach wrote:
> > >
> > > >> I have received a complaint from a patient that we have
> > > disclosed some
> > > >> medical information (relating to an attendance in our A & E
> > > >> department) to
> > > >> the defence solicitor in a court case in which he is
> taking legal
> > > >> action
> > > >> against his former employer.
> > > >>
> > > >> Have we done wrong here? S35 expemption in the DP Act
> states that
> > > >> personal
> > > >> data are exempt from non-disclosure provisions where the
> > > disclosure is
> > > >> necessary for the purpose of, or in connection with, any legal
> > > >> proceedings
> > > >> (ncluding prospective legal proceedings).
> > > >>
> > > >> It seems clear cut to me - but am I being too simplistic here -
> > > >> perhaps we
> > > >> should not have disclosed to "the opposition", so to speak.
> > > >
> > > >
> > > > John
> > > >
> > > > I am NOT a a lawyer but my understanding is that a court
> > > order is not a
> > > > prerequisite when applying the s.35(2) exemption. However,
> > > perhaps more
> > > > importantly, exemption from the non-disclosure provisions
> > of the DPA
> > > > does
> > > > not mean one is required to disclose. It just means you are not
> > > > prohibited
> > > > from disclosing by virtue of the non-disclosure provisions
> > > of the Act.
> > > > One
> > > > may have some other - very good - reason(s) for not
> > > disclosing personal
> > > > data (or at least not without consent or a court order)
> > > such as client
> > > > or
> > > > patient confidentiality.
> > > >
> > > > Ian Mansbach
> > > > Mansbachs
> > > > Data Protection Practitioners
> > > > [log in to unmask]
> > > > phone: 0871 716 5060
> > > > international: +44 (871) 716 5060
> > > >
> > > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > > > All archives of messages are stored permanently and are
> > > > available to the world wide web community at large at
> > > > http://www.jiscmail.ac.uk/lists/data-protection.html
> > > > If you wish to leave this list please send the command
> > > > leave data-protection to [log in to unmask]
> > > > All user commands can be found at : -
> > > > http://www.jiscmail.ac.uk/help/commandref.htm
> > > > (all commands go to [log in to unmask] not the
> list please)
> > > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > > >
> > >
> > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > > All archives of messages are stored permanently and are
> > > available to the world wide web community at large at
> > > http://www.jiscmail.ac.uk/lists/data-protection.html
> > > If you wish to leave this list please send the command
> > > leave data-protection to [log in to unmask]
> > > All user commands can be found at : -
> > > http://www.jiscmail.ac.uk/help/commandref.htm
> > > (all commands go to [log in to unmask] not the list please)
> > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > >
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > All archives of messages are stored permanently and are
> > available to the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> > If you wish to leave this list please send the command
> > leave data-protection to [log in to unmask]
> > All user commands can be found at : -
> > http://www.jiscmail.ac.uk/help/commandref.htm
> > (all commands go to [log in to unmask] not the list please)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > All archives of messages are stored permanently and are
> > available to the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> > If you wish to leave this list please send the command
> > leave data-protection to [log in to unmask]
> > All user commands can be found at : -
> > http://www.jiscmail.ac.uk/help/commandref.htm
> > (all commands go to [log in to unmask] not the list please)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> > All archives of messages are stored permanently and are
> > available to the world wide web community at large at
> > http://www.jiscmail.ac.uk/lists/data-protection.html
> > If you wish to leave this list please send the command
> > leave data-protection to [log in to unmask]
> > All user commands can be found at : -
> > http://www.jiscmail.ac.uk/help/commandref.htm
> > (all commands go to [log in to unmask] not the list please)
> > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>
> This communication is intended for the person(s) or company
> named aboved, and may be confidential, legally privileged and
> protected in law. Unauthorised disclosure or copying of this
> information may be unlawful. If you receive this
> communication in error please contact the sender immediately
> and delete the material from any computer
>
> The information contained in this communication does not
> replace or negate the need for legal advice. We offer no
> statements regarding the legal acceptability of the
> information contained in this communication.
>
> 028 9261 3064
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
