JISCMail - DATA-PROTECTION Archives

Paul (et al);

Yes, my main concern here (given that I think option (ii) was always going to be acceptable, if carefully undertaken) is more the apparent conflict between two different strands of legislation. I'm worried that we stand to get in trouble with one or other (potentially) whatever we do.

andrew0

-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]]On Behalf Of Hubert, Paul [STU]
Sent: 09 January 2004 3:30 pm
To: [log in to unmask]
Subject: Re: DPO vs DDA


It's interesting that the original query came from Andrew Okey. The
Lancaster data protection project had some guidance which suggested that it
was legitimate, for example, for a Board of Examiners to make an outcome for
a student conditional on the student attending counselling at the HEI's
service and to seek confirmation from the counselling service that the
student had attended! [Hope I've got that right from memory, Andrew.] This
was something I was rather dubious about - this seems a bit less
contentious.

In relation to Steven's comments, I would (gently) fire the following shots:
(1) this is sensitive data, so additional care is needed in handling it (2)
the relationship between student and institution is not purely contractual,
so the HEI has to consider its role under statute and as a public authority.
I agree that we shouldn't put unnecessary obstacles in the way of making
clear that the institution does offer support and that it would be
legitimate to write back from the team or section carrying out the survey).
However the student may have reasons for not wanting to approach Disability
Support and might be rather put out if the result of a confidential survey
leads to contact from a different part of the organisation about a sensitive
matter when no previous information has been given to suggest that might
happen. Whether that's the legal position ... well, after Durrant, who
knows?!

Paul

> -----Original Message-----
> From: Steven Swinden [SMTP:[log in to unmask]]
> Sent: Friday, January 09, 2004 2:11 PM
> To:   [log in to unmask]
> Subject:      Re: DPO vs DDA
>
> Andrew
>
> You raise a particular example of a general question that I've had for
> some
> time.  I'm tending to the view that in HE the contract between institution
> and student is far broader in terms of organisational activities to be
> provided than we often assume.  These days, the provision of student
> support
> would be seen by many as being as integral as teaching sessions.  Local
> government clearly is constrained by the statutory limits on carrying out
> individual functions, but I don't see why, within a University, the fact
> that certain functions which are part of the contract are performed by
> different organisational units (that it has arbitrarily created) prevents
> sharing of personal data between them.  For security purposes, and as good
> practice, there is clearly a need to control who has access to what, but
> that seems a different matter to internal non-disclosure.
>
> The simple (?) answer to the point about purposes for which the data is
> collected is that it is collected to enable you to fulfill your side of
> the
> contract.
>
> I wait to be shot at!
>
> Steven
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>        All archives of messages are stored permanently and are
>       available to the world wide web community at large at
>       http://www.jiscmail.ac.uk/lists/data-protection.html
>       If you wish to leave this list please send the command
>        leave data-protection to [log in to unmask]
>             All user commands can be found at : -
>         http://www.jiscmail.ac.uk/help/commandref.htm
>   (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^