But why do you want to be helpful when there are no benefits and only a cost
and risk?.
David Wyatt
----- Original Message -----
From: "John Hughes" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Friday, June 10, 2005 1:23 PM
Subject: [data-protection] FW: [data-protection] Disclosure or not?
> Just to clarify the situation further, the employer has in fact sent me a
> copy of the appointment letter (I'm not going into the rights or wrongs of
> his doing this) - I have received it and am responding to his written
> request for clarification as to whether or not the appointment took place.
> I
> have no consent from the patient and do not want to disclose any of their
> personal data. However I want to be helpful, mainly because the letter is
> quite clearly a fake (no letterhead, hospital address is wrong, plus a
> number of other incorrect details).
>
> Instead perhaps I should reply by simply stating that the consultant in
> question does not hold clinics on Fridays ..... another error!!!
>
>
>
>
> -----Original Message-----
> From: Hawley, Graeme [mailto:[log in to unmask]]
> Sent: 10 June 2005 13:01
> To: [log in to unmask]
> Subject: Re: [data-protection] Disclosure or not?
>
>
> I can put in a request about absolutely anything at all, even the colour
> of
> your underpants. The point is whether the authority holds the information
> and then whether it should be disclosed or withheld. But once a request
> is
> received by an authority, it must be dealt with by that authority and not
> be
> batted back to the applicant with the recommendation that they ask someone
> else. So in this case, if the employer asks the health board for
> information about the attendance or lack of attendance by an employee at
> an
> appointment, the response from the health board cannot be "we think you
> should be discussing this with your truant, not us". However, what the
> health board could do, in Scotland anyway, is resort to section 18 of
> FOISA
> which states that:
>
> (1) Where, if information existed and was held by a Scottish public
> authority, the authority could give a refusal notice under section 16(1)
> on
> the basis that the information was exempt information by virtue of any of
> sections 28 to 35, 39(1) or 41 but the authority considers that to reveal
> whether the information exists or is so held would be contrary to the
> public
> interest, it may (whether or not the information does exist and is held by
> it) give the applicant a refusal notice by virtue of this section.
>
> Freedom of information is fun!!
>
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]]On Behalf Of Tim Trent
> Sent: 10 June 2005 12:42
> To: [log in to unmask]
> Subject: Re: [data-protection] Disclosure or not?
>
>
> Wait! Do you mean YOU can put in an FOI request and see MY hospital
> appointment records?
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]] On Behalf Of Hawley, Graeme
> Sent: 10 June 2005 12:40
> To: [log in to unmask]
> Subject: Re: [data-protection] Disclosure or not?
>
> I like Margarita and Jethro's responses, and agree that this would be far
> more ideal. However, if a request for information is made to a public
> authority, then the FOIA / FOI(S)A requires them to provide a response
> relating to the information that they hold about that particular issue,
> and
> does not permit the authority to tell the applicant to go ask elsewhere
> instead (even though I do think that that would be a better course of
> action).
>
> Graeme Hawley
> National Library of Scotland
>
> -----Original Message-----
> From: This list is for those interested in Data Protection issues
> [mailto:[log in to unmask]]On Behalf Of Jethro R Binks
> Sent: 10 June 2005 12:35
> To: [log in to unmask]
> Subject: Re: [data-protection] Disclosure or not?
>
>
> On Fri, 10 Jun 2005, Tim Trent wrote:
>
>> And that gives us the problem. Each argument holds water. And since
>> each argument holds water there are grounds for a dispute. If the
>> dispute is settled in favour of the employee it is likely to be a
>> disclosure that has caused damage or distress.
>>
>> I am considering it to be very specific personal data. It gives
>> details to the employer that the employee was allegedly not at an
>> appointment with that place in that date. By giving them this data
>> about their employee, despite the valid point that it is an "absence
>> of data", they now have additional data about that employee.
>
> It seems to me the solution is rather simpler (or perhaps it's me who is
> simple :).
>
> Why is the employer going behind their employees back on the matter?
> Surely they should be discussing this with their employee, and asking them
> to furnish proof if they suspect misbehaviour (while being cogniscent of
> their employee's right to privacy)? Such proof might take the form of a
> letter from the health authority that the employee himself asks to be
> written on his behalf - suitably anonymised from features that may
> identify
> a particular department or service attended (so not from the GUM clinic
> specifically, for example). The letter can be checked by employee and
> handed to his employer; the employer can then contact the health authority
> to check the validity of the letter if necessary.
>
> This is perhaps a means of implementing your suggestion:
>
>> The best answer is surely "We require proof that you have the right to
>> any information at all about this person and that they permit you to
>> have that information before we will give you any information at all.
>> You may not interpret this answer as giving you any information of any
>> description about that person"
>
> Jethro.
>
>
>> We are not interest here in any alleged deception by the employee. We
>> should only be interested in protecting their rights. Even murderers
>> have rights.
>>
>> _____
>>
>> From: Lewis, Chris G. [mailto:[log in to unmask]]
>> Sent: 10 June 2005 12:18
>> To: Tim Trent; [log in to unmask]
>> Subject: RE: [data-protection] Disclosure or not?
>>
>>
>> I disagree. I think were one to say, as suggested "no-one of that name
>> had an appointment", you are not disclosing anything about any
>> individual in isolation - "no-one called John Smith was here". I can't
>> see that a John Smith could complain that that was an unauthorised
>> disclsoure of their personal data. Firstly, I don't think it's
>> personal data, and secondly, it would equally be known to a member of
>> the public who sat in reception all day as it was to the hospital.
>>
>> -----Original Message-----
>> From: This list is for those interested in Data Protection issues on
>> behalf of Tim Trent
>> Sent: Fri 10/06/2005 12:14
>> To: [log in to unmask]
>> Cc:
>> Subject: Re: [data-protection] Disclosure or not?
>>
>>
>>
>> I would suggest that disclosing where "someone was not" is a disclosure
>> of
>
>> personal data, and in this case to a third party without authorisation.
>>
>> What if this person were attending the GUM clinic for an HIV test and has
>> absolutely NO desire for his employer (or alleged employer) to know?
>>
>> They have now also passed data to you, an unauthorised third party, of
> their
>>
>> suspicions of their employee.
>>
>> My advice?
>>
>> Avoid. Do not answer without permission form the data subject.
>>
>> -----Original Message-----
>> From: This list is for those interested in Data Protection issues
>> [mailto:[log in to unmask]] On Behalf Of John Hughes
>> Sent: 10 June 2005 12:09
>> To: [log in to unmask]
>> Subject: [data-protection] Disclosure or not?
>>
>> A question for you:
>>
>> I have been contacted by a company asking whether or not one of their
>> employees had an appointment with us one recent Friday afternoon. They
>> suspect that they have been handed a faked appointment letter by the
>> employee as proof.
>>
>> If I replied by simply stating "no one of that name had an appointment
> here
>> on that date", would I be on safe ground? My rationale is that I am
>> disclosing nothing as nothing actually took place.
>>
>> John Hughes
>> DPO
>> Mayday Healthcare NHS Trust
>>
>>
>>
> ===========================================================================
>> This e-mail and any files transmitted with it are confidential. If you
>> are
>
>> not the intended recipient, any reading, printing, storage, disclosure to
>> another person, copying or any other action taken in respect of this
> e-mail
>> is prohibited and may be unlawful. If you are not the intended recipient,
>> please notify the sender immediately by using the reply function and then
>> permanently delete the email from your inbox.
>>
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> All archives of messages are stored permanently and are
>> available to the world wide web community at large at
>> http://www.jiscmail.ac.uk/lists/data-protection.html
>> If you wish to leave this list please send the command
>> leave data-protection to [log in to unmask]
>> All user commands can be found at : -
>> http://www.jiscmail.ac.uk/help/commandref.htm
>> Any queries about sending or receiving message please send to the list
> owner
>>
>> [log in to unmask]
>> (all commands go to [log in to unmask] not the list please)
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> All archives of messages are stored permanently and are
>> available to the world wide web community at large at
>> http://www.jiscmail.ac.uk/lists/data-protection.html
>> If you wish to leave this list please send the command
>> leave data-protection to [log in to unmask]
>> All user commands can be found at : -
>> http://www.jiscmail.ac.uk/help/commandref.htm
>> Any queries about sending or receiving message please send to the list
> owner
>>
>> [log in to unmask]
>> (all commands go to [log in to unmask] not the list please)
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>
>>
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> All archives of messages are stored permanently and are
>> available to the world wide web community at large at
>> http://www.jiscmail.ac.uk/lists/data-protection.html
>> If you wish to leave this list please send the command
>> leave data-protection to [log in to unmask]
>> All user commands can be found at : -
>> http://www.jiscmail.ac.uk/help/commandref.htm
>> Any queries about sending or receiving message please send to the list
> owner
>> [log in to unmask]
>> (all commands go to [log in to unmask] not the list please)
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>
>
> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
> .
> Jethro R Binks
> Computing Officer, IT Services
> University Of Strathclyde, Glasgow, UK
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list
> owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ************************************************************************
> Visit the National Library of Scotland online at www.nls.uk
> ************************************************************************
> This communication is intended for the addressee(s) only. If you
> are not the intended recipient, please notify the ICT Helpdesk on
> +44 131 623 3789 or [log in to unmask] and delete this e-mail. The
> statements and opinions expressed in this message are those of the
> author and do not necessarily reflect those of the National Library of
> Scotland. This message is subject to the Data Protection Act 1998
> and Freedom of Information (Scotland) Act 2002 and has been
> scanned by MessageLabs.
> ************************************************************************
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list
> owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list
> owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ************************************************************************
> Visit the National Library of Scotland online at www.nls.uk
> ************************************************************************
> This communication is intended for the addressee(s) only. If you
> are not the intended recipient, please notify the ICT Helpdesk on
> +44 131 623 3789 or [log in to unmask] and delete this e-mail. The
> statements and opinions expressed in this message are those of the
> author and do not necessarily reflect those of the National Library of
> Scotland. This message is subject to the Data Protection Act 1998
> and Freedom of Information (Scotland) Act 2002 and has been
> scanned by MessageLabs.
> ************************************************************************
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list
> owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>
> ===========================================================================
> This e-mail and any files transmitted with it are confidential. If you are
> not the intended recipient, any reading, printing, storage, disclosure to
> another person, copying or any other action taken in respect of this
> e-mail
> is prohibited and may be unlawful. If you are not the intended recipient,
> please notify the sender immediately by using the reply function and then
> permanently delete the email from your inbox.
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]
> All user commands can be found at : -
> http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving message please send to the list
> owner
> [log in to unmask]
> (all commands go to [log in to unmask] not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
