But why do you want to be helpful when there are no benefits and only a cost and risk?. David Wyatt ----- Original Message ----- From: "John Hughes" <[log in to unmask]> To: <[log in to unmask]> Sent: Friday, June 10, 2005 1:23 PM Subject: [data-protection] FW: [data-protection] Disclosure or not? > Just to clarify the situation further, the employer has in fact sent me a > copy of the appointment letter (I'm not going into the rights or wrongs of > his doing this) - I have received it and am responding to his written > request for clarification as to whether or not the appointment took place. > I > have no consent from the patient and do not want to disclose any of their > personal data. However I want to be helpful, mainly because the letter is > quite clearly a fake (no letterhead, hospital address is wrong, plus a > number of other incorrect details). > > Instead perhaps I should reply by simply stating that the consultant in > question does not hold clinics on Fridays ..... another error!!! > > > > > -----Original Message----- > From: Hawley, Graeme [mailto:[log in to unmask]] > Sent: 10 June 2005 13:01 > To: [log in to unmask] > Subject: Re: [data-protection] Disclosure or not? > > > I can put in a request about absolutely anything at all, even the colour > of > your underpants. The point is whether the authority holds the information > and then whether it should be disclosed or withheld. But once a request > is > received by an authority, it must be dealt with by that authority and not > be > batted back to the applicant with the recommendation that they ask someone > else. So in this case, if the employer asks the health board for > information about the attendance or lack of attendance by an employee at > an > appointment, the response from the health board cannot be "we think you > should be discussing this with your truant, not us". However, what the > health board could do, in Scotland anyway, is resort to section 18 of > FOISA > which states that: > > (1) Where, if information existed and was held by a Scottish public > authority, the authority could give a refusal notice under section 16(1) > on > the basis that the information was exempt information by virtue of any of > sections 28 to 35, 39(1) or 41 but the authority considers that to reveal > whether the information exists or is so held would be contrary to the > public > interest, it may (whether or not the information does exist and is held by > it) give the applicant a refusal notice by virtue of this section. > > Freedom of information is fun!! > > > -----Original Message----- > From: This list is for those interested in Data Protection issues > [mailto:[log in to unmask]]On Behalf Of Tim Trent > Sent: 10 June 2005 12:42 > To: [log in to unmask] > Subject: Re: [data-protection] Disclosure or not? > > > Wait! Do you mean YOU can put in an FOI request and see MY hospital > appointment records? > > -----Original Message----- > From: This list is for those interested in Data Protection issues > [mailto:[log in to unmask]] On Behalf Of Hawley, Graeme > Sent: 10 June 2005 12:40 > To: [log in to unmask] > Subject: Re: [data-protection] Disclosure or not? > > I like Margarita and Jethro's responses, and agree that this would be far > more ideal. However, if a request for information is made to a public > authority, then the FOIA / FOI(S)A requires them to provide a response > relating to the information that they hold about that particular issue, > and > does not permit the authority to tell the applicant to go ask elsewhere > instead (even though I do think that that would be a better course of > action). > > Graeme Hawley > National Library of Scotland > > -----Original Message----- > From: This list is for those interested in Data Protection issues > [mailto:[log in to unmask]]On Behalf Of Jethro R Binks > Sent: 10 June 2005 12:35 > To: [log in to unmask] > Subject: Re: [data-protection] Disclosure or not? > > > On Fri, 10 Jun 2005, Tim Trent wrote: > >> And that gives us the problem. Each argument holds water. And since >> each argument holds water there are grounds for a dispute. If the >> dispute is settled in favour of the employee it is likely to be a >> disclosure that has caused damage or distress. >> >> I am considering it to be very specific personal data. It gives >> details to the employer that the employee was allegedly not at an >> appointment with that place in that date. By giving them this data >> about their employee, despite the valid point that it is an "absence >> of data", they now have additional data about that employee. > > It seems to me the solution is rather simpler (or perhaps it's me who is > simple :). > > Why is the employer going behind their employees back on the matter? > Surely they should be discussing this with their employee, and asking them > to furnish proof if they suspect misbehaviour (while being cogniscent of > their employee's right to privacy)? Such proof might take the form of a > letter from the health authority that the employee himself asks to be > written on his behalf - suitably anonymised from features that may > identify > a particular department or service attended (so not from the GUM clinic > specifically, for example). The letter can be checked by employee and > handed to his employer; the employer can then contact the health authority > to check the validity of the letter if necessary. > > This is perhaps a means of implementing your suggestion: > >> The best answer is surely "We require proof that you have the right to >> any information at all about this person and that they permit you to >> have that information before we will give you any information at all. >> You may not interpret this answer as giving you any information of any >> description about that person" > > Jethro. > > >> We are not interest here in any alleged deception by the employee. We >> should only be interested in protecting their rights. Even murderers >> have rights. >> >> _____ >> >> From: Lewis, Chris G. [mailto:[log in to unmask]] >> Sent: 10 June 2005 12:18 >> To: Tim Trent; [log in to unmask] >> Subject: RE: [data-protection] Disclosure or not? >> >> >> I disagree. I think were one to say, as suggested "no-one of that name >> had an appointment", you are not disclosing anything about any >> individual in isolation - "no-one called John Smith was here". I can't >> see that a John Smith could complain that that was an unauthorised >> disclsoure of their personal data. Firstly, I don't think it's >> personal data, and secondly, it would equally be known to a member of >> the public who sat in reception all day as it was to the hospital. >> >> -----Original Message----- >> From: This list is for those interested in Data Protection issues on >> behalf of Tim Trent >> Sent: Fri 10/06/2005 12:14 >> To: [log in to unmask] >> Cc: >> Subject: Re: [data-protection] Disclosure or not? >> >> >> >> I would suggest that disclosing where "someone was not" is a disclosure >> of > >> personal data, and in this case to a third party without authorisation. >> >> What if this person were attending the GUM clinic for an HIV test and has >> absolutely NO desire for his employer (or alleged employer) to know? >> >> They have now also passed data to you, an unauthorised third party, of > their >> >> suspicions of their employee. >> >> My advice? >> >> Avoid. Do not answer without permission form the data subject. >> >> -----Original Message----- >> From: This list is for those interested in Data Protection issues >> [mailto:[log in to unmask]] On Behalf Of John Hughes >> Sent: 10 June 2005 12:09 >> To: [log in to unmask] >> Subject: [data-protection] Disclosure or not? >> >> A question for you: >> >> I have been contacted by a company asking whether or not one of their >> employees had an appointment with us one recent Friday afternoon. They >> suspect that they have been handed a faked appointment letter by the >> employee as proof. >> >> If I replied by simply stating "no one of that name had an appointment > here >> on that date", would I be on safe ground? My rationale is that I am >> disclosing nothing as nothing actually took place. >> >> John Hughes >> DPO >> Mayday Healthcare NHS Trust >> >> >> > =========================================================================== >> This e-mail and any files transmitted with it are confidential. If you >> are > >> not the intended recipient, any reading, printing, storage, disclosure to >> another person, copying or any other action taken in respect of this > e-mail >> is prohibited and may be unlawful. If you are not the intended recipient, >> please notify the sender immediately by using the reply function and then >> permanently delete the email from your inbox. >> >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> All archives of messages are stored permanently and are >> available to the world wide web community at large at >> http://www.jiscmail.ac.uk/lists/data-protection.html >> If you wish to leave this list please send the command >> leave data-protection to [log in to unmask] >> All user commands can be found at : - >> http://www.jiscmail.ac.uk/help/commandref.htm >> Any queries about sending or receiving message please send to the list > owner >> >> [log in to unmask] >> (all commands go to [log in to unmask] not the list please) >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> All archives of messages are stored permanently and are >> available to the world wide web community at large at >> http://www.jiscmail.ac.uk/lists/data-protection.html >> If you wish to leave this list please send the command >> leave data-protection to [log in to unmask] >> All user commands can be found at : - >> http://www.jiscmail.ac.uk/help/commandref.htm >> Any queries about sending or receiving message please send to the list > owner >> >> [log in to unmask] >> (all commands go to [log in to unmask] not the list please) >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> >> >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> All archives of messages are stored permanently and are >> available to the world wide web community at large at >> http://www.jiscmail.ac.uk/lists/data-protection.html >> If you wish to leave this list please send the command >> leave data-protection to [log in to unmask] >> All user commands can be found at : - >> http://www.jiscmail.ac.uk/help/commandref.htm >> Any queries about sending or receiving message please send to the list > owner >> [log in to unmask] >> (all commands go to [log in to unmask] not the list please) >> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ >> > > . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . > . > Jethro R Binks > Computing Officer, IT Services > University Of Strathclyde, Glasgow, UK > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > All archives of messages are stored permanently and are > available to the world wide web community at large at > http://www.jiscmail.ac.uk/lists/data-protection.html > If you wish to leave this list please send the command > leave data-protection to [log in to unmask] > All user commands can be found at : - > http://www.jiscmail.ac.uk/help/commandref.htm > Any queries about sending or receiving message please send to the list > owner > [log in to unmask] > (all commands go to [log in to unmask] not the list please) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > ************************************************************************ > Visit the National Library of Scotland online at www.nls.uk > ************************************************************************ > This communication is intended for the addressee(s) only. If you > are not the intended recipient, please notify the ICT Helpdesk on > +44 131 623 3789 or [log in to unmask] and delete this e-mail. The > statements and opinions expressed in this message are those of the > author and do not necessarily reflect those of the National Library of > Scotland. This message is subject to the Data Protection Act 1998 > and Freedom of Information (Scotland) Act 2002 and has been > scanned by MessageLabs. > ************************************************************************ > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > All archives of messages are stored permanently and are > available to the world wide web community at large at > http://www.jiscmail.ac.uk/lists/data-protection.html > If you wish to leave this list please send the command > leave data-protection to [log in to unmask] > All user commands can be found at : - > http://www.jiscmail.ac.uk/help/commandref.htm > Any queries about sending or receiving message please send to the list > owner > [log in to unmask] > (all commands go to [log in to unmask] not the list please) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > All archives of messages are stored permanently and are > available to the world wide web community at large at > http://www.jiscmail.ac.uk/lists/data-protection.html > If you wish to leave this list please send the command > leave data-protection to [log in to unmask] > All user commands can be found at : - > http://www.jiscmail.ac.uk/help/commandref.htm > Any queries about sending or receiving message please send to the list > owner > [log in to unmask] > (all commands go to [log in to unmask] not the list please) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > ************************************************************************ > Visit the National Library of Scotland online at www.nls.uk > ************************************************************************ > This communication is intended for the addressee(s) only. If you > are not the intended recipient, please notify the ICT Helpdesk on > +44 131 623 3789 or [log in to unmask] and delete this e-mail. The > statements and opinions expressed in this message are those of the > author and do not necessarily reflect those of the National Library of > Scotland. This message is subject to the Data Protection Act 1998 > and Freedom of Information (Scotland) Act 2002 and has been > scanned by MessageLabs. > ************************************************************************ > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > All archives of messages are stored permanently and are > available to the world wide web community at large at > http://www.jiscmail.ac.uk/lists/data-protection.html > If you wish to leave this list please send the command > leave data-protection to [log in to unmask] > All user commands can be found at : - > http://www.jiscmail.ac.uk/help/commandref.htm > Any queries about sending or receiving message please send to the list > owner > [log in to unmask] > (all commands go to [log in to unmask] not the list please) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > =========================================================================== > This e-mail and any files transmitted with it are confidential. If you are > not the intended recipient, any reading, printing, storage, disclosure to > another person, copying or any other action taken in respect of this > e-mail > is prohibited and may be unlawful. If you are not the intended recipient, > please notify the sender immediately by using the reply function and then > permanently delete the email from your inbox. > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > All archives of messages are stored permanently and are > available to the world wide web community at large at > http://www.jiscmail.ac.uk/lists/data-protection.html > If you wish to leave this list please send the command > leave data-protection to [log in to unmask] > All user commands can be found at : - > http://www.jiscmail.ac.uk/help/commandref.htm > Any queries about sending or receiving message please send to the list > owner > [log in to unmask] > (all commands go to [log in to unmask] not the list please) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving message please send to the list owner [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^