Probably the overriding concern should be that data is not "excessive" for the purpose for which it is being used. How necessary is it to identify the individual precisely? Or could it simply be "Mandy Hopkins" and no other data on the card except a unique code tied into the IT system that issued it. "If lost please mail to this anonymous address". I still maintain that the media hype about paedophiles is to sell media. But I am not going to bang that drum again :) If the question is "Is it lawful for us to have this data on the card" I think it still comes back to "Excessive data for the purpose". If you can say why it must be there (note the word is "must" not "should" of "is allowed to"), then it is right that it stays. However a driver's licence has full details on it. Later out national ID cards will doubtless have our sexual health and orientation data. If the address goes form the buss pass, then everything similar should go from the nat id plans -----Original Message----- From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of DREW Nic Sent: 25 February 2005 15:18 To: [log in to unmask] Subject: Re: [data-protection] Bus passes I wouldn't have thought that it was necessary to have the child's address on the pass, the school address should suffice? Nic Drew DPO Cardiff and Vale NHS Trust -----Original Message----- From: Brenda Scourfield [mailto:[log in to unmask]] Sent: 25 February 2005 15:11 To: [log in to unmask] Subject: Bus passes Our school bus passes have the child's name and address on the back, together with the route number and school. They only show the front of the pass to the driver. We have been advised to have this removed because of DP issues. I can see the point if the card is lost, and the current worry of paedophiles, but I feel that as the data subject has control of the card and doesn't have to disclose the side with personal details unless they wish to (for any other reason), we are not in the wrong. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving message please send to the list owner [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ----------------------------------------------------------------------- This message is strictly confidential and intended for the person or organisation to whom it is addressed. If you are not the intended recipient of the message then please notify the sender immediately. Any of the statements or comments made above should be regarded as personal and not necessarily those of Cardiff & Vale NHS Trust, any constituent part or connected body. All e-mail sent to or from this address will be processed by Cardiff & Vale NHS Trust's Corporate e-mail system and may be subject to scrutiny by someone other than the addressee. Please be aware that, under the terms of the Freedom of Information Act 2000, Cardiff & Vale NHS Trust may be required to make public the content of any emails or correspondence received. For further information on Freedom of Information, please refer to the Cardiff & Vale NHS Trust website at www.cardiffandvale.wales.nhs.uk Mae'r neges hon yn gyfrinachol. Os nad chi w'r derbynnydd y bwriedid y neges ar ei gyfer, byddwch mor garedig rhoi gwybod i'r anfonydd yn ddi-oed. Dylid ystyried unrhyw ddatganiadau neu sylwadau a wneir uchod yn rhai personol, ac nid o angenrhaid yn rhai o eiddo Ymddiriedolaeth GIG Caerdydd a'r Fro, nac unrhyw ran gyfansoddol ohoni na chorff cysylltiedig. Caiff pob e-bost a anfonir or cyfeiriad hwn ei brosesu gan system e-bost Gorfforaethol Ymddiriedolaeth GIG Caerdydd a'r Fro, a gallai gael ei archwilio gan rai ac eithrio'r sawl a anfonodd y neges. Cofiwch fod yn ymwybodol ei bod yn bosibl y bydd disgwyl i Ymddiriedolaeth GIG Caerdydd a'r Fro roi cyhoeddusrwydd i gynnwys unrhyw ebost neu ohebiaeth a dderbynnir, yn unol ag amodau'r Ddeddf Rhyddid Gwybodaeth 2000. I gael mwy o wybodaeth am Ryddid Gwybodaeth, cofiwch gyfeirio at wefan Ymddiriedolaeth GIG Caerdydd a'r Fro ar www.cardiffandvale.wales.nhs.uk * This message has been processed by the MailGuard Policy Server. * See <http://www.clearswift.com>. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving message please send to the list owner [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at : - http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving message please send to the list owner [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^