JISCMail - DATA-PROTECTION Archives

What does the change have on their legal status? Are they classed as a "New
individual" or are they still classed under their original status?

Maybe you should consider following the same practice as either the criminal
records bureau, or the national health, but I don't know what either of
those would be.


-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Tim Trent
Sent: 16 January 2006 15:41
To: [log in to unmask]
Subject: Re: [data-protection] Request for advice - DPA vs Gender
Recognition Act

Logic suggests this be treated like nationality.  What do you do if the
individual changes nationality? 

-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Emma Bothamley
Sent: 16 January 2006 15:30
To: [log in to unmask]
Subject: [data-protection] Request for advice - DPA vs Gender Recognition
Act

Dear all,

Question on the Gender Recognition Act.  What should we do if we receive
notice from one of our customers that they have swapped gender?  How should
we go about capturing the information for that individual on our systems to
ensure compliance with the Gender Recognition Act and DPA?  Should we:

   Remove all reference to the individual's original gender from all our
   computer systems?
   Set up a new computer record for the individual, linked to the old one,
   thereby ensuring there was an audit of trail of when genders changed?
   Make a note on the system that the individual has changed gender, update
   their new name and salutation but leave the underlying record unchanged?

The view here is that we should ensure that all our computer records show
the new acquired gender and name for the individual concerned.  Their view
is that all records would need to be amended, rather than just putting a
note on the system.  This is because it is always open to the individual to
make a SAR.  If a SAR was made, we would need to disclose all information
about that person.  If our records still showed the original name and
gender, even for audit trail purposes, this could be a breach of the Data
Protection Act for failing to ensure that we maintain accurate information
on our records.

I'm not sure I agree with this.  As we are a Life Assurance company, I would
have thought it would be necessary and legitimate to keep some
historical record of the previous gender.   I was wondering how others were
approaching this issue?

I'd be grateful for your views / comments / thoughts.

Many thanks in advance,
Emma



Emma Bothamley
Data Protection Consultant

01733 471226

[log in to unmask]


Pearl Group Ltd No.05282342 and Pearl Group Services Ltd  No. 05549998. The
following companies are subsidiary companies of Pearl Group Ltd and are
authorised and regulated by the Financial Services Authority:  Pearl
Assurance plc No. 1419, Pearl Assurance (Unit Funds) Ltd No. 1027138, Pearl
Assurance (Unit Linked Pensions) Ltd No. 1122485, Pearl ISA Ltd No. 3597973,
London Life Ltd No. 1179800, London Life Linked Assurances Ltd No. 1396188,
NPI Ltd No. 3725037, National Provident Life Ltd No. 3641947, UKLS Financial
Services Ltd No. 3715118.  All companies are registered in England at The
Pearl Centre, Lynch Wood, Peterborough PE2 6FY. Tel. 01733 470470. We may
record or monitor telephone calls to improve service and for our mutual
protection.

The information in this e-mail is confidential and may be legally
privileged. It is intended solely for the addressee and access to this
e-mail by anyone else is unauthorised. Although this message and any
attachments are believed to be free of any virus or other defect that might
affect any computer system into which it is received and opened, it is the
responsibility of the recipient to ensure that it is virus free and no
responsibility is accepted by any of the companies of Pearl Group Limited
for any loss or damage in any way arising from its use.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

-- 
This message has been scanned for viruses and dangerous
content by the NorMAN MailScanner Service and is believed
to be clean.

The NorMAN MailScanner Service is operated by Information
Systems and Services, University of Newcastle upon Tyne.


====
This e-mail is intended solely for the addressee. It may contain private and
confidential information. If you are not the intended addressee, please take
no action based on it nor show a copy to anyone. Please reply to this e-mail
to highlight the error. You should also be aware that all electronic mail
from, to, or within Northumbria University may be the subject of a request
under the Freedom of Information Act 2000 and related legislation, and
therefore may be required to be disclosed to third parties.
This e-mail and attachments have been scanned for viruses prior to leaving
Northumbria University. Northumbria University will not be liable for any
losses as a result of any viruses being passed on.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
        http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
              [log in to unmask]
  (all commands go to [log in to unmask] not the list please)
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^