JISCMail - DATA-PROTECTION Archives

As well as delivering the actual treatment, "medical purposes" includes
the management of healthcare services.  As Roland points out, for
patient care reasons there is probably a need to keep a record of the
procedure for a time, plus there are clinical audit needs, and a
management need to keep a record of what was done to whom and when.  You
only have to meet one Schedule 3 condition, so the fact that the patient
no longer consents presumably isn't relevant for first principle
purposes.  They could, of course, seek to exercise their s 10 or 14
rights, but then they would need to show that the processing is likely
to cause substantial damage or distress that the data is inaccurate.

Susan Graham.

University Records Manager
Policy & Planning
University of Edinburgh
Old College
South Bridge 
Edinburgh
EH8 9YL 

Tel: 0131 6514 100

------------------------------

Date:    Tue, 11 Apr 2006 15:53:03 +0100
From:    Duncan Smith <[log in to unmask]>
Subject: Medical Records - deletion

Could I just check something with the list?
 
A patient undergoes treatment at a private hospital, and then
subsequently
requests that clinical records detailing their treatment are destroyed.
 
Their rationale is this:
 
Patient argues that data was processed under schedule 3 'medical
purposes'
(and we believe explicit consent, although this has been questioned)
Following the treatment, the patient suggests that the medical purpose
has
now expired, and the hospital no longer has a legal basis to retain the
detailed records.
 
Supporting this argument, the patient cites the fact that the treatment
was
elective, non-emergency and privately funded.  Once the treatment has
ceased, the patient argues that the relevance of the data to the medical
purpose ceases and should thus not be retained beyond the immediate
treatment.
 
I would be interested in the views of those involved in the provision of
Healthcare, and in particular those who strive to meet the requirements
of a
'registered person' in the Care Standards Act and the requirements of
the
DPA.
 
 
Duncan Smith
 
iCompli Ltd.




^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^



       All archives of messages are stored permanently and are



      available to the world wide web community at large at



      http://www.jiscmail.ac.uk/lists/data-protection.html



      If you wish to leave this list please send the command



       leave data-protection to [log in to unmask]



            All user commands can be found at : -



        http://www.jiscmail.ac.uk/help/commandref.htm



Any queries about sending or receiving message please send to the list owner



              [log in to unmask]



  (all commands go to [log in to unmask] not the list please)



   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^