In the instance I had there were many 3rd parties mentioned but it is the person giving the statement's views which may or may not be accurate which would also concern me as it could be a vendetta which in the case I had - it was... Hey - this coulod go on and on.... D -----Original Message----- From: [log in to unmask] [mailto:[log in to unmask]] Sent: 05 January 2007 10:01 To: Broom, Doreen; [log in to unmask] Subject: RE: [data-protection] Are 3rd party interview notes personal data ? It's also worth mentioning that 7(4) and 7(6) relate to information about third parties within the document, not provided by the third party as the third party's statement may be about the requestor and not them (the third party). As such 7(4) and 7(6) might not even be applicable! -----Original Message----- From: Broom, Doreen [mailto:[log in to unmask]] Sent: Fri 05 January 2007 09:55 To: Gardiner, Lee; [log in to unmask] Subject: RE: [data-protection] Are 3rd party interview notes personal data ? All I can say is - what about Staff Management purposes and intentions of the employer and the duty owed to the 3rd party. Glad to have stirred up a hornet's nest........... D -----Original Message----- From: [log in to unmask] [mailto:[log in to unmask]] Sent: 05 January 2007 09:53 To: Broom, Doreen; [log in to unmask] Subject: RE: [data-protection] Are 3rd party interview notes personal data ? Information may be 'confidential' but it still doesn't mean that it can be automatically excluded from an access request by virtue of an organisation's policies. It is an inherent expectation in investigations into grievances or disciplinary issues that information will be treated confidentiality however this does still not get over the basic fact that there may be occasions when disclosure is legitimate and necessary as part of an access request, regardless of expectations. A policy is useful in broad terms but each case needs to be taken on its individual merits and disclosure made, or not, accordingly. A blanket policy that stops this flexibility could potentially cause more problems than it solves. The fact is neither 7(4) or 7(6) are legal absolutes and in both cases disclosure remains at the data controller's discretion as there may be occasions when it is reasonable and justified in the circumstances (Gaskin) to disclose information that would be expected to be confidential. It is entirely possible to consider the points raised at 7(4) and 7(6) and still decide to release information to the data subject but as I've already mentioned this needs to be decided on a case by case basis considering the broader circumstances. Just my tuppence for a Friday... And as Doreen said TGIF :) Lee -----Original Message----- From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Broom, Doreen Sent: Fri 05 January 2007 09:26 To: [log in to unmask] Subject: Re: [data-protection] Are 3rd party interview notes personal data ? Sorry but this has been approved by our lawyers. At the point of a person giving a statement about another employee - that employee is told that the information is confidential for the duration of the investigation. Also, if you look at Section 7(4)(b) and thereafter S7(6) - In determining for the purposes of subsection (4)(b) whether it is reasonable in all the circumstances to comply with the request without the consent of the other individual concerned, regard shall be had, in particular to- (a) any duty of confidentiality owed to the other individual (b) any steps taken by the data controller with a view to seeking consent of the other individual (c) whether the other individual is capable of giving consent, and (d) any express refusal of consent by the other individual. You could also claim under Schedule 7 - Miscellaneous exemptions under "Negotiations" - Personal data which consist of records of the intentions of the data controller in relation to any negotiations with the data subject are exempt from the subject information provisions in any case to the extent to which the application of those provisions would be likely to prejudice those negotiations. I suppose we could argue the point until the cows come home but this is how we would treat it. TGIF Doreen -----Original Message----- From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Tim Turner Sent: 05 January 2007 08:25 To: [log in to unmask] Subject: Re: Are 3rd party interview notes personal data ? The crucial issue is the one raised by Paul Ticher i.e. is it personal data? Having a policy is very helpful in terms of ensuring consistency, but that policy can only be framed within the parameters of the law. I may have misunderstood the previous post, but it seemed to imply that you wouldn't let employees have data unless they went to a disciplinary hearing. I don't see how a policy would allow anyone to do this. If an employee asks for personal data, the data is held and it's not exempt, no policy can supersedes Section 7. A data controller cannot arbitrarily say to its employees "you can't have this data until / unless..." - you can charge them a fee, make them prove their identity if you really want to (never succumbed to this temptation with a current employee myself), but I don't see how any policy could prevent subject access. So the question comes back to the beginning - is it personal data? If it isn't, or more importantly, if it is someone else's data, they can't have it unless it's accessible under FOI. I've certainly refused to give a person information in these circumstances, but because I thought that on balance it was data about the interviewee, not the person asking for it. Tim Turner Data Protection / FOI Officer Legal and Property Services Wigan Council -----Original Message----- From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Broom, Doreen Sent: Thu 04 January 2007 17:22 To: [log in to unmask] Subject: Re: [data-protection] Are 3rd party interview notes personal data? I think that if they were formulating an investigation - then the notes must be in one place (probbaly easily identifiable in a file) as someone would have to make a decision eventually and most statements are done electronically anyway. When I did DP when we did not hold all HR records electronically and whenever I had an SAR - sorry we can't oblige as the notes are only held in manual format...we don't want to go there. It surely must be personal data if it is someone making a statement against another member of staff. As I keep banging on - if you have a policy in place and staff are aware then there can be no repercussions. Doreen -----Original Message----- From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Paul Ticher Sent: 04 January 2007 16:58 To: [log in to unmask] Subject: Re: Are 3rd party interview notes personal data? I think you have to establish: 1) Are the notes data? 2) Are the interviewees third parties? 3) If not, does any other exemption from access apply? If the interview notes are held on paper in a working file relating to the grievance and are not part of a system (or are not systematically organised), then in light of Durant they may not be data. Therefore there would be no right of access. Normally an employee is an agent of the Data Controller, not a third party. So you have to establish whether the interviewees are acting on their own account or the organisation's. A colleague giving evidence about an incident might well be acting on their own account (especially perhaps if they had some leeway over whether to participate or not), while a line manager explaining their management of the individual is more likely to be acting in an official capacity. In the latter case the line manager would probably not be a third party, so the third party exemption from access could not apply. In the former case the interviewees could withhold consent to the notes being shown; if this refusal is "reasonable" the notes would be exempt from access. It seems to me unlikely that the 'management forecasts', 'negotiations' or 'legal professional privilege' exemptions from access (see Schedule 7 of the Act) could apply, but it may be worth checking. However, natural justice normally demands that someone should know who is accusing them of what. Even if there is a potential exemption from access, I would have thought you would have to have good grounds on which to deny it. For example you might conclude that providing access could be to the serious detriment of the interviewees and this outweighed the interests of the individual pursuing the grievance in knowing what had been said. Paul Ticher 0116 273 8191 22 Stoughton Drive North, Leicester LE5 5UB I hereby require any recipient of this message not to use my personal data for direct marketing purposes. ----- Original Message ----- From: <[log in to unmask]> To: <[log in to unmask]> Sent: Thursday, January 04, 2007 4:09 PM Subject: Are 3rd party interview notes personal data? > If members of our staff are interviewed in connection with a grievance > concerning another member of staff (A) are the notes of those interviews > classed as A's personal data? In other words, is A entitled to see them? > > Hilary Lawrenson, Data Protection Officer National Probation Service - > South Yorkshire Head Office > 45 Division Street > Sheffield, S1 4GE > > Tel 0114 276 6911 > Fax 0114 276 1967 > ********************************************************************** > This email & any files transmitted with it are private & intended solely > for the use of the individual or entity to whom they are addressed. If you > are not the intended recipient, the e-mail & any attachments have been > transmitted to you in error & any copying, distribution or use of the > information contained in them is strictly prohibited. > > The National Probation Service may monitor the content of the e-mails sent > & received via its network for the purposes of ensuring compliance with > its policies & procedures. > > Any views or opinions presented are only those of the author & not those > of the National Probation Service. > ********************************************************************** > > > > This message has been checked for all email viruses by the Cable & > Wireless Email Protection Service. > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > All archives of messages are stored permanently and are > available to the world wide web community at large at > http://www.jiscmail.ac.uk/lists/data-protection.html > If you wish to leave this list please send the command > leave data-protection to [log in to unmask] All user > commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm > Any queries about sending or receiving messages please send to the list > owner > [log in to unmask] > Full help Desk - please email [log in to unmask] describing your > needs > To receive these emails in HTML format send the command: > SET data-protection HTML to [log in to unmask] > (all commands go to [log in to unmask] not the list please) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving messages please send to the list owner [log in to unmask] Full help Desk - please email [log in to unmask] describing your needs To receive these emails in HTML format send the command: SET data-protection HTML to [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET. On entering the GSI, this email was scanned for viruses by the Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable & Wireless in partnership with MessageLabs. In case of problems, please call your organisational IT Helpdesk. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk ******************************************************************** * This email is privileged, confidential and subject to copyright. * * Any unauthorised use or disclosure of its content is prohibited. * * The views expressed in this communication may not necessarily * * be the views held by Scottish Borders Council. * * Please be aware that any email sent or received by the Council * * may require to be disclosed by the Council under the provisions * * of the Freedom of Information (Scotland) Act 2002. * ******************************************************************** ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving messages please send to the list owner [log in to unmask] Full help Desk - please email [log in to unmask] describing your needs To receive these emails in HTML format send the command: SET data-protection HTML to [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses using Sophos anti-virus software. www.mimesweeper.com www.sophos.com ********************************************************************** ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving messages please send to the list owner [log in to unmask] Full help Desk - please email [log in to unmask] describing your needs To receive these emails in HTML format send the command: SET data-protection HTML to [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET. On entering the GSI, this email was scanned for viruses by the Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable & Wireless in partnership with MessageLabs. In case of problems, please call your organisational IT Helpdesk. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk ******************************************************************** * This email is privileged, confidential and subject to copyright. * * Any unauthorised use or disclosure of its content is prohibited. * * The views expressed in this communication may not necessarily * * be the views held by Scottish Borders Council. * * Please be aware that any email sent or received by the Council * * may require to be disclosed by the Council under the provisions * * of the Freedom of Information (Scotland) Act 2002. * ******************************************************************** ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving messages please send to the list owner [log in to unmask] Full help Desk - please email [log in to unmask] describing your needs To receive these emails in HTML format send the command: SET data-protection HTML to [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET. On entering the GSI, this email was scanned for viruses by the Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable & Wireless in partnership with MessageLabs. In case of problems, please call your organisational IT Helpdesk. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk ******************************************************************** * This email is privileged, confidential and subject to copyright. * * Any unauthorised use or disclosure of its content is prohibited. * * The views expressed in this communication may not necessarily * * be the views held by Scottish Borders Council. * * Please be aware that any email sent or received by the Council * * may require to be disclosed by the Council under the provisions * * of the Freedom of Information (Scotland) Act 2002. * ******************************************************************** PLEASE NOTE: THE ABOVE MESSAGE WAS RECEIVED FROM THE INTERNET. On entering the GSI, this email was scanned for viruses by the Government Secure Intranet (GSi) virus scanning service supplied exclusively by Cable & Wireless in partnership with MessageLabs. In case of problems, please call your organisational IT Helpdesk. The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services. For more information about this please visit www.cctmark.gov.uk ******************************************************************** * This email is privileged, confidential and subject to copyright. * * Any unauthorised use or disclosure of its content is prohibited. * * The views expressed in this communication may not necessarily * * be the views held by Scottish Borders Council. * * Please be aware that any email sent or received by the Council * * may require to be disclosed by the Council under the provisions * * of the Freedom of Information (Scotland) Act 2002. * ******************************************************************** ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html If you wish to leave this list please send the command leave data-protection to [log in to unmask] All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm Any queries about sending or receiving messages please send to the list owner [log in to unmask] Full help Desk - please email [log in to unmask] describing your needs To receive these emails in HTML format send the command: SET data-protection HTML to [log in to unmask] (all commands go to [log in to unmask] not the list please) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^