JISCMail - DATA-PROTECTION Archives

A pragmatic approach-yes!

You are however required to respond to SARs received and while you can
of course suggest to the student that they contact their GP regarding
other aspects of their medical records as part of your response, you do
need to go through the process Alan and others have outlined in this
instance. You may find that doing this even saves you those lovely weeks
of responding!

Iain Harrison
Information Governance Officer
Information Governance Team
Customer & Workforce Services
Coventry City Council
Council House
Earl Street
Coventry CV1 5RR
 
Telephone No: 024 7683 3305
Fax No:          024 7683 3395
 
www.coventry.gov.uk 

-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of David Hirst
Sent: 28 May 2008 16:58
To: [log in to unmask]
Subject: Re: [data-protection] Health data scenario

It does not much of a leap of imagination to envisage the complexities
of going back and forth between GP and student  on this issue ("Is this
my full record?"  "My converstaion of last year is not annotated" "What
about my childhood immunisations?" "Where are the details of my
appendectomy?" etc.)

I am not advocating withholding data, but if it is a lawful requirement
in any event to clear with the medical profession how much of the
records can be released, then, coupled with the risk of the above
complexities, it would seem to me a  more pragmatic course to suggest or
even recommend to the student that they approach the GP direct. DPA
duties notwithstanding, universities are here to teach, not act as
negotiators, and if it makes no difference to the student and only takes
a phone call, letter or e-mail to suggest it, why not suggest the
student takes the direct approach? If they refuse then so be it and
obviously one would bite the bullet and happily spend the next few weeks
responding.

David Hirst

Alan Stead wrote:

> Morning All
>  Sorry David but what would be unlawful is that the SI in question 
> states that a non medical professional can only withhold the data 
> after consulation with a doctor. Therefore I would agree(as usual!) 
> with Doreen that you must contact the GP first and obtian an opinion 
> if the information would cause damage or distress (ie not already 
> known to the patient).
>
> Regards
>
> Alan
>
> Alan Stead
> IMTS
> Ravenshead
> Nottingham
> 01623 400497 or
> 07882 241908
>
>
> Quoting David Hirst <[log in to unmask]>:
>
>> I don't see anything unlawful in suggesting to the data subject that 
>> it weould be quicker and more sensible for him to approach the GP 
>> direct rather than having to go back and forth between the GP and the
subject.
>>
>> David Hirst
>> Head of Legal Services
>> University of Sunderland
>>
>>
>>
>> Dean, Ian wrote:
>>
>>> If you get a SAR and you have the information then you are obliged 
>>> to provide so long as it will not cause harm to the individual. The 
>>> only way this can be ascertained is by a  medically qualified person

>>> assessing the information. this is normally done by going back to 
>>> the GP and asking if there is any reason why we cannot disclose the 
>>> information to the subject. Regards
>>>
>>> Ian -----Original Message-----
>>> From: This list is for those interested in Data Protection issues 
>>> [mailto:[log in to unmask]] On Behalf Of David Hirst
>>> Sent: 27 May 2008 15:04
>>> To: [log in to unmask]
>>> Subject: Re: [data-protection] Health data scenario
>>>
>>> Patients have a right under the DPA (and I think elsewhere) to see 
>>> their medical records but surely the best course of action would be 
>>> to ask him to obtain them from the original data holder, i.e. his 
>>> GP.  I think this would also be the most appropriate course of 
>>> action in the case of a report specifically prepared for the 
>>> University by the GP.
>>>
>>> Don't get embroiled in a tug of data between the GP and the student 
>>> if you can avoid it.
>>>
>>> David Hirst
>>> Head of Legal Services
>>> University of Sunderland
>>>
>>> Okey, Andrew wrote:
>>>
>>>
>>>> One for all you fellow HE types out there. Any comments/thoughts on

>>>> the
>>>>
>>>
>>>
>>>> following scenario gratefully received...
>>>>
>>>> A student due to take exams here is affected by illness.
>>>>
>>>> The student gave our support team permission to approach their GP

>>>> for relevant medical details. This we did, obtaining the info   
>>>> direct from the GP.
>>>>
>>>> Now the student has asked to see these records. What parts of   
>>>> which laws might apply? (I'm particularly concerned that there's   
>>>> probably specific legislation relating to medical/health records   
>>>> that has an influence beyond the terms of the DP act..)
>>>>
>>>> Thanks in advance,
>>>>
>>>> Andrew Okey
>>>> Administrative Officer
>>>> Student Registry
>>>> Lancaster University
>>>> [log in to unmask]
>>>> 01524-592138 (internal ext: 92138)
>>>>
>>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>>>   All archives of messages are stored permanently and are
>>>>    available to the world wide web community at large at
>>>>    http://www.jiscmail.ac.uk/lists/data-protection.html
>>>>   If you wish to leave this list please send the command
>>>>     leave data-protection to [log in to unmask] All user   
>>>> commands can be found at   
>>>> http://www.jiscmail.ac.uk/help/commandref.htm
>>>> Any queries about sending or receiving messages please send to the
>>>>
>>> list owner
>>>
>>>>            [log in to unmask]
>>>> Full help Desk - please email [log in to unmask] describing 
>>>> your
>>>>
>>> needs
>>>
>>>>      To receive these emails in HTML format send the command:
>>>>       SET data-protection HTML to [log in to unmask] (all 
>>>> commands go to [log in to unmask] not the list please)  
>>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>>>
>>>>
>>>>
>>>
>>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>>    All archives of messages are stored permanently and are
>>>     available to the world wide web community at large at
>>>     http://www.jiscmail.ac.uk/lists/data-protection.html
>>>    If you wish to leave this list please send the command
>>>      leave data-protection to [log in to unmask] All user 
>>> commands can be found at 
>>> http://www.jiscmail.ac.uk/help/commandref.htm
>>> Any queries about sending or receiving messages please send to the 
>>> list owner
>>>             [log in to unmask]
>>> Full help Desk - please email [log in to unmask] describing 
>>> your needs
>>>       To receive these emails in HTML format send the command:
>>>        SET data-protection HTML to [log in to unmask]  (all 
>>> commands go to [log in to unmask] not the list please)
>>>   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>>
>>>
**********************************************************************
>>> This email (and any attachments) may contain privileged and/or   
>>> confidential information. If you are not the intended recipient   
>>> please do not disclose, copy, distribute, disseminate or take any   
>>> action in reliance on it. If you have received this message in   
>>> error please reply and tell us and then delete it. Should you wish

>>> to communicate with us by email we cannot guarantee the security of

>>>  any data outside our own computer systems. For the protection of   
>>> Legal & General's systems and staff, incoming emails will be   
>>> automatically scanned. Any information contained in this message   
>>> may be subject to applicable terms and conditions and must not be   
>>> construed as giving investment advice within or outside the United

>>> Kingdom. Legal & General Group plc is registered in England under   
>>> company number 1417162 and is a holding company.
>>>
>>> The registered office for all companies in the Legal & General   
>>> group is One Coleman Street London EC2R 5AA.
>>>
>>> The following subsidiary companies of Legal & General Group Plc are

>>> authorised and regulated by the Financial Services Authority:
>>> Legal  & General Partnership Services Limited, Legal & General 
>>> Insurance  Limited, Legal & General Assurance Society Limited, Legal

>>> & General  (Unit Trust Managers) Limited and Legal & General 
>>> (Portfolio  Management Services) Limited.
>>>
>>> Legal & General International (Ireland) is incorporated in Ireland

>>> under company number 440141 with its registered office at Alexandra

>>> House, The Sweepstakes, Ballsbridge, Dublin 4 and is authorised by
>>>  the Financial Regulator in Ireland and by the Financial Services   
>>> Authority for the conduct of insurance business in the UK. Full   
>>> details can be found at http://www.legalandgeneralgroup.com/   
>>> ********************************************************************
>>> **
>>>
>>>
>>
>> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>>     All archives of messages are stored permanently and are
>>      available to the world wide web community at large at
>>      http://www.jiscmail.ac.uk/lists/data-protection.html
>>     If you wish to leave this list please send the command
>>       leave data-protection to [log in to unmask] All user 
>> commands can be found at 
>> http://www.jiscmail.ac.uk/help/commandref.htm
>> Any queries about sending or receiving messages please send to the 
>> list owner
>>              [log in to unmask]
>>  Full help Desk - please email [log in to unmask] describing 
>> your needs
>>        To receive these emails in HTML format send the command:
>>         SET data-protection HTML to [log in to unmask]
>>   (all commands go to [log in to unmask] not the list please)
>>    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>     All archives of messages are stored permanently and are
>      available to the world wide web community at large at
>      http://www.jiscmail.ac.uk/lists/data-protection.html
>     If you wish to leave this list please send the command
>       leave data-protection to [log in to unmask] All user 
> commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving messages please send to the 
> list owner
>              [log in to unmask]
>  Full help Desk - please email [log in to unmask] describing your

> needs
>        To receive these emails in HTML format send the command:
>         SET data-protection HTML to [log in to unmask]
>   (all commands go to [log in to unmask] not the list please)
>    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask] All user
commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list
owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your
needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

All e-mails are monitored by Coventry City Council IT Security, using
M@ilMeter and Star Filtering Services in accordance with the Regulations
of Investigatory Powers Act 2000.
_____________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs.



This e-mail and any files transmitted with it are confidential and are intended solely for the use of the addressee. If you have received this e-mail in error, you are requested to contact the sender 

All e-mails are monitored by Coventry City Council IT Security, using M@ilMeter and Star Filtering Services.

The views contained in this e-mail are those of the author and not necessarily those of Coventry City Council.
______________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The  service is powered by MessageLabs.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^