JISCMail - DATA-PROTECTION Archives

Dear All,

We have had a series of SARs asking for the emails between various officers conducting grievance investigations.  All the grievances cover a number of situations, most have recently focused on the emails exchanged between the line manager, the line manager's manager and the relevant officers from HR.   

The aggrieved officers usually make an SAR and FOI request for information  seeking access to all the emails exchanged by the officers mentioned above and any policies, reports, or briefings covering the relevant grievance issue.

I was wondering if s33a (2)  of the DPA would apply in this case.  
        (2)  Personal data which fall within paragraph (e) of the definition of “data” in section 1(1) and relate to appointments or removals, pay, discipline, superannuation or other personnel matters, in relation to

        (b) service in any office or employment under the Crown or under any public authority, or
        (c) service in any office or employment, or under any contract for services, in respect of which power to take                 action,        or to determine or approve the action taken, in such matters is vested in Her Majesty, any Minister of the Crown, the National Assembly for Wales, any Northern Ireland Minister (within the meaning of the Freedom of Information Act 2000) or any public authority,


I suppose the relevant question is whether the emails or any of the related paper work falls under the definition of data in paragraph (e) of section 1(1).  I suspect that they do not fall within that definition.

Thinking this through, I am uncertain as to what files this could cover.  I can see a situation where a document is created, for example an appointment, pay, or disciplinary document, and one copy is printed and placed in an employee's file and another is filed within the relevant service file (but no electronic copy is retained.)  How often, though, is this going to happen?  I can imagine that a number of people may indavertently retain copies, the officer preparing the report, the PA to the Head of HR who manages the files, the legal officer developing the superannuation reports.

In the case of emails, between officers relating to these matters, I am not sure how s33a (2) could be applied.  I think there could be a strong argument to rely upon the arguments set out around Durant (the email mentions the relevant officer but is not about them).

If 33a revolves around paragraph (e) of section 1 (1), I am not sure how that would be applied as more and more records are created and held electronically. If they are not held electronically, they are likely to be held in a relevant filing system, unless in a basic chronological storage system ie all the files from march 2005.  Unless one organises all the disciplinary cases or remuneration cases by chronological data, they are likely to fall within a relevant filing system as it is human nature to file by someone's name when dealing with personal information.  

The key issue of the relevant filing system being 
“relevant filing system”  means any set of information relating to individuals to the extent that, although the information is not processed by means of equipment operating automatically in response to instructions given for that purpose, the set is structured, either by reference to individuals or by reference to criteria relating to individuals, in such a way that specific information relating to a particular individual is readily accessible.

If the file is chronological say each new grievance file is placed on top of the next so that the most recent is at the top and the oldest is at the bottom.  However, that would likely be readily accessible unless, of course, one has hundreds of grievance cases or remuneration cases every month and every year.

I would be interested in to know how others would approach the issue of emails and whether s.33A would be applicable.

Best,

Lawrence

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^