JISCMail - DATA-PROTECTION Archives

Everywhere I have worked recently has gone along the lines of "may
result in disciplinary action". The reason for this is largely to avoid
fettering the discretion of the disciplinary process - it's difficult to
operate a fair system if an outcome automatically results from an
incident because every incident has different circumstances. 

I think the faliure comes in not taking appropriate disciplinary action
when appropriate - in many circumstances, it's obvious that by not
considering disciplinary action, a data controller cannot argue that it
is taking the appropriate steps. However, blithely sacking someone to
stave off a monetary penalty without following a fair and balanced
disciplinary process is likely to create another set of difficulties
(e.g. unfair dismissal). 

Tim Turner
NHS Manchester

-----Original Message-----
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Phil Bradshaw
Sent: 23 September 2010 14:15
To: [log in to unmask]
Subject: [data-protection] Disciplinary Sanctions

The ICO has clear guidance with examples of what he considers to be
serious enough to merit montary penalty :
http://www.ico.gov.uk/upload/documents/library/data_protection/detailed_
specialist_guides/ico_guidance_monetary_penalties.pdf

Does anyone do something similar internally ? e.g.  clear guidance on
what you would consider would merit :

* a quiet word
* an informal warning
* a disciplinary hearing alleging misconduct
* a disciplinary hearing alleging gross misconduct
* instant dismissal

 or does your policy just say "breach may result in disciplinary
sanction - a very broad 'may' ? If not  how do you ensure consistency
over time or between sections if your organisation is large ?

Would failure to have something in place be a breach of principle 7 - is
it an appropriate organisational measure ?

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list
owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your
needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

Any requests under the Freedom of Information Act should be directed to [log in to unmask]

Please notify the sender immediately if this email appears to have been sent to you by mistake; 
Respect the confidentiality of any information you receive from us; 
Remember that emails sent or received by our staff may be disclosed under the Freedom of Information Act; 
Let us know straight away if you suspect this email is infected with a virus by ringing 0161 7654700 [if outside the UK +44 161 7654700]. 
(We take all possible steps to ensure that our systems are virus-free but no system is completely secure.) 
Please note that the contents of incoming and outgoing emails are automatically scanned for inappropriate content. 


^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^