Ok-lets look again at this again.
" the only basis on which information could be shared for fraud investigations amongst insurance companies and self-insured entities, for example
some local councils self-insure, is under a court order or with the explicit consent of the individual involved!"
Getting a court order would provide an easy solution what is a often a very vexed sharing question-you effectively have to do it! Job done. If
the requesting body want the information badly enough, they will do this.
"Explicit consent"-why not just get your fair obtaining clauses/forms in order and record choices properly?
I know some EU jurisdictions have a reputation for being a bit restrictive, but this is not really a showstopper.
As for the bit about " successful joint/industry fraud investigations", I have seen a few of these sharing initiatives and frankly they do not
bear any close scrutiny.
Playing devils advocate perhaps…..but.
Iain Harrison
Information Governance Officer,
Information Governance Team,
Democratic Services,
Customer & Workforce Services,
Coventry City Council
Room 21a, Lower Ground Floor,
Council House,
Earl Street
Coventry. CV1 5RR
Telephone No: 024 7683 3305
Fax No: 024 7683 3395
From: This list is for those interested in Data Protection issues
[mailto:[log in to unmask]] On Behalf Of Chris Spray
Sent: 03 June 2011 23:54
To: [log in to unmask]
Subject: [data-protection] Using Section 29 Exemptions to share data - Law enforcement authorities only
Tucked away in an appendix to the Irish Data Protection Commissioner’s Annual report mentioned on this message board earlier in the week, is a statement that the Irish DPA equivalent of section
29 in the UK “can only be relied upon by a law enforcement authority” to allow sharing of information for fraud investigations.
They also state that the only basis on which information could be shared for fraud investigations amongst insurance companies and self-insured entities, for example
some local councils self-insure, is under a court order or with the explicit consent of the individual!
This interpretation came as quite a surprise and appears to have no basis in law. Can anyone see any basis for it?
I am sure that this will be challenged. Had the UK Commissioner adopted the same view it is likely that some major and successful joint/industry fraud investigations
could not have got off the ground.
Regards
Chris
All e-mails are monitored by Coventry City Council IT Security, using M@ilMeter and Star Filtering Services in accordance with the Regulations of Investigatory Powers Act 2000.
_____________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs.
All archives of messages are stored permanently and are available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):
All user commands can be found at
http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to
[log in to unmask]
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
(Please send all commands to
[log in to unmask] not the list or the moderators, and all requests for technical help to
[log in to unmask], the general office helpline)