Just some quick thoughts, to which I haven't fully applied my mind.

Company D would become data controller if it decided to process X, Y, Z's personal data for purpose which it (Company D) determined. The act of anonymising identifiable personal data is an act of processing in itself (see ICO Anonymisation Code and A29WP Opinion 05/2014).

Does Company D have a legal basis (i.e./e.g. Schedule 2/3 condition) to anonymise the data? Does the contract with Company B permit/forbid such processing? If not, then I would suggest what is being proposed could be unlawful.

Jon Baines,
Chairman,
nadpo.org.uk





On 13 Jun 2014, at 13:53, "Mark van Harmelen" <[log in to unmask]> wrote:

Hi everyone,

I have two Friday questions

Firstly on the following scenario, if anyone wants to venture anything about it (we are Company D, our client is Company B), what are the DPA implications and points of difficulty? Hopefully the scenario is of interest.

Secondly I am in no uncertain terms recommending that our client needs consult a DPA specialist solicitor / lawyer to obtain legal advice on what the DPA position is, and what B (and D) should do. Here we are looking for focussed pragmatic advice, including,  I presume, the construction of the wording for release forms and whose responsibility they are.

If you can recommend such a person or firm, I'd really appreciate it, please, if you could contact me (probably off list) with your recommendation.

Thanks a million
Mark

--------------------------------------------------------------------------------------------------------------------------------------

Circumstances

Company A owns and operates maritime vessels and operates in both UK and EU jurisdictions.

Company A's vessels  are crewed by Company A's employees and employees of other companies who supply services to Company A. 
We'll call a selection of these crew members  X,Y,Z regardless of the company that they work for.

Company B employs, on a contractual basis, self-employed nursing staff to provide medical services on Company A's vessels.

Company B's nurses maintain medical records detailing aspects of the health of crew members X,Y,Z.

Company B has its own full-time-employed on-shore doctor to provide case review and specialised medical assistance to Company B's medics.

Company B may also from time-to-time also use doctors supplied by Company A or a third-party company,Company C, to provide case review and specialised medical assistance to Company B's on-board nurses. 

These doctors, regardless of if they work for Company A, B or C, may also provide medical advice to crew members  X, Y, Z in an on-shore clinic. 

Use of data

No matter if the doctors are employees of Companies A, B or C, when occasion arises they need to see medical records for sick or injured crew members X,Y, Z.

Company B would like to show certain anonymised medical and demographic data to Company A. This anonymised information is derived from Company B's medical records for crew members.

[1] Sometimes, for some data shown to company A, there may be circumstances resulting from disclosure of anonymised data that could result in a PII leak,
eg there might be only one employee with an extremely high BMI on a particular vessel. 
If we knew the crew on that vessel we could deduce who that crew member is, and we would know that that person had a BMI, eg, of over 40.

[2] Company B would also like to make certain suggestions to Company A, eg identified crew member X is overweight to be working at sea, or identified crew member Y has had an accident on-board.

Company B proposes a release form signed by crew to regularise [2]. Problems with [1] may remain, but this problem may disappear if the individual has signed a release form.

Processing data

Company D  supplies and maintains data processing facilities for company B in respect of crew member X,Y,Zs' medical records. 

Directors and employees of D act carefully: They never access any PII. 

It would be nice to copy, anonymise and also alter the content of existing records and use the resultant mutated records as test data, this could be done using a computer program, without any human seeing seeing any PII that is being anonymised and transformed. One of Company D's staff is somewhat for doing this, another is set against it, so Company D will not do this without legal advice 

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)
My Bucks

Subscribe now for latest news, information and offers.

FacebookLike Us Follow UsFollow Us Watch UsWatch Us

LGC Awards WinnerInvestors In People
Buckinghamshire County Council

Visit our Web Site : http://www.buckscc.gov.uk

Buckinghamshire County Council Email Disclaimer

This Email, and any attachments, may contain Protected or Restricted information and is intended solely for the individual to whom it is addressed. It may contain sensitive or protectively marked material and should be handled accordingly. If this Email has been misdirected, please notify the author or [log in to unmask]immediately. If you are not the intended recipient you must not disclose, distribute, copy, print or rely on any of the information contained in it or attached, and all copies must be deleted immediately. Whilst we take reasonable steps to try to identify any software viruses, any attachments to this Email may nevertheless contain viruses which our anti-virus software has failed to identify. You should therefore carry out your own anti-virus checks before opening any documents.

Buckinghamshire County Council will not accept any liability for damage caused by computer viruses emanating from any attachment or other document supplied with this email.

All GCSx traffic may be subject to recording and / or monitoring in accordance with relevant legislation.

The views expressed in this email are not necessarily those of Buckinghamshire County Council unless explicitly stated.

This footnote also confirms that this email has been swept for content and for the presence of computer viruses.

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)