Adam,

 

I wonder whether the devil is in the detail of the wording?

 

“A term or condition of a contract is void in so far as it purports to require an individual to supply another person with a record which……”

 

Having been in a situation where a Solicitor applied for health information on my behalf, I would say that the contract that I had with the Solicitors did not include a term or condition of this kind, nothing in my original contract purported to require me to supply the Solicitors with information related to health or to give them access to SAR data.

 

As a part of the on-going case my Solicitors applied for information on my behalf relating to my health, as they did other data to support my case, but I was not required to supply this data in my contract with them. As my case progressed I had overall control over what information I gave them directly and what information they could seek from other parties.

 

Assuming that this is how other Solicitors work, my take on this is that it is not a term or condition in a contract with a Solicitor that this information is supplied.

 

Hope that helps

 

Kind regards

Helena Ashton

 

 

From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of TUCKETT, Adam (NHS SOUTH, CENTRAL AND WEST COMMISSIONING SUPPORT UNIT)
Sent: 29 June 2018 16:04
To: [log in to unmask]
Subject: [data-protection] SARs and medical reports

 

Dear All,

 

A Friday dilemma…

 

Data Subject has an injury and is pursuing a claim for damages via a solicitor.  Records of hospital attendance and GP aftercare are necessary to show level of injury and recuperation and perhaps any details on pre-existing conditions.

 

The Solicitor makes a SAR with the subject’s knowledge (authorised by the patient requesting the solicitor to act on their behalf).  The solicitor once in possession of the records will be disclosing them to an external medical reporting company, who, in conjunction with seeing the patient will be compiling a medical report (patient’s access to this report is covered by AMRA 1988).

 

So how does DPA 2018 – section 185 fit with this?  Avoidance of contractual terms related to health records?  Is the contract for legal advice between the solicitor and the patient, which is dependant on access to the records to produce the medical report, then void??  If it is on what basis can it be disclosed? 

 

Or am I over thinking all this??!

 

Thoughts welcome – but don’t stress over the weekend!

 

Many thanks


Adam

 

 

 

Adam Tuckett    |   Information Governance Consultancy Lead

BCS Certified GDPR/Data Protection Practitioner, Certified FOI Practitioner.

M:07586 493447   |   [log in to unmask]    |   www.swcsu.nhs.uk 

South, Central and West Commissioning Support     | South Plaza, Marlborough Street, Bristol BS1 3NX

 

Description: cid:image001.jpg@01D2DDF0.89C16C50

 



********************************************************************************************************************

This message may contain confidential information. If you are not the intended recipient please inform the
sender that you have received the message in error before deleting it.
Please do not disclose, copy or distribute information in this e-mail or take any action in relation to its contents. To do so is strictly prohibited and may be unlawful. Thank you for your co-operation.

NHSmail is the secure email and directory service available for all NHS staff in England and Scotland. NHSmail is approved for exchanging patient data and other sensitive information with NHSmail and other accredited email services.

For more information and to find out how you can switch, https://portal.nhs.net/help/joiningnhsmail

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)



********************************************************************************************************************

This message may contain confidential information. If you are not the intended recipient please inform the
sender that you have received the message in error before deleting it.
Please do not disclose, copy or distribute information in this e-mail or take any action in relation to its contents. To do so is strictly prohibited and may be unlawful. Thank you for your co-operation.

NHSmail is the secure email and directory service available for all NHS staff in England and Scotland. NHSmail is approved for exchanging patient data and other sensitive information with NHSmail and other accredited email services.

For more information and to find out how you can switch, https://portal.nhs.net/help/joiningnhsmail

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html and are sent in the body of an otherwise blank email to [log in to unmask]

Any queries about sending or receiving messages please send to the list owner [log in to unmask]

(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)