Using logic, rather than the law:

1)  Staff should be instructed not to discuss such matters in the open.
There is a tendency to treat information or suppositions about such this in
a very casual manner.  Not a DPA thing, but true privacy.
2)  Such data should be placed in file for a limited period:  that is until
it can be verified.  The limited period must be a reasonable period, after
which the supposition of infection must be deleted.  A supposition should be
phrased in such a manner as you ensure that the data subject understands
what it means, and that it is not a libellous or potentially libellous act
3)  Naturally this must be treated as sensitive data, dealing with not only
health, but also sexual life, willing or unwilling participant that they may
be
4)  Treat any client data in the same way that you would treat staff data.
For example an HIV+ staff member has no moral, nor legal need to inform
ANYONE at work, unless in certain specific risk oriented professions

Knowing how abused people feel, EVERY care must be taken not to allow any
addition "guilt of the victim" to creep in here.  I know this may sound
strange, but a small focus group of recovering and recovered abused people
may help in the "way" that you hold and process such difficult data.  Here I
would retain the services of a respected psycho-sexual counsellor
experienced in the recovery from abuse.

_____________________________________________________________
Tim Trent
Chief Privacy Officer EMEA
Gartner
EMEA Marketing, Tamesis,  The Glanty,  Egham,  Surrey,  United Kingdom,
TW20 9AW
Switchboard +44 (0)1784 431 611, Direct Line +44 (0)1784 267 335, Mobile +44
(0)7710 126 618, Fax +44 (0)1784  268 932
http://www.gartner.com
[log in to unmask]

The opinions expressed in this message are my own, and may or may not
reflect those of my employer.  They are expressed as a part of the
discussion on the JISCMail mailing list on data protection and for no other
purpose.  They have no legal standing and are offered as part of informed
and informal discussion.  They may NOT be attributed to Gartner in any way.
Any personal data provided is provided expressly for use of discussions on
the JISCMail Data Protection Discussion list.  Under the UK Data Protection
Act 1998 I expressly forbid any individual or organisation to make
commercial use of my data published either on the email list or in the
archives of that or other lists whether this message appears or not.  This
includes messages already published in the archives.


-----Original Message-----
From: Broom, Doreen [mailto:[log in to unmask]]
Sent: 26 September 2002 10:08
To: [log in to unmask]
Subject: Health - PVP List


Hi All
Can anyone help me here.  There are some clients who our staff visit who
have been abused and may in fact have become infected with some type of
illness which employees should be aware of as it could be dangerous for our
employees coming into contact with them.  The information is sometimes
obtained from the individuals concerned but living in such a small area up
here i.e. everyone knows everyone - it can be by word of mouth and staff may
indicate that they are not visiting a certain house as the individuals have
some type of disease.
I am not at all happy with the assumption part of this but if the client
themselves tell us they have some type of disease then surely that would be
appropriate to be placed on file.
Any views greatly appreciated.....
Doreen Broom
Access to Information Officer
[log in to unmask]
Tel: 01835 826516 (Direct Line)




**********************************************************************
This email is privileged, confidential and subject to copyright.
Any unauthorised use or disclosure of its content is prohibited.
The views expressed in this communication may not necessarily
be the views held by Scottish Borders Council
**********************************************************************

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
    www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
       All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
      If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
            All user commands can be found at : -
    www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
  (all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^