In the private sector, particularly in London, the secretary is directly
employed by the consultant (who is a data controller). If, and I repeat
if, there is a contract of employment between the consultant and the
secretary then the confidentiality of data should be an integral part of
that contract and therefore is accountable for any breach of
confidentiality.
However, not all private secretaries have contracts of employment (or at
least, not up to date ones)
I suppose the picture can be muddied if the consultant's secretary is
working in an NHS hospital but also doing private practice work during her
'spare time'or 'after hours'
Kathy Perkins
Medical Records Manager
The London Clinic
-----Original Message-----
From: Duncan Smith [mailto:[log in to unmask]]
Sent: 01 March 2002 16:19
To: [log in to unmask]
Subject: Re: Don't use data processors!
No. The secretary - hired by Bob - is an employee and neither a
controller
nor a data processor.
Sorry Ian, the secretary is an employee of the hospital in most cases.
By the way, some consultants do place their own employees into the
hospital to operate as secretaries. They are bound to use the
facilities provided for them, and if that includes an unsecured mail
room, how the plot thickens.
Duncan
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This email, together with any attachments, is for the exclusive and
confidential use of the addressee(s) and may contain legally privileged
information. If you have received this message in error please notify the
sender by email immediately and delete the message from your computer
without making any copies.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
www.jiscmail.ac.uk/user-manual/summary-user-commands.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|