Broom, Doreen on Wednesday, February 18, 2004 at 11:04 AM said:-
> She should make a SAR....I would have thought it wrong for
> the boyfriend to make the check coming from the point of view
> that just because he may have easy access to such a database
> - perhaps the Police have to make declarations of any
> associations and any check is carried out by a named officer
> ........but there again....Perhaps one of our police
> colleagues can clarify..........
I would not necessarily agree that she should make a SAR. If people did
that on every occasion they had any doubt about anything, trust could no
longer exist. Determining if a SAR is necessary will be an item for the
individual to determine and will be affected to many personal factors.
Strangely enough, Shelagh Gaskill appeared in an item on the TV news the
other night (TV makeup and all), relating to the Soham case. The news item
in many ways, related to the retention of information and vetting as well as
discussing a national police intelligence system and access to that by the
CRB.
I guess that in areas where problems are more likely to arise, people prefer
to remove the human variable, and create a more static and rigid framework
which may then be reviewed and changed when something goes wrong. After all
an individual does not lose any credibility if an error is caused by a
system (the new red tape), as personal judgement may be divorced from the
problem. Trust in the system is damaged, but I do not suppose that is
perceived as a personal thing and so is of little immediate consequence.
Perhaps people can also be less careful when making those types of
decisions, as they may be forgotten unless they are reviewed following any
error and then the framework is tightened up. That situation may be visible
to DP practitioners when attempting to have system operating procedures or
internal codes of practice reviewed or/and identifying the current system
owner/manager for high risk systems. Much ducking and weaving - leaving the
system to cope and answer any questions.
DP is really in for some trying times where an error is perceived as
systemic. Rather than enquiries about those decisions being directed to the
individual(s) making them there will probably be a tendency to ask DP.
After all DP are responsible for all of the system retention schedules
because of the principles are they not! Or is it that the relevant system
managers are responsible and merely use DP as a shield in order to remain
untainted? Elements of trust intruding in reverse!
The only protection possible for DP seems to be to ensure the relevant
documentation contains all the necessary information and is reviewed at
appropriate intervals.
Ian W
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|