Ingrid Wilson wrote:
However, in my view, the decision should not prevent us from doing what we
can to help a data subject to have access to information they are seeking
about themselves.
I couldn't agree more. The problem could be, as Tony pointed out earlier,
that "Commerical organisations, who have a different set of driving forces
to the public sector, will undoubtedly see this as a way of saving money on
Data Protection compliance costs." which, in turn, could prevent
identification of abuses. As Paul pointed out "but for Principles 3, 4 and
potentially 5 a SAR is the Data Subject's main method of obtaining proof."
Regards,
Graham
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|