But if the employer receives from the hospital a statement of fact that the
letter is forged, would not the employer automatically think the employee is
the forger? Is that not personal data in the sense of "opinions"? However, if
the hospital tells the employer "it is likely to be a forgery but we make no
allegations about who may have forged this letter" it could leave the employer
with a dilemma about whether to accuse the person and take action against
them.
I have acquired a large kitchen utensil made of natural arboreal material
which is useful for these situations if anyone wants to borrow it ;-)
Ian B
PS A simple and cheap solution is to have a policy of not responding to this
sort of request. If and when the police turn up with a court order to
disclose, respond then.
-----
In a message dated 13/06/05 10:33:51 GMT Daylight Time,
[log in to unmask] writes:
> I think Antoinette has the simple answer - focussing on whether or not
> the letter is genuine or forged, without giving any further information
> about attendance at appointment.
>
> If the data subject provided their employer with a letter supposedly
> written by my hospital to the data subject, I do not see how the
> employer is breaching the subject's data privacy rights in taking the
> letter back the supposed issuing hospital for confirmation. If I/my
> organisation sent the letter in the first place, we can confirm it is
> genuine (after confirming with the data subject that they did provide it
> to their employer) or if it is a fraud/forgery we can state that fact.
> Neither of these statements breach personal privacy rights of the data
> subject.
>
> However, I would not confirm or deny whether the patient/data subject
> attended my hospital, without the patient's permission.
>
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|