I have been asked a question as someone knowledgeable in Data
Protection. However, as its source and the area involved are in no way
related to my organisation or sector, I'm raising it here as a general
question to see what comments list members would like to make.
Person X worked for public sector body A. The responsibilities of A are
then taken over by another public sector body B, and some staff from A
(including X) are moved to work for B on a new contract of employment. B
is quite an enlightened employer and gives all its employees (secure)
access to all their personnel files (online even!). X is somewhat
perturbed to find out that, along with their basic personal data, all
their sickness records have been transferred to B (without X having been
asked to give explicit consent). Given that this is a new contract of
employment with a different organisation, should A have passed this
sensitive data to B anyway, let alone automatically, and was B at fault
for accepting them without the subject's consent?
Any thoughts anyone?
Malcolm Kendall
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|