The purpose of section 33a is to ensure public authority workers did not have an advantage over private sector workers. Without 33a, public sector workers could use FOI to access their personnel records if held in an unstructured form, where private sector couldn't.
Here we allow access to staff, however the record is held, via a SAR
Nic Drew
DPO
Cardiff and Vale University Local Health Board
-----Original Message-----
From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Gordon Wanless
Sent: 18 December 2009 14:06
To: [log in to unmask]
Subject: Section 33A of the DPA
Folks,
Those of you working for public authorities are probably well aware
that the new section 33a that was added to the DPA because of the
introduction of the FOIA has a subsection (2) to it which states :-
"(2) Personal data which fall within paragraph (e) of the definition of
"data" in section 1(1) and relate to appointments or removals, pay,
discipline, superannuation or other personnel matters, in relation to -
a. service in any of the armed forces of the Crown,
b. service in any office or employment under the Crown or under any
public authority, or
c. service in any office or employment, or under any contract for
services, in respect of which power to take action, or to determine or
approve the action taken, in such matters is vested in Her Majesty, any
Minister of the Crown, the National Assembly for Wales, any Northern
Ireland Minister (within the meaning of the Freedom of Information Act
2000) or any public authority,
are also exempt from the remaining data protection principles and the
remaining provisions of Part II."
So this means that paper based personnel files held by a public
authority that are not part of a relevant filing system are exempted
from the subject access provisions and a data subject can not use the
DPA to "force" a public authority to disclose the contents to a
requester.
My first question to you is, I wonder if you, like me, find this very
worrying that a fundamental right has been removed for a data subject
who is an employee of a public authority and wants access to their paper
based personnel file which is not kept in a structured filing system?
My organisation, and I guess your's too, do grant access for an
employee to the contents of their paper based personnel files regardless
of the above.
My second question to you is, if you do grant access, do you document
this under some sort of policy document/procedure or not?
Regards,
Gordon.
Gordon Wanless
Head of Information Governance
T: 0191 203 5484
F: 0191 244 6842
M: 07500 882 525
E: [log in to unmask]
W: www.nhsbsa.nhs.uk
*** IMPORTANT NOTICE ***
*** NHSBSA DISCLAIMER ***
This e-mail and any attachments transmitted with it, including replies and forwarded copies subsequently transmitted (which may contain alterations), contains information which may be confidential and which may also be privileged.
The content of this e-mail is for the exclusive use of the intended
recipient(s). If you are not the intended recipient(s), or the person
authorised as responsible for delivery to the intended recipient(s), please note that any form of distribution, copying or use of this e-mail
or the information in it is strictly prohibited and may be unlawful.
If you have received this e-mail in error please notify the Help Desk at
the NHS Business Services Authority, Prescription Pricing Division via e-mail to [log in to unmask] including a copy of this message. Please then delete this e-mail and destroy any copies of it.
Further, we make every effort to keep our network free from viruses.
However, you do need to validate this e-mail and any attachments to it for viruses, as we can take no responsibility for any computer virus that might be transferred by way of this e-mail.
This e-mail is from the NHS Business Services Authority whose principal office is at Bridge House, 152 Pilgrim Street, Newcastle-upon-Tyne, NE1 6SN.
Switchboard Telephone Number :- +44 (0)191 203 5000
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This message is strictly confidential and intended for the person or organisation to whom it is addressed. If you are not the intended recipient of the message then please notify the sender immediately. Any of the statements or comments made above should be regarded as personal and not necessarily those of Cardiff and Vale University Local Health Board, any constituent part or connected body.
All e-mail sent to or from this address will be processed by Cardiff and Vale University Local Health Board’s Corporate e-mail system and may be subject to scrutiny by someone other than the addressee.
Please be aware that, under the terms of the Freedom of Information Act 2000, Cardiff and Vale University Local Health Board may be required to make public the content of any emails or correspondence received. For further information on Freedom of Information or email monitoring, please refer to the Cardiff and Vale University Local Health Board website at www.cardiffandvaleulhb.wales.nhs.uk.
Mae’r neges hon yn gwbl gyfrinachol, ac fe’i bwriadwyd ar gyfer yr unigolyn neu’r sefydliad y cyfeiriwyd hi ato/atynt. Os nad chi yw’r derbynnydd y bwriedid y neges ar ei gyfer, byddwch mor garedig â rhoi gwybod i’r anfonwr yn ddi-oed. Dylid ystyried unrhyw ddatganiadau neu sylwadau a wneir uchod yn rhai personol, ac nid o anghenraid yn rhai o eiddo Bwrdd Iechyd Lleol Prifysgol Caerdydd a’r Fro, nac unrhyw ran gyfansoddol ohono na chorff cysylltiedig.
Caiff pob e-bost a anfonir i / o’r cyfeiriad hwn ei brosesu gan system e-bost Gorfforaethol Bwrdd Iechyd Lleol Prifysgol Caerdydd a’r Fro, a gallai gael ei archwilio gan rai ac eithrio’r sawl a anfonodd y neges.
Cofiwch fod yn ymwybodol ei bod yn bosibl y bydd disgwyl i Fwrdd Iechyd Lleol Prifysgol Caerdydd a’r Fro gyhoeddi cynnwys unrhyw e-bost neu ohebiaeth a dderbyniwyd, yn unol ag amodau Deddf Rhyddid Gwybodaeth 2000. I gael rhagor o wybodaeth am Ryddid Gwybodaeth neu fonitro negeseuon e-bost, trowch at wefan Bwrdd Iechyd Lleol Prifysgol Caerdydd a’r Fro ar www.billcaerdyddarfro.cymru.nhs.uk .
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]
Full help Desk - please email [log in to unmask] describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|