Print

Print


Ray

Under DPA law, you cannot withheld anything that the applicant is already/has already been in possession of / already knows it.  I would redact anything you know / suspect information that she does not already know about.


Many thanks
Trish
Trish-louise Bailey
Audit & Assurance (Information Governance)
(IG covers:  Data Protection & Privacy, FOI, Information Security, Information Sharing & Confidentiality, Information & Records Management, Information Quality & Assurance)
Telford & Wrekin Council
Civic Offices
Coach Central
Telford
TF3 4HD
www.telford.gov.uk<http://www.telford.gov.uk>

em:   [log in to unmask]<mailto:[log in to unmask]> or [log in to unmask]<mailto:[log in to unmask]>
tel:    01952 382537
mb:   07528 969455

From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Ray Cooke
Sent: 02 June 2011 12:04
To: [log in to unmask]
Subject: 3rd party data known to SAR applicant

All,

I'd appreciate any thoughts from all you experienced folk out there on this one.

Scenario is this.  Data subject (staff) makes subject access request.  Emails to and from the data subject deal with 3rd party disciplinary and grievance issues sent to data subject in the course of work.  Some of the stuff is sensitive data.  Question is - should the 3rd party data be redacted out in responding to the SAR even though the data subject has seen it and may even still have access to email copies?

I've taken the view that it is not appropriate or reasonable to leave this type of 3rd party data unredacted in supplying copies under SAR even though the data subject will have seen the material and indeed may have retained it within a work context.

Is this the right approach to take in this particular circumstance?

Grateful for any views on this.

Ray Cooke

________________________________

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

 *   Leaving this list: send leave data-protection to [log in to unmask]<mailto:[log in to unmask]&BODY=LEAVE%20data-protection>
 *   Suspending emails from all JISCMail lists: send SET * NOMAIL to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20*%20NOMAIL>
 *   To receive emails from this list in text format: send SET data-protection NOHTML to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20data-protection%20NOHTML>
 *   To receive emails from this list in HTML format: send SET data-protection HTML to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20data-protection%20HTML>

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]<mailto:[log in to unmask]>

Any queries about sending or receiving messages please send to the list owner [log in to unmask]<mailto:[log in to unmask]>

(Please send all commands to [log in to unmask]<mailto:[log in to unmask]> not the list or the moderators, and all requests for technical help to [log in to unmask]<mailto:[log in to unmask]>, the general office helpline)

________________________________
--------------------------------------------------------------------------------------------------------------------
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom
they are addressed. If you have received this email in error 
please notify the originator of the message. 

Any views expressed in this message are those of the individual
sender, except where the sender specifies and with authority,
states them to be the views of Telford & Wrekin Council.

The content of this email has been automatically checked in 
conjunction with the relevant policies of Telford & Wrekin Council.

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^