Author Archives: admin

NHS Confidentiality Guidance

Posted on October 17, 2017 by admin

It may be a source of some confusion that the NHS has five live guidance documents relating to the duty of confidentiality. The original 2003 guidance document is the non-statutory “Confidentiality: NHS Code of Practice” issued by the Department of … Continue reading →

Posted in FOI | Leave a comment

The “Legal Basis” for processing sensitive health data

Posted on October 13, 2017 by admin

There are several occasions when the legal basis for processing health data needs to be identified, particularly in relation to data sharing and processing arrangements and when carrying out a Privacy Impact Assessment. This discussion is limited to those occasions … Continue reading →

Posted in DPA | Leave a comment

How to send sensitive bulk emails

Posted on May 9, 2016 by admin

Chelsea and Westminster Hospital NHS Foundation Trust has been fined £180,000 after revealing the email addresses of more than 700 users of an HIV service. This was a classic case of putting all the email addresses of a large circulation … Continue reading →

Posted in DPA | Leave a comment

Royal Free NHS Trust and Google UK

Posted on May 5, 2016 by admin

The murky world of Information Governance in the NHS has been further stirred by the story of the arrangements between the Royal Free Trust and Google UK. The BBC and others have reported a “data-sharing agreement” between the two. Google … Continue reading →

Posted in DPA | Leave a comment

NHS Email Armageddon 2016

Posted on April 1, 2016 by admin

All intelligent people understand that email and the personal inbox is not a good place to store and manage corporate information. Many organisations will have formal policies which forbid, frown on, or discourage such practices. A small subset of those … Continue reading →

Posted in DPA | Leave a comment

The appeal of Alzheimers

Posted on February 18, 2016 by admin

Article originally posted in February 2016. Updated following confirmation from the society that they had withdrawn the appeal after the terms were varied by mutual consent to extend it to April 2017 and the ICO had subsequently confirmed satisfaction that … Continue reading →

Posted in DPA | Leave a comment

Do Children Have Rights (Part 2)

Posted on May 25, 2015 by admin

How far can we rely on Information Commissioner’s Office (ICO) Guidance? I recently commented on the issue of schools internally publicising the performance of pupils. But what about publishing to the world? The concerns expressed below may be more serious … Continue reading →

Posted in DPA | Leave a comment

Do schoolchildren have rights?

Posted on May 19, 2015 by admin

My eye was caught recently by this article on the BBC News channel. It seems some, no doubt well-meaning,* Head thought it a good idea to create what was in effect a league table of pupils’ ability by displaying their … Continue reading →

Posted in DPA | Tagged data protection, principle 1 | Leave a comment

Volunteers and Data Protection

Posted on January 27, 2015 by admin

The Information Commissioner recently published a report following a series of visits to Victims’ Services Alliance Organisations. These are typically charities but the report is also aimed at non-charitable volutary organisations. One issue touched is the question of identifying who … Continue reading →

Posted in DPA, FOI | Leave a comment

Don’t Expect ICO to argue your case

Posted on January 23, 2015 by admin

When applying to the Information Commissioner under s50 FOIA to overturn a refusal by a public authority it is important to marshal all your arguments and understand what is available to you. This was illustrated in a decision in September … Continue reading →

Posted in FOI | Leave a comment