Author Archives: admin

Appropriate Organisational Steps?

Posted on November 30, 2021 by admin

A recent (24/11/2021) decision of the Upper Tribunal Administrative Appeals Chamber contained a concession from the Information Commissioner which may seem surprising, at least out of context. At paragraph #126 it is reported that “The Commissioner had sought and received … Continue reading →

Posted in GDPR | Leave a comment

Musings on the Summary Care Record

Posted on November 19, 2018 by admin

So – who can see my Summary Care Record – and when? The Summary Care Record (SCR) is now well established in England. It is undoubtedly a good idea, in principle. Given the complex web of organisations that deliver healthcare … Continue reading →

Posted in GDPR | Leave a comment

NHS Confidentiality Guidance

Posted on October 17, 2017 by admin

It may be a source of some confusion that the NHS has five live guidance documents relating to the duty of confidentiality. The original 2003 guidance document is the non-statutory “Confidentiality: NHS Code of Practice” issued by the Department of … Continue reading →

Posted in FOI | Leave a comment

The “Legal Basis” for processing sensitive health data

Posted on October 13, 2017 by admin

There are several occasions when the legal basis for processing health data needs to be identified, particularly in relation to data sharing and processing arrangements and when carrying out a Privacy Impact Assessment. This discussion is limited to those occasions … Continue reading →

Posted in GDPR | Leave a comment

How to send sensitive bulk emails

Posted on May 9, 2016 by admin

Chelsea and Westminster Hospital NHS Foundation Trust has been fined £180,000 after revealing the email addresses of more than 700 users of an HIV service. This was a classic case of putting all the email addresses of a large circulation … Continue reading →

Posted in GDPR | Leave a comment

Royal Free NHS Trust and Google UK

Posted on May 5, 2016 by admin

The murky world of Information Governance in the NHS has been further stirred by the story of the arrangements between the Royal Free Trust and Google UK. The BBC and others have reported a “data-sharing agreement” between the two. Google … Continue reading →

Posted in GDPR | Leave a comment

NHS Email Armageddon 2016

Posted on April 1, 2016 by admin

All intelligent people understand that email and the personal inbox is not a good place to store and manage corporate information. Many organisations will have formal policies which forbid, frown on, or discourage such practices. A small subset of those … Continue reading →

Posted in GDPR | Leave a comment

The appeal of Alzheimers

Posted on February 18, 2016 by admin

Article originally posted in February 2016. Updated following confirmation from the society that they had withdrawn the appeal after the terms were varied by mutual consent to extend it to April 2017 and the ICO had subsequently confirmed satisfaction that … Continue reading →

Posted in GDPR | Leave a comment

Do Children Have Rights (Part 2)

Posted on May 25, 2015 by admin

How far can we rely on Information Commissioner’s Office (ICO) Guidance? I recently commented on the issue of schools internally publicising the performance of pupils. But what about publishing to the world? The concerns expressed below may be more serious … Continue reading →

Posted in GDPR | Leave a comment

Do schoolchildren have rights?

Posted on May 19, 2015 by admin

My eye was caught recently by this article on the BBC News channel. It seems some, no doubt well-meaning,* Head thought it a good idea to create what was in effect a league table of pupils’ ability by displaying their … Continue reading →

Posted in GDPR | Tagged data protection, principle 1 | Leave a comment

← Older posts

Search for:
Recent Posts
Archives
Categories
- EIR
- FOI
- GDPR
- Information Security

Author Archives: admin

Recent Posts

Archives

Categories