archive, records management and museum services confidentiality, personal data and the data...

Archive, Records Management and Museum Services

Confidentiality, Personal Data and the Data Protection Act 1998

Alan R Bell

Records Manager and Information Compliance Officer


Confidential


1. Done or communicated in confidence; secret.

2. Entrusted with the confidence of another.

3. Denoting confidence or intimacy.

4. Containing information, the unauthorized disclosure of which poses a [risk].

http://www.thefreedictionary.com/confidentiality


the principle in medical ethics that the information a patient reveals to a health care provider is private and has limits on how and when it can be disclosed to a third party. Dorland's Medical Dictionary for Health Consumers. © 2007 by Saunders, an imprint of Elsevier, Inc. All rights reserved.

the ethical principle or legal right that a physician or other health professional will hold secret all information relating to a patient, unless the patient gives consent permitting disclosure. The American Heritage® Medical Dictionary Copyright © 2007, 2004 by Houghton Mifflin Company. Published by Houghton Mifflin Company. All rights reserved.

1 the nondisclosure of information except to another authorized person.2 (in research) protection of study participants such that an individual participant’s identity cannot be linked to the information provided to the researcher and is never publicly divulged. Mosby's Medical Dictionary, 8th edition. © 2009, Elsevier.

the nondisclosure of certain information except to another authorized person. Mosby's Dental Dictionary, 2nd edition. © 2008 Elsevier, Inc. All rights reserved.

secrecy relating to information. All clinical data have a degree of confidentiality, the level varying with the information and the circumstances. Saunders Comprehensive Veterinary Dictionary, 3 ed. © 2007 Elsevier, Inc. All rights reserved

http://medical-dictionary.thefreedictionary.com/confidentiality


Information

Data

Privacy

Personal

Disclosure/Non-disclosure

Legal Rights


Personal Data


What Is Personal Data?

Personal information held:

• about a living person

• which can identify that person

• which may be of a sensitive nature


What Is Sensitive Personal Data?

Information concerning a person’s:

•Race

•Politics

•Religion

•Trade Union membership

•Physical condition or mental health

•Sexual life

•Criminal record


Personal Information and the Data Protection Act


What does it do?

Data Protection Act 1998

Governs the ways that personal information can be processed. It is not privacy legislation


•Growth of computer technology in early 1970’s

•Development of large data banks of personal information

•1984 Data Protection Act – Electronic information only

•Disparity in Data Protection regimes in EU member states•1995 EU Data Protection Directive

•1998 2nd UK Data Protection Act


•Implements European Data Protection Directive 95/46/EC in the UK

•The Act received Royal Assent 1998 – It came into full force 2001

•Entirely replace Data Protection Act 1984

•Now includes data held in manual formats

•Updates the Data Protection Principles

•Includes new rules for processing sensitive personal data

•New definitions of ‘ personal data’


The Act Applies To

•Paper files

•Electronic files and databases

•Web pages

•Photographs

•CCTV

•Voice recordings

•X rays

•Publications


Relevant Filling System


•Data Controller:

•Data Processor:

•Data Subject:

Who/what are these?


•Data Controller: determines the purposes for which and the manner in which personal data are processed

•Data Processor: any person, other than an employee of the data controller, who process the data on behalf of the data controller

•Data Subject: an individual who is the subject of personal data


8 Data Protection Principles

1. ‘Personal data shall be processed fairly and lawfully’

2. ‘Personal data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or purposes’

3. ‘Personal data shall be adequate, relevant, and not excessive in relation to the purpose or purposes for which they are processed’

4. ‘Personal data shall be accurate and, where necessary, kept up to date’


5. ‘Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes’

6. ‘Personal data shall be processed in accordance with the rights of data subjects under this Act’

7. ‘Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data’

8. ‘Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data’



must not deceive or mislead

must state the purpose of the processing

must provide your identity

must have consent of the data subject – can not infer this from a lack of response

must specify time period of consent



must have appropriate safeguards for data

must obtain consent from data subjects for processing if data provided by a third party



must identify purposes for which data is being processed



must ensure purposes are compatible with information given to data subjects and to the Office of the Information Commissioner



must not further process if purposes are not compatible with consent or notification to OIC without resolving conflicts



must establish what is collected and why

must audit data holding against need – minimum information must be collected – do not collect ‘just in case’

must establish effective data retention and disposal policies



must establish policies and procedures to test new and modified data collection against the principle


4. ‘Personal data shall be accurate and, where necessary, kept up to date’

must establish methods to validate the source of data must establish policies and procedures to keep data up to date

must establish policies and procedures to correct or mark as incorrect any disputed data


5. ‘Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes’

must establish policies and procedures review why you are retaining data – eg current use, audit/legal purposes, research purposes.

must delete data that is no longer needed


6. ‘Personal data shall be processed in accordance with the rights of data subjects under this act’

rights of data subjects include:

right to be told that their personal data is being processed and for what purpose

right to obtain a copy of their personal data

right to prevent the use of their data for direct marketing purposes

right to be told to whom the data will be disclosed


right to prevent processing which may cause substantial damage or distress to the data subject

right to have explained the logic behind any decision taken on the basis of the processing of the data




must manage operations to ensure that data subjects can exercise their rights properly and fully


7. ‘Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data’

practical steps to compliance include:

do not allow staff to share passwords

site PC’s where the screen can not be seen by unauthorised staff or the public and do not leave information on the screen when you are not there

when using external agencies ensure processing is carried out under written contracts


block access to systems by former staff

vet all prospective employees (eg cleaners)

react to allegations of access to unauthorised data

do not leave files unattended in the open

shred personal data rather than bin it

do not design documents/write papers in ways that reveal personal data

physical and electronic security

staff trainingmeasures to prevent accidental loss, damage or

destruction of data


8. ‘Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data’

must not transfer data by any means (including electronic) if in doubt


Processing of Personal Data (Schedule 2)

• consent of data subject

•The processing is:

necessary for the performance of contract or with a view to entering into a contract

necessary for compliance with a legal obligation other than imposed by a contract

necessary in order to protect the vital interests of the data subject


necessary for the administration of justice; for the exercise of functions under an enactment; for functions of the Crown, Ministers, or government departments; for the exercise of other functions of a public nature exercised in the public interest

necessary for the pursuit of legitimate interests except where the processing is unwarranted by reasons of prejudice to the rights and freedoms or legitimate interests of the data subject


Processing of Sensitive Data (Schedule 3)

• consent of data subject

•The processing is:

necessary to meet obligation under employment law

necessary to protect the vital interests of the data subject or another individual


carried out in the course of legitimate business, is not for profit, has appropriate safeguards, does not involve the disclosure of information to a third party without consent, is by a political, religious, philosophical or trade union body, and concerns only individuals who are members or who are associated with the body

necessary for legal proceedings; obtaining legal advice; establishing, exercising, or defending legal rights


necessary for the administration of justice; for the exercise of functions under an enactment; for functions of the Crown, Ministers, or government departments

necessary for medical purposes; conducted by a health professional or someone with equivalent duty of confidentiality; includes preventative medicine, diagnosis, medical research, provision of care and treatment, management of healthcare services


necessary promote or maintain equal opportunities, subject to appropriate safeguards for rights and freedoms of data subjects

•Processing can take place where the data subjects have made information about themselves public


necessary for medical purposes; conducted by a health professional or someone with equivalent duty of confidentiality; includes preventative medicine,

diagnosis, medical research, provision of care and treatment, management of healthcare services


Personal data shall be processed fairly and lawfully



necessary for medical purposes; conducted by a health professional or someone with equivalent

duty of confidentiality; includes preventative medicine, diagnosis, medical research, provision of care and treatment, management of healthcare

services

+ Schedule 2 condition


necessary for medical purposes; conducted by a health professional or someone with equivalent

duty of confidentiality; includes preventative medicine, diagnosis, medical research, provision of care and treatment, management of healthcare

services

+ Schedule 2 condition


Fair processing statement/privacy notice


Informed Consent(schedule 2 and schedule 3)

Fair processing statement/privacy notice


The Research Exemption


33 Research, history and statistics.

(1) In this section— “research purposes” includes statistical or historical purposes; “the relevant conditions”, in relation to any processing of personal data, means the conditions—

(a) that the data are not processed to support measures or decisions with respect to particular individuals, and

(b) that the data are not processed in such a way that substantial damage or substantial distress is, or is likely to be, caused to any data subject.

(2) For the purposes of the second data protection principle, the further processing of personal data only for research purposes in compliance with the relevant conditions is not to be regarded as incompatible with the purposes for which they were obtained.

(3) Personal data which are processed only for research purposes in compliance with the relevant conditions may, notwithstanding the fifth data protection principle, be kept indefinitely.

(4) Personal data which are processed only for research purposes are exempt from section 7 if—

(a) they are processed in compliance with the relevant conditions, and

(b) the results of the research or any resulting statistics are not made available in a form which identifies data subjects or any of them.

(5)For the purposes of subsections (2) to (4) personal data are not to be treated as processed otherwise than for research purposes merely because the data are disclosed—

(a) to any person, for research purposes only,

(b) to the data subject or a person acting on his behalf,

(c) at the request, or with the consent, of the data subject or a person acting on his behalf, or

(d) in circumstances in which the person making the disclosure has reasonable grounds for believing that the disclosure falls within paragraph (a), (b) or (c).


Information

Data

Privacy

Personal

Disclosure/Non-disclosure

Legal Rights


Informed Consent

archive, records management and museum services confidentiality, personal data and the data...

Documents

nondisclosure of information

mosbys medical dictionary

dorlands medical dictionary

records management

medical ethics

mosbys dental dictionary

rights reserved http

imprint of elsevier