Data Protection Guide

Only available on StudyMode
  • Download(s) : 117
  • Published : February 8, 2013
Open Document
Text Preview
DATA PROTECTION ACT 1998
GUIDANCE TO SOCIAL SERVICES

March 2000

CONTENTS
Section 1 Section 2 Section 3 Introduction Glossary of terms Good practice in record keeping Principles underpinning good practice A policy framework Retention and destruction of records Records subject to statutory requirements Management commitment to good practice

4 8

14
14 15 16 17 17

Contents

page 1

Section 4

Details of the Act and its implementation Access to social services records Personal information covered by this guidance Right of access Requests by, or on behalf of, a child or a young person under 18 Requests made on behalf of an adult lacking mental capacity Requests made through another person (an agent) Requests for access to the records of a deceased person Dealing with a request for access, and fees Where an authority does not hold the information requested Points to consider before access is given Information to be disclosed Information that includes details about another person Timescale Presenting the information Where an authority holds information that the person considers is inaccurate When an authority can rely on an exemption to refuse access Where an authority decides to refuse access

20

Section 5

24
24 25 26 27 27 27 27 28 28 28 29 29 30 30 31 32

page 2

Data Protection Act 1998

Challenge to an authority’s decision to refuse access or amend records Appeal by data controller against enforcement notices to Data Protection Tribunal Conclusion

33

33 33

Section 6

Confidentiality of social services records
General Principles Disclosing personal information: With consent Without consent – for social services purposes – for other purposes Disclosure of information about those without capacity to consent Sharing information Disclosure of information for research purposes Monitoring

34
34 35 36 36 37 37 38 38 39 39

Appendix 1 Appendix 2

The Data Protection Principles The Data Protection (Subject Access Modification) (Social Work) Order 2000 – Explanatory Note Data Protection Advisory Group Contents page 3

40

41 43

Appendix 3

SECTION 1
Introduction
1.1

The Data Protection Act 1998 (DPA) came into force on 1 March 2000. The purpose of this guidance to local authority social services is to provide information about how the DPA works in relation to giving access to social work records. The guidance also gives: • guidance on good practice in compiling and maintaining records. Authorities having well-maintained records will find it easier to comply with the requirements of the Act; • advice on the need for policies covering the retention and disposal of other records. • guidance on confidentiality and social services records;

1.2

The DPA repeals the Data Protection Act 1984. It also repeals the Access to Personal Files Act 1987 and most of the Access to Health Records Act 1990. The effect is to create a single regime of access for social work records. Some of the DPA’s provisions are subject to transitional arrangements. The DPA enhances the rights of individuals to gain access to information held about them. The responsibilities of the Data Protection Commissioner (DPC) (formerly the Data Protection Registrar) are extended, not only in terms of scope but also functions

page 4

Data Protection Act 1998

and enforcement. The DPC has published guidance on how the Act may be interpreted, entitled The Data Protection Act 1998 – An Introduction, which can be ordered from the DPC’s office at Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or through the information line on 01625 545 745. It is also available on the internet at www.dataprotection.gov.uk. 1.3

Section 2 provides a glossary of terms used in this guidance, including a list of definitions from the DPA. Section 3 of this guidance provides good practice guidance on record keeping. Section 4 gives details about the DPA and its implementation. Section 5 deals with the rights of...
tracking img