“He knows nothing; and he thinks he knows everything. That points clearly to a political career.”
― George Bernard Shaw,
Having brought and subsequently lost a constructive dismissal claim, in 2014 and 2015, a Mr Percival made a series of Subject Access Requests to the Ministry of Justice (MoJ) seeking access to the judge’s notes relating to the employment tribunal.
The MoJ initially resisted the request on the basis that judicial notes should not be disclosed as part of a subject access request. They argued that the Judge’s notes were not part of a “relevant filing system” so were not within the scope of the Data protection Act and that the MoJ were not the relevant data controller concerning the notes
The ICO also disagreed with the argument put forward by the MoJ that they were not the data controller, deciding that the MoJ became the data controller in relation to the notes as soon as they were included in the court file.
Accordingly, the ICO recommended that all personal data (including the Judge’s handwritten notes) should be provided. The judge’s notes were eventually released to Mr Percival in January 2017.
It is reported that the ICO letter to Mr Percival stated
“there is no doubt that clarifying the nature of the relationship between judicial notes and the DPA is important … a decision on the relationship is likely to be far-reaching and extend well beyond the particular circumstances of your own case.”
Often SMP’s keep their scribbles to themselves. The ICO advice makes it clear that if the SMP has used a pen during the appointment, then he or she is obliged to disclose what they have written in answer to a subject access request.
Myth #2: consent to Disclose a report cannot be revoked when an Occupational Health Doctor is performing a work test for an employer
IODPA has already discussed the Access to Medical Reports Act. You can refresh your knowledge here:
But what are the thoughts to the GMC on this matter? Michael Keegan, Policy Adviser with the GMC’s Standards & Ethics Team made it quite clear in a 2009 letter he sent to the Faculty of Occupation Medicine.
If a doctor makes a report based on that person’s own medical history, specific consent of disclosure is required.
Mr Keegan elucidates:
For the avoidance of doubt, I should state that the disclosure of a report expressing an opinion (on a patient’s fitness to work, for example) based on confidential information is a disclosure. I think that was common ground.
He contrasts this with a report authored with information that originated from the employer alone:
Reports based on information to which patients’ employers or insurers already have access are not disclosures for the purposes of this guidance, although the involvement and role of doctors should be explained as part of the information about the process.
Police forces do not have the information held on your GP medical records – this is why they demand full records from birth with poorly veiled threats to suspend awards on non-compliance. They fail to realise by obtaining such information they then have statutory restrictions on any report or certificate they write based on such information.
This takes us to the final myth: they can’t keep the confidential, personal and sensitive data they already possess!
Myth #3: A Police force can retain the personal CONFIDENTIAL & sensitive data of a retired officer forever in perpetuity “just in case“
This debunk involves a Mr Herring who, having attended a Police Medical Appeals Board (‘PMAB’), approx 15 years ago recently discovered that the Avon and Somerset Constabulary still retained a full set of his medical records from birth. They attempted to justify this retention on the basis that the records were being held ‘just in case’ they were required at some point in the future. Case law confirms that once a medical assessment has been made under the PIBR 2006, then that decision is final and introducing or using previous medical information can be unlawful.
The case was taken to the Information Commissioner’s Office (‘ICO’) regarding the excessive retention and processing of data of personal sensitive information. After consultation with the National College of Policing (‘COP’), the ICO upheld the complaint, and instructed the Avon and Somerset Constabulary to cease processing this material forthwith and either destroy it, or return it to Mr Herring upon request.
We quote from the ICO’s advice to Mr Herring,
“…it would appear that the constabulary is excessively processing sensitive personal data about you. It would appear unnecessary for the constabulary to continue to retain information about your medical records, going right back to your birth.
We have therefore asked the constabulary to cease processing your medical records. We would recommend that you contact the constabulary directly to agree how best for them to do this; whether it be that they return the information to you or securely destroy it”
Mr Herring subsequently had his medical records returned to him.
There is therefore no justification or provision in law for holding or processing such excessive amounts of sensitive personal information. Many forces hold vast amounts of information relating to retired officers, and for no lawful reason. We understand that the COP will be issuing guidance to forces, but in the meantime it is open for all retired officers to contact their force and ask for the return of their data. We would also encourage them to do so.