Data Protection Act 1998 section 56: Enforced Subject Access – What you need to know.

Slides:



Advertisements
Similar presentations
An Overview of the PVG Scheme
Advertisements

Codifying Directors Duties John Birds. Background Law Commission Report 1999 Law Commission Report 1999 Steering Group of Company Law Review
DAVID ARCHARD PROFESSOR OF PHILOSOPHY What does it mean to have a right of participation?
Data Protection Information Management / Jody McKenzie.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
What is in your Employee Files? Disclaimer: “I have no relevant financial relationships with the manufacturers of any commercial products.
LLL - Supporting Lutheran Schools Last updated: January 2014.
The Childcare Act 2006 and the Childcare (Disqualification) Regulations 2009 NASUWT Supply Members’ Briefing March 2015.
Bribery Jon Taylor 24 June What is bribery? Transparency International (a non-governmental anti-corruption organisation) defines bribery as "the.
Conducting an Investigation Presented by Alexandra Goldie Employment Law Adviser.
“In the vast area of legal jurisprudence, there are undoubtedly many instances where being the first, or only, jurisdiction to grant rights to persons.
PRIVATE EMPLOYER “BAN THE BOX” LEGISLATION Commissioner Kevin Lindsey Minnesota Department of Human Rights September, 2014.
Safeguarding Hub Webinar Parental access to child protection records: protecting pupil disclosure Katie Michelon
ELS BAIL. Bail Bail is the release from custody, pending a criminal trial, of an accused on the promise that money will be paid if he absconds. The decision.
RIPA & The Protection of Freedoms Act 2012 Tim Glews
HUMAN RIGHTS – BAD? GRESHAM COLLEGE 5 TH NOVEMBER 2014 GEOFFREY NICE.
Hong Kong Privacy Code on Human Resource Management
ISO 9001 Interpretation : Exclusions
McGraw-Hill ©2010 The McGraw-Hill Companies, Inc. All rights reserved.
Ownership of Intellectual Property: Textbooks and Inventions Frank Lancaster UT Office of the General Counsel Presented at The University of Tennessee.
UNIT 4: Consumer and Housing Law Chapter 23 Contracts
Towards a Freedom of Information Law in Qatar Fahad bin Mohammed Al Attiya Executive Chairman, Qatar National Food Security Programme.
HIPAA Health Insurance Portability & Accountability Act of 1996.
Data Protection Act Description The Data Protection Act controls how your personal information can be used and protects from the misuse of your.
The Data Protection Act
1 OVERVIEW PRESENTATION FREEDOM OF INFORMATION (SCOTLAND) ACT 2002.
Exemptions and the Public Interest Test Louise Townsend - Masons.
Marketing - Best Practice from a Legal Point of View Yvonne Cunnane - Information Technology Law Group 30 November 2006.
\presentation4 PRE-EMPLOYMENT SCREENING Christine Jenner Partner, DAC Beachcroft LLP.
Presented at the Special Education Forum – TDSB Ward 2 December 4, 2012 SSEN 2012.
© Ecclesiastical Insurance Office plc 2013 Insurance and Night Shelters October 2013 Marcus Booth & Paul Franklin Ecclesiastical Insurance.
The A-Z of employment issues for an Israeli Company in the United Kingdom Daniel Naftalin 16 April 2012.
Legal Aspects of Computer System Security “Security - Protecting Our Resources”
INTERNATIONAL LAW PARMA UNIVERSITY International Business and Development International Market and Organization Laws Prof. Gabriele Catalini.
How much do you know about stalking?. How many women in Britain are stalked at some point in their adult life? (between ages of 16 – 59) A) 1 in 3 B)
230 F.R.D. 640 (D. Kan. 2005).  Shirley Williams is a former employee of Sprint/United Management Co.  Her employment was terminated during a Reduction-in-
NEBOSH LEVEL 6 NATIONAL DIPLOMA MODULE A: MANAGEMENT OF HS LESSON 9 : CRIMINAL LAW Part One: HASAWA 1974.
Agency Law. “If you want something done right, do it yourself.” “Many hands make light work.” Anonymous folk sayings.
By Richard A. Mann & Barry S. Roberts
Chapter 4 Sentencing and punishment. In this chapter, you will look at the purposes and process of sentencing and the different factors affecting a sentencing.
HIPAAand Disaster Situations By LYNDA M. JOHNSON Friday, Eldredge & Clark.
Topic 2 Vicarious liability.
The Bribery Act 2010 Rhodri DaveyPartner & Head of Employment Team.
Data Protection Corporate training Data Protection Act 1998 Replaces DPA 1994 EC directive 94/46/EC The Information Commissioner The courts.
The Data Protection Act What Data is Held on Individuals? By institutions: –Criminal information, –Educational information; –Medical Information;
Public Law II Criminal law: The Tyrer Case. The composition of the UK? England England Wales Wales Scotland Scotland Northern Ireland Northern Ireland.
Why the Data Protection Act was brought in  The 1998 Data Protection Act was passed by Parliament to control the way information is handled and to give.
Topic 7 Self-defence. Topic 7 Self-defence Introduction There are three situations where the use of force may be justified: Self-defence: this is a common-law.
CHAPTER 14 Redundancy. Overview We begin by looking at the statutory definitions, then consider the rules concerning offers of alternative employment.
IM NETWORK MEETING 20 TH JULY, 2010 CONSULTATION WITH 3 RD PARTIES.
Crime CLN4U. Legal Definition In Canada, a crime can be defined as any act or omission, the doing of which is an offence under federal legislation In.
Consent & Vulnerable Adults Aim: To provide an opportunity for Primary Care Staff to explore issues related to consent & vulnerable adults.
1 Data Protection & Confidentiality Young Carers Workers Conference, Harrogate, 25 March 2009 Paul Ticher
Information Technology & Ethics. Impact The impact of IT on information and communication can be categorized into 4 groups: privacy, accuracy, property,
LAW for Business and Personal Use © 2012 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible.
Agency Relationships Section Understanding Business and Personal Law Agency Relationships Section 18.1 Creation of an Agency Section 18.1 Agency.
2012 ADVANCED TRADEMARK LAW SEMINAR March 14, 2012 ACC Quick Hit Joseph Petersen Partner Kilpatrick Townsend.
LAW for Business and Personal Use © 2012 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible.
Technology and Brand Law Implementing The New EU Data Protection Regulations.
Legal Considerations Members in Practice (MIP) Members in Business (MIB)
The Disclosure and Barring Service Taxi and PHV licensing conference Thursday 19 March 2015 Presented by:Ian Johnston - Director for Operations (Disclosure)
Managing the RDS Complying with Legislation ACO Howard Robinson.
Copyright © 2010 South-Western Legal Studies in Business, a part of South-Western Cengage Learning. and the Legal Environment, 10 th edition by Richard.
- Special Education Needs (SEN) Network Administrative and Financial Aspects.
BELL QUIZ ON CHAPTER 11 What is it called when a contract has been properly and completely carried out? What does the court ask when determining if the.
Fundamentals of business law, 10e
Money laundering offences Proceeds of Crime Act 2002
Data protection issues in regulatory investigations
Law, the Courts, and Contracts
Jurisdiction filters The 2019 Hague Convention on the recognition and enforcement of foreign judgments in civil or commercial matters Hong Kong 9th September.
Presentation transcript:

Data Protection Act 1998 section 56: Enforced Subject Access – What you need to know

Section 56: What you need to know From the 1 December 2014 it will be a criminal offence to require an individual to make a subject access request for information related to their criminal past. The offence relates to circumstances relevant to the employment of an individual or the provision of goods, facilities or services to an individual. It is punishable by way of an unlimited fine in England and Wales. Different statutory maximums apply in Scotland and Northern Ireland depending on where the offence is tried.

Section 56(1): What does the Act say? Section 56(1): ‘A person must not, in connection with – (a)The recruitment of another person as an employee, (b)The continued employment of another person, or (c)Any contract for the provision of any services to him by another person, require that other person or a third party to supply him with a relevant record or to produce a relevant record to him.’

Section 56(2): What does the Act say? Section 56(2): ‘A person concerned with the provision (for payment or not) of goods, facilities or services to the public or a section of the public must not, as a condition of providing or offering to provide any goods facilities or services to another person, require that other person or a third party to supply him with a relevant record or provide a relevant record to him.’

Section 56: Scope of the offences Section 56(1): Designed to cover all areas of employment and only needs to be ‘in connection with’ any of the matters mentioned. 56(1)(a) & (b) cover the process of recruiting employees or checks as part of continued recruitment. 56(1)(c) – ‘any contract for provision of services to him…’ covers situations such as contractors.

Section 56: Scope of the offences Section 56(2) Covers persons concerned with the provision of goods facilities or services to the public. Goods, facilities and services is not defined but will include things such as insurance. ‘in connection with’ v ‘as a condition of’ – Section 56(2) is slightly narrower in scope than 56(1)

Section 56: Other key terms Require Require has a variety of natural meanings, including ‘to make compulsory’ or ‘to make necessary’. We take a wide view of what would constitute a ‘requirement’ to cover: Any circumstance where the data subject is given no choice but to make a subject access request. (make a SAR or else…) It can also cover circumstances where a data subject is ‘asked’ or ‘invited’ to make a SAR. The consequences to the individual of not making a SAR, be they actual, likely or perceived, will be an important consideration in determining the existence of a requirement.

Section 56: Other key terms Relevant record: Defined in section 56(6) as being any record which: Has been or is to be obtained from specified data controllers by a data subject by way of a subject access request and Contains information relating to any specified matter in relation to that data controller (including a statement that no personal data relating to that matter is being processed (s.56(9)) BUT does NOT include any record to the extent that it relates only to category (e) personal data. (Section 56(6A))

Section 56: Defences Section 56(3) provides for two defences: Where the imposition of the requirement was required or authorised by or under any enactment, by any rule of law or by order of a court, or In the particular circumstances the imposition of the requirement was justified as being in the public interest. BUT – The imposition will not be in the public interest simply because it would assist with the prevention or detection of crime (section 56(4)).

Section 56 examples: Richard is applying to work at a well known toy store. On the application form it asks him to declare if he has any convictions or cautions. Beneath this, it asks if he would be prepared to make a request for a copy of his Police National Computer (PNC) record and provide them with the results. It has a tick box for ‘yes’ and a tick box for ‘no’. Richard has no criminal convictions or cautions and so ticks yes. Is this an enforced subject access? The information requested would be a relevant record as it is information about Richard’s convictions/cautions (even though no information is held) and it is to be obtained by Richard making a SAR. The likely effect of Richard ticking no is that his application will not be processed – In effect he has no real option but to tick yes. This is sufficient for it to be a ‘requirement’. The requirement is made in connection with the recruitment of Richard as an employee This would be an offence under section 56(1)(a).

Section 56 examples: Jonathan is seeking to volunteer at a local after school care association. As part of the volunteer agreement, it says that Jonathan must make a subject access request for copies of his PNC record and provide a copy of the response to them. Is this enforced subject access? The provision of volunteering opportunities is considered to be caught by the provision of goods, facilities and services. The after school care association is therefore ‘concerned with’ the provision of goods, facilities and services to a section of the public. The information to be obtained is of a specified matter (convictions and cautions from the PNC) to be obtained in response to a SAR. It is a relevant record. Although not explicitly stated, if he does not make the SAR it is likely that Jonathan will not be allowed to volunteer. This is sufficient for there to be a requirement. In addition, since his ability to volunteer is dependant on him making the SAR, the requirement is a condition of him receiving the goods, facilities and services in question. This would be an offence under section 56(2).

Section 56 examples: Jenny has applied to a local housing association in order to get a property. Prior to accepting her application, the housing association asks Jenny to obtain a copy of her prison record and records of her national insurance contributions. Is this enforced subject access? The information requested is a relevant record – The table includes information relevant to social security contributions and prison records. It is to be obtained by Jenny in response to a SAR. Jenny is not being offered a choice in this case although even if she were given the option of saying no, it is likely then that her application would be refused. This is a requirement. The housing association are concerned with the provision of goods, facilities and services to the public. Her ability to get housing from the association is dependent on her making the SAR – The requirement is a condition of the provision of service/facility.

Guidance Guidance is available at the following link:

Keep in touch

Webinar video and presentation slides available from ico.org.uk/webinars

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.