Information about an individual is sometimes shared within the same organisation or between several different organisations for a number of reasons, according to the ICO.
For example, a local authority may use information supplied on a council tax form to help other departments update their records; the police may share information with a local authority to help counter antisocial behaviour in the area; or a teacher might share information about a child with a social worker and health professional so that the child’s needs can be addressed.
Where information sharing is expected and reasonable it can often take place without an individual’s consent, the ICO notes.
However, if an organisation wants to share sensitive or confidential information, such as details about someone’s health record, they will "generally require consent". The guidance states that if an individual is asked to consent to information sharing they should have a genuine free choice.
Iain Bourne, head of data protection projects at the ICO, said: "More and more information is being shared about us, often for useful and wholly legitimate purposes. It is important that individuals are aware of their rights under the Data Protection Act."
Under the Data Protection Act individuals have the right to access the information that organisations hold about them. The guidance states that organisations sharing information should be able to tell the public what the information is, who it is being shared with and why it is being shared.
The latest guide is avaialbe here.
Data protection guidance revised in UK
By Robert Jaques on Aug 9, 2007 2:26PM