By Judith Jones, Group Manager.
Today’s launch of a new publication by the charity ‘Accessing and sharing information: acting on behalf of a person with dementia’ will touch millions of people and is a prime example of the ICO working alongside partner agencies to help people understand their rights and security around personal data.
On a personal level I, like many of my colleagues at the ICO, have experienced problems when trying to engage with organisations on behalf of family and friends with dementia. We have also become increasingly aware of concerns being reported by the public about how the Data Protection Act (DPA) is being applied in these situations. Complaints and enquiries received by the ICO have shown there is a good deal of uncertainty in this area, as well as highlighting instances where people with a power of attorney have been denied access to information about the people they represent.
This leaflet was a great opportunity for us to get involved and help set out clear guidelines in relation to the DPA.
It provides excellent advice from the Alzheimer’s Society to those supporting people with dementia when it comes to helping or managing their affairs and personal information including:
- When someone has the legal power to act on behalf of a person with dementia.
- When you have permission to manage someone else’s information but no legal power.
- When you can’t get permission and have no legal power.
Our role was to advise on how data protection works in each of these scenarios. Working in partnership with the Alzheimer’s Society, the Office of the Public Guardian and others has helped to spread our message in this important area.
A key part of data protection legislation is to defend the rights of vulnerable people. Companies and organisations have a duty to keep people’s data safe and are not allowed to simply hand out or consult on personal information without proper care or an individual’s permission. In this way the DPA plays an important part in protecting vulnerable people.
The benefits of data protection and how it affects people in their daily lives can often be overlooked but it is also often wrongly blamed for causing problems. Used properly it can help organisations find the balance between respecting people’s privacy and providing effective support.
The leaflet has enabled us to bust some of the myths around managing someone else’s information even if a relative or carer has no legal power, such as a power of attorney.
The Data Protection Act will not prevent someone from accessing and updating information about another person, as long as they have permission. People who can still manage their affairs can give permission for others to speak on their behalf. The guidance explains that the person should give their consent and proof of this permission will be asked for by the organisation along with proof of identification.
Data protection also doesn’t stop carers calling up organisations to let them know about incidents or changing situations providing proper safeguards are in place.
Our experience in the field of information rights combined with the complementary expertise of the Alzheimer’s Society, the Office of the Public Guardian and that of the other organisations involved has led to comprehensive guidance that addresses key aspects of information sharing and access to information.
Last updated 11/02/2015 16:40
|Judith Jones is Group Manager responsible for developing and managing relations with government departments and organisations in the Strategic Liaison Division of the ICO.|