This interesting article appeared recently (Sunday 10th August 2014).
Sir Peter Fahy, the Greater Manchester chief constable, talks about the Police needing new and expanded rights to access medical records and other confidential data without an individual’s consent.
At present, the police (like any other agency or body) can request access to someone’s personal information and – even without that person’s consent – obtain access. Yet access without consent should only happen where it is justified: where there is either (i) an explicit legal obligation to share without the individual’s consent – such as a court order or an Act of parliament with an explicit ‘power’ to compel the sharing, or (b) when all legitimate interests and needs are considered – those of the individual; the organisation making the request; wider society – and on balance, the need to share without the individual’s consent outweighs the expectation of confidentiality or privacy that the individual may have.
What the “new and expanded rights” would entail is not made clear – but the implication is a change in the default position, from “you can only see this information where there are clear grounds” to “I can automatically see this, give it here.”
This intervention shows the difficulty in getting Data Sharing right. As Mr Fahy sees it, there is an “industry of case conferences and referral forms” via which police try and get the personal information they need from other agencies. Mr Fahy believes this is a drain on police time and resources – and it might be, if the purposes for which personal information is to be shared and the thresholds for breaching confidentiality do not follow clearly define, well thought through and well understood agreements or protocols.