Dave's comment on my original post on this topic
Am I the only person aghast (and hence, passing the Voight-Kampff test) about the fact that information about would-be doctors' religious and sexual persuasions is even gathered, let alone recorded?
raises some points which I think deserve their own entry, so here it is.
Dave, I'm glad (and hence either pass the Voight-Kampff test myself or am from the new, improved Nexus 8 range...) to say your empathy does not make you unique... though us being aghast about it will be of little comfort to those concerned. Two things spring to mind:
1 - best practice is for sensitive personal data such as religious/sexual/ethnic specifics to be captured on a separate form from the basic profile data, and for the disclosure by the subject to be voluntary.
The separate form ought then to be linked to the main document only by a non-personally identifiable index number, and the sensitive personal data ought only to be used statistically, in support of assessments of whether the organisation in question is meeting statutory obligations in areas such as sexual/racial equality.
2 - The UK Information Commissioner's Office has indicated that it intends to focus more, in future, on "actual detriment" suffered by data subjects as a consequence of breaches of privacy. This sad episode raises some very pertinent practical questions about such a policy.
How does one assess the 'actual detriment' which has resulted, as of today, from this data breach?
When does the current data breach cease to be the cause of future 'actual detriment'? Now that a given junior doctor's personal details have been disclosed, how soon will anyone be able to say that a given instance of 'actual detriment' - such as a homophobic brick through the windscreen - did not result from this data breach?
![[RSS Newsfeed]](/themes/sotto/images/valid-rss.png)
![[This is a Roller site]](/themes/sotto/images/roller-logo.gif){kind=logo}