Inquiry concerning the Department of Health - June 2023

Document

Cited authorities 66

Cited in

Date	16 June 2023
Section	Decisions made under data protection act 2018

In the matter of the General Data Protection Regulation

DPC Case Reference: IN-21-3-2

In the matter of the Department of Health

Decision of the Data Protection Commission made pursuant to section 111 of the Data Protection

Act 2018

Further to an own-volition inquiry commenced pursuant to section 110 of the Data Protection Act

2018

DECISION

Decision-Maker for the Data Protection Commission:

________________________________

Helen Dixon

Commissioner for Data Protection

16 June 2023

Data Protection Commission

21 Fitzwilliam Square South

Dublin 2, Ireland

Contents

1. Introduction .................................................................................................................................... 4

2. Legal Framework for the Inquiry and the Decision ......................................................................... 4

i. Legal Basis for the Inquiry ........................................................................................................... 4

ii. Controller .................................................................................................................................... 5

iii. Legal Basis for the Decision ......................................................................................................... 5

3. Factual Background ......................................................................................................................... 5

4. Scope of the Inquiry and the application GDPR .............................................................................. 8

5. Issues for Determination................................................................................................................. 9

6. Issue A: Whether, during the Temporal Scope, the DOH had a lawful basis under Articles 6 and 9

GDPR to process certain categories of personal data of data subjects on its SENs litigation files, and

whether it complied with the principle of data minimisation in respect of this processing ................ 10

i. Relevant law .............................................................................................................................. 10

ii. Analysis of Issue A ..................................................................................................................... 31

iii. Conclusion on processing personal data in Categories A and B(i) for Purpose A ..................... 47

iv. Conclusion on processing personal data in Categories A and B for Purpose B ........................ 49

7. Issue B: Whether the DOH may legitimately rely on Article 23 GDPR and section 60(3)(a)(iv) or

162 of the 2018 Act to restrict the scope of the obligations of Article 14 GDPR to provide transparent

information to data subjects in respect of SENs cases where personal information concerning data

subjects is obtained from sources other than the data subjects .......................................................... 51

i. Relevant law .............................................................................................................................. 51

Legal professional privilege (‘LPP’) ................................................................................................... 57

ii. Relevant Facts ........................................................................................................................... 59

iii. Analysis of Issue B ..................................................................................................................... 60

iv. Conclusion on Issue B................................................................................................................ 64

8. Issue C: Whether the DOH complied with its obligations under Articles 5(1)(f) and 32(1) GDPR in

relation to the internal access to its litigation files ............................................................................... 64

i. Principle of integrity and confidentiality .................................................................................. 65

ii. Assessing Risk ............................................................................................................................ 66

iii. Security measures implemented by the DOH: permitting access to the SENs litigation files by

staff members with no business need to access those files ............................................................. 68

iv. The appropriate level of security ............................................................................................. 72

9. Decision on corrective powers ...................................................................................................... 74

A. Reprimand ........................................................................................................................................ 75

B. Ban on processing ............................................................................................................................. 76

C. Administrative fine ............................................................................................................................ 78

i. Whether each infringement warrants an administrative fine .................................................. 78

ii. The permitted range ................................................................................................................. 86

iii. Calculating the administrative fine ........................................................................................... 86

iv. Total value of administrative fine(s) ......................................................................................... 87

v. The final amount for the administrative fine ............................................................................ 88

E. Summary of Corrective Powers......................................................................................................... 89

Appendix: Schedule of Materials Considered for the Purposes of this Decision.................................. 91

To continue reading

Request your trial

Subscribers can access the reported version of this case.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see a list of all the cited cases and legislation of a document.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see a list of all the documents that have cited the case.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see the revised versions of legislation with amendments.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see any amendments made to the case.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see a visualisation of a case and its relationships to other cases. An alternative to lists of cases, the Precedent Map makes it easier to establish which ones may be of most relevance to your research and prioritise further reading. You also get a useful overview of how the case was received.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Subscribers are able to see the list of results connected to your document through the topics and citations Vincent found.

You can sign up for a trial and make the most of our service including these benefits.

Request your trial

Why Sign-up to vLex?

Over 100 Countries

Search over 120 million documents from over 100 countries including primary and secondary collections of legislation, case law, regulations, practical law, news, forms and contracts, books, journals, and more.
Thousands of Data Sources

Updated daily, vLex brings together legal information from over 750 publishing partners, providing access to over 2,500 legal and news sources from the world’s leading publishers.
Find What You Need, Quickly

Advanced A.I. technology developed exclusively by vLex editorially enriches legal information to make it accessible, with instant translation into 14 languages for enhanced discoverability and comparative research.
Over 2 million registered users

Founded over 20 years ago, vLex provides a first-class and comprehensive service for lawyers, law firms, government departments, and law schools around the world.

Inquiry concerning the Department of Health - June 2023

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users

You can sign up for a trial and make the most of our service including these benefits.

Why Sign-up to vLex?

Over 100 Countries

Thousands of Data Sources

Find What You Need, Quickly

Over 2 million registered users