Common use of Common Law Clause in Contracts

Common Law. If there is an apparent conflict between legislation and common law, the legislation will take precedence. Exceptional circumstance may arise, for example, where there is a serious public health risk, or there is a risk of harm to a patient or other individual, or for the prevention, detection or prosecution of crime. There are occasions, therefore, where seeking the individual’s consent is not always appropriate. Information held in confidence can still be disclosed without the individual’s consent, where it can be demonstrated that:  disclosure is required by law (e.g. under an Act of Parliament creating a Statutory duty to disclose or a court order);  for the detection, prevention and prosecution of crime or the apprehension of offenders;  there is a public interest that outweighs the duty of confidence to the individual (e.g. health and safety);  there is a risk of death or serious harm;  in the substantial interest of the individual’s health;  in the vital interest of the individual concerned. Public interest criteria will include, but is not limited to:  health and Safety;  prevention and reduction of crime and disorder;  detection of crime;  apprehending offenders;  protection of vulnerable members of the community;  administration of justice;  national security. Partners will need to clearly establish, in each case, these considerations are sufficient to override the Common Law Duty of Confidence and that the disclosure is strictly necessary for these purposes. The Human Rights Act 1998 incorporating the European Convention on Human Rights restricts public authorities in its use of private information. Article 8, the Right to Respect for Private and Family Life is the most commonly referred to article when considering and dealing with requests for disclosure of information. The right is qualified, in that it may be interfered with where this is in accordance with the law and is necessary in a democratic society:  in the interests of national security;  in the interests of public safety;  in the interests of the economic wellbeing of the country;  for the prevention of disorder or crime;  for the protection of health or morals; or  for the protection of the rights and freedoms of others. When the human rights of any individual are considered to be actually or potentially engaged by a disclosure under the Agreement, the Privacy Officer / Data Protection Officer(s) and Privacy Officer / Data Protection Officer(s) (see below) involved should ask themselves whether their actions are To be proportionate the disclosure must only go as far as is necessary to achieve the desired aim. All decisions to disclose data must be made on a case-by-case basis and in every instance the level of that disclosure may be different. Only the Privacy Officer / Data Protection Officer or delegated Officers of an organisation can agree to disclose to another organisation. To determine whether data should be disclosed the Privacy Officer / Data Protection Officer or delegated Officer must compare the specified legal authority against the following (but not exclusive to) issues: relevance of the request to the aim, proportionality, data quality, method of disclosure, conditions of disclosure and details of the decision making process. The GDPR requires the fair processing of personal data unless an exemption applies. Partners agree to provide fair processing as appropriate to their contact with the data subject and in line with GDPR and the ICO Guidance;  concise, transparent, intelligible and easily accessible;  written in clear and plain language, particularly if addressed to a child; and  free of charge. Notices shall take account of the level of comprehension of the age groups involved and tailor communication accordingly. Signatories should ensure that their Fair Processing Notices include the processing identified in this agreement. Each partner will appoint a Privacy Officer / Data Protection Officer for each sharing purpose within the part of the business in which it functions. The Privacy Officer / Data Protection Officer will:  be a manager of sufficient standing to have a co-ordinating and authorising role;  be the Specific Point of Contact for their organisation for the specific sharing purpose. They will maintain an overview of all requests that have been issued or received within their remit. They will ensure all requests for information under this Agreement and responses are recorded and auditable. They will ensure a deputy is identified in their absence;  ensure records of security arrangements made to protect the integrity and confidentiality of the request and disclosure files are maintained. On a case-by-case basis they will ensure personal data is processed lawfully and be responsible for the final decision on whether to share information;  ensure that all staff are fully trained on the specifications the sharing infrastructure and are aware of their responsibilities. Individual partners are responsible, as signatories to this Agreement, for ensuring that their organisations have adequate security arrangements in place, in order to protect the integrity and confidentiality of the information held. Personal information must not be discussed, faxed, text (SMS) sent, or emailed over public/mobile telephone or unsecured email links, except in cases of urgency (e.g. potential danger to life. Only the minimum amount of information necessary to achieve the purpose will be disclosed.

Common Law. If there is an apparent conflict between legislation and common law, the legislation will take precedence. Exceptional circumstance may arise, for example, where there is a serious public health risk, or there is a risk of harm to a patient or other individualindividuals, or for the prevention, detection or prosecution of crime. There are occasions, therefore, where seeking the individual’s consent is not always appropriate. Information held in confidence can still be disclosed without the individual’s consent, where it can be demonstrated that:   disclosure is required by law (e.g. under an Act of Parliament creating a Statutory statutory duty to disclose or a court order);   disclosure is necessary for the detection, prevention and prosecution of crime or the apprehension of offenders;   information is already clearly in the public domain;  there is a an overriding duty to the public interest that outweighs maintaining public trust in a confidential service and the duty of confidence to the individual (e.g. health and safety);   there is a risk of death or serious harmharm to one or more other individuals or the public at large;   the individual lacks the capacity to make an informed decision for themselves (e.g. where a patient is incapable of giving consent then any disclosure which is in the substantial interest of the individual’s healththeir best interests would be permissible);   in the vital interest of the individual concernedconcerned (e.g. information relating to a medical condition may be disclosed in a life or death situation). Public interest criteria will include, but is not limited to:   health and Safetysafety;   prevention and reduction of crime and disorder;   detection of crime;   apprehending offenders;   protection of vulnerable members of persons at risk within the community;   administration of justice;   national security. Partners will need to clearly establish, in each case, these considerations are sufficient to override the Common Law Duty of Confidence and that the disclosure is strictly necessary for these purposes. The Human Rights Act 1998 incorporating the European Convention on Human Rights restricts public authorities in its use of private information. Article 8, the Right to Respect for Private and Family Life is the most commonly referred to article when considering and dealing with requests for disclosure of information. The right is qualified, in that it may be interfered with where this is in accordance with the law and is necessary in a democratic society:   in the interests of national security;   in the interests of public safety;   in the interests of the economic wellbeing well being of the country;   for the prevention of disorder or crime;   for the protection of health or morals; or   for the protection of the rights and freedoms of others. When the human rights of any individual are considered to be actually or potentially engaged by a disclosure under the Agreement, the Privacy Officer / Data Protection Primary Designated Officer(s) and Privacy Officer / Data Protection Designated Officer(s) (see below) involved should ask themselves whether there is a statutory basis for the processing and whether their actions are To be proportionate the disclosure must only go as far as is justifiable, appropriate, proportionate, auditable and necessary to achieve the desired aim(JAPAN). All decisions to disclose data must be made on a case-by-case basis and in every instance the level of that disclosure may be different. Only the Privacy Officer / Data Protection Primary Designated Officer or delegated nominated Designated Officers of an organisation can agree to disclose to another organisation. To determine whether data should be disclosed the Privacy Officer / Data Protection Primary Designated Officer or delegated Designated Officer must compare the specified legal authority against the following (but not exclusive toexclusive) issues:  relevance of the request to the aim, proportionality, aim  proportionality  data quality, quality  method of disclosure, disclosure  conditions of disclosure and  details of the decision making process. process The GDPR Data Protection Act 1998 requires the fair processing of personal data unless an exemption applies. Partners agree to provide fair Fair processing as appropriate means:  the individual knows what is happening to their contact with personal data:  the use of the data subject and is in line with GDPR and the ICO Guidance;  concise, transparent, intelligible and easily accessible;  written in clear and plain language, particularly if addressed to a child; and  free of charge. Notices shall take account general sense of the level of comprehension of the age groups involved and tailor communication accordingly. Signatories should ensure word, fair to that their Fair Processing Notices include the processing identified in this agreement. Each partner will appoint a Privacy Officer / Data Protection Officer for each sharing purpose within the part of the business in which it functionsperson. The Privacy Officer / Data Protection Officer will:  be a manager of sufficient standing most likely exemptions to have a co-ordinating and authorising role;  be the Specific Point of Contact for their organisation for the specific sharing purpose. They will maintain an overview of all requests that have been issued or received within their remit. They will ensure all requests for information under this Agreement and responses being fair are recorded and auditable. They will ensure a deputy is identified in their absence;  ensure records of security arrangements made to protect the integrity and confidentiality of the request and disclosure files are maintained. On a case-by-case basis they will ensure personal where data is processed lawfully necessarily shared for:  the prevention and be responsible for detection of crime or the final decision on whether to share information;  ensure that all staff are fully trained on the specifications the sharing infrastructure and are aware apprehension or prosecution of their responsibilities. Individual partners are responsible, as signatories to this Agreement, for ensuring that their organisations have adequate security arrangements in place, in order to protect the integrity and confidentiality of the information held. Personal information must not be discussed, faxed, text (SMS) sent, or emailed over public/mobile telephone or unsecured email links, except in cases of urgency (e.g. potential danger to life. Only the minimum amount of information necessary to achieve an offender  the purpose will be disclosedof protecting the welfare of a child or a vulnerable adult when they are assessed as being at risk from another person.

Common Law. If there is an apparent conflict between legislation and common law, the legislation will take precedence. Exceptional circumstance circumstances may arise, for example, where there is a serious public health risk, or there is a risk of harm to a patient or other individualindividuals, or for the prevention, detection or prosecution of crime. There are occasions, therefore, where seeking the individual’s consent is not always appropriate. Information held in confidence can still be disclosed without the individual’s consent, where it can be demonstrated that:   disclosure is required by law (e.g. under an Act of Parliament creating a Statutory statutory duty to disclose or a court order);   disclosure is necessary for the detection, prevention and prosecution of crime or the apprehension of offenders;   information is already clearly in the public domain;  there is a an overriding duty to the public interest that outweighs maintaining public trust in a confidential service and the duty of confidence to the individual (e.g. health and safety);   there is a risk of death or serious harmharm to one or more other individuals or the public at large;   the individual lacks the capacity to make an informed decision for themselves (e.g. where a patient is incapable of giving consent then any disclosure which is in the substantial interest of the individual’s healththeir best interests would be permissible);   in the vital interest of the individual concernedconcerned (e.g. information relating to a medical condition may be disclosed in a life or death situation). Public interest criteria will include, but is not limited to:   health and Safetysafety;   prevention and reduction of crime and disorder;   detection of crime;   apprehending offenders;   protection of vulnerable members of persons at risk within the community;   administration of justice;   national security. Partners will need to clearly establish, in each case, these considerations are sufficient to override the Common Law Duty of Confidence and that the disclosure is strictly necessary for these purposes. The Human Rights Act 1998 incorporating the European Convention on Human Rights restricts public authorities in its use of private information. Article 8, the Right to Respect for Private and Family Life is the most commonly referred to article when considering and dealing with requests for disclosure of information. The right is qualified, in that it may be interfered with where this is in accordance with the law and is necessary in a democratic society:   in the interests of national security;   in the interests of public safety;   in the interests of the economic wellbeing well being of the country;   for the prevention of disorder or crime;   for the protection of health or morals; or   for the protection of the rights and freedoms of others. When the human rights of any individual are considered to be actually or potentially engaged by a disclosure under the Agreement, the Privacy Officer / Data Protection Primary Designated Officer(s) and Privacy Officer / Data Protection Designated Officer(s) (see below) involved should ask themselves whether there is a statutory basis for the processing and whether their actions are To be proportionate the disclosure must only go as far as is necessary to achieve the desired aim(JAPAN).  Justifiable  Appropriate  Proportionate  Auditable  Necessary All decisions to disclose data must be made on a case-by-case basis and in every instance the level of that disclosure may be different. Only the Privacy Officer / Data Protection Officer or delegated Officers of an organisation can agree to disclose to another organisation. To determine whether data should be disclosed the Privacy Officer / Data Protection Primary Designated Officer or delegated Designated Officer must compare the specified legal authority against the following (but not exclusive toexclusive) issues:  relevance of the request to the aim, proportionality, aim  proportionality  data quality, quality  method of disclosure, disclosure  conditions of disclosure and  details of the decision making process. process The GDPR Data Protection Act 1998 requires the fair processing of personal data unless an exemption applies. Partners agree to provide fair Fair processing as appropriate means:  the individual knows what is happening to their contact with personal data;  the use of the data subject is, in the general sense of the word, fair to that person. The Portal includes examples of Fair Process Notices that may be used by signatory organisations as does the website for the Information Commissioner’s Office. The most likely exemptions to being fair are where data is necessarily shared for:  the prevention and in line with GDPR and detection of crime or the ICO Guidanceapprehension or prosecution of an offender;  concise, transparent, intelligible and easily accessible;  written in clear and plain language, particularly if addressed to a child; and  free of charge. Notices shall take account of the level of comprehension of the age groups involved and tailor communication accordingly. Signatories should ensure that their Fair Processing Notices include the processing identified in this agreement. Each partner will appoint a Privacy Officer / Data Protection Officer for each sharing purpose within the part of the business in which it functions. The Privacy Officer / Data Protection Officer will:  be a manager of sufficient standing to have a co-ordinating and authorising role;  be the Specific Point of Contact for their organisation for the specific sharing purpose. They will maintain an overview of all requests that have been issued or received within their remit. They will ensure all requests for information under this Agreement and responses are recorded and auditable. They will ensure a deputy is identified in their absence;  ensure records of security arrangements made to protect the integrity and confidentiality of the request and disclosure files are maintained. On a case-by-case basis they will ensure personal data is processed lawfully and be responsible for the final decision on whether to share information;  ensure that all staff are fully trained on the specifications the sharing infrastructure and are aware of their responsibilities. Individual partners are responsible, as signatories to this Agreement, for ensuring that their organisations have adequate security arrangements in place, in order to protect the integrity and confidentiality of the information held. Personal information must not be discussed, faxed, text (SMS) sent, or emailed over public/mobile telephone or unsecured email links, except in cases of urgency (e.g. potential danger to life. Only the minimum amount of information necessary to achieve the purpose will be disclosedof protecting the welfare of a child or a vulnerable adult when they are assessed as being at risk from another person.