F1PART 2A DATA MATCHING
26BVoluntary disclosure of data to Audit Scotland
1
For the purposes of a data matching exercise, any person may disclose data to Audit Scotland (or a person acting on its behalf).
2
Such disclosure does not breach—
a
any duty of confidentiality owed by the person making the disclosure, or
b
any other restriction on the disclosure of data.
3
Nothing in this section authorises a disclosure—
a
which contravenes the Data Protection Act 1998 (c.29),
b
which is prohibited by Part 1 of the Regulation of Investigatory Powers Act 2000 (c.23) (interception, acquisition and disclosure of communications data), or
c
of data comprising or including patient data.
4
“Patient data” means data relating to an individual which is held for medical purposes and from which the individual can be identified.
5
“Medical purposes” are the purposes of—
a
preventative medicine,
b
medical diagnosis,
c
medical research,
d
the provision of care and treatment,
e
the management of health and social care services, and
f
informing individuals about their physical or mental health or condition, the diagnosis of their condition or their care and treatment.
6
Nothing in this section prevents disclosure of data under any other provision of this Act, another enactment or any rule of law.
7
Data matching exercises may include data disclosed by a person outside Scotland.
Pt. 2A (ss. 26A-26G) inserted (6.10.2010) by Criminal Justice and Licensing (Scotland) Act 2010 (asp 13), ss. 97(3), 206(1); S.S.I. 2010/339, art. 2