This may be fun.
Some may recall my battle with #NHS who refused to update my email address as only 6 characters. I sold the domain I was using and raised with ICO where literally someone else was getting notices about appointments and medications. ICO said NHS has “correct email address” (a lie). I even took to parliamentary ombudsman who said ICO did nothing wrong (another lie). #GDPR right to correct personal data is clearly ignored when it is the NHS!
I had given up. But …
Last year NHS login says that my email on NHS login is not the same as doctor’s surgery and would I like to update it. Oooh. I said no, and told my doctor’s surgery to update to my usual short address.
Now they have done again and I have said yes.
They say they have saved my details.
This could be fun.
I am hoping that this time is different on basis…
- they asked me to update my details
- they suggested that short email address
- they stated they have updated my details
I really cannot see that they can claim #GDPR does not apply yet again.
The last “accepted" (as evidenced by screenshot) email address is the short one. ICO cannot claim a different one is “correct”.
@TimWardCam @smsm1 I have made and used many systems - the email as main key has been used a handful of times so as to avoid people having to also know a separate ID of some sort.
I think for *normal* people that helps.
NHS would cope if they had not made a system with min email length, but in principle that is legally no different to making a system that does not allow a 3 in a phone number. It is stupid and the consequence is you have to fix the system.
@revk @smsm1 Certainly forcing people to remember a different account name is a pain.
One downside of using the email address as primary key is that it makes it difficult, or impossible, for one person to have two separate accounts. For example, one for themselves and one for the relative who doesn't do email and whose affairs they're managing under PoA.
RevK 
Tim Ward ⭐🇪🇺🔶 #FBPE
Shaun McDonald
Simon 
Hambone Fakenamington