Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Maternity & paternity
    • Shared parental leave
    • Redundancy
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
    • OHW Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+

Personnel Today

Register
Log in
Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Maternity & paternity
    • Shared parental leave
    • Redundancy
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
    • OHW Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+

Legal Q&AEmployment lawData protection

Data Protection Code Part 4: employee health records

by Personnel Today 25 Jan 2005
by Personnel Today 25 Jan 2005

Q What is the purpose of the Data Protection Code Part 4?

A The Data Protection Act 1998 places responsibilities on employers to process the information they hold in a fair and proper way. The Information Commissioner has published a code containing guidance for employers and Part 4 is the final instalment of the code. It addresses the collection and subsequent use of information about workers’ physical or mental health, including sickness records.

Q Are employers prevented from keeping health records unless an individual’s consent is obtained?

A Information about workers’ health, including sickness records, constitutes sensitive personal data. The sensitive data rules limit the circumstances in which processing can take place. Health information can be processed without a worker’s explicit consent if one of the other sensitive data rules can be satisfied. For example:

– Where the processing is necessary to enable the employer to meet its legal obligations

– Where the processing is in connection with actual or prospective legal proceedings

– Where the processing is necessary for medical purposes and is carried out by a health professional.

– Where sickness records are kept solely to comply with statutory sick pay requirements, it is clear that a sensitive data requirement can be satisfied (ie, the processing is necessary to meet legal obligations) and consent will not be required. However, in relation to the keeping of more general sickness records (eg for the purpose of managing long-term sickness absence) it is less clear that a sensitive data condition can be satisfied.

The commissioner considers it unsatisfactory if employers have to rely on workers’ consent to keep sickness records. He feels that if records are kept and used in a reasonable manner, the employer is likely to be able to rely on the condition that the processing is necessary to enable it to comply with a legal obligation associated with employment. The Data Protection Act 1998 currently does not place the question beyond doubt, but the Commissioner understands the Government is considering changes to the law that will do so.

Q Why should employers review how sickness and absence records are kept?

A The code distinguishes between records that include sensitive data and those that do not. Sickness and injury records contain details of a worker’s illness and/or injury, and are therefore sensitive data. This means that one of the sensitive data conditions must be satisfied before an employer can process such data.

However, absence records stating only the reason for an absence (ie, sickness or accident) do not refer to the worker’s specific medical condition and therefore do not constitute sensitive personal data. Some employers use accident records, and should note that these will constitute injury records, and will therefore be categorised as sensitive data if they include details of an injury suffered by an identifiable worker.

Thus, employers would be well advised both to review how sickness and accident records are currently kept, and to ensure that information about workers’ health is not accessed when only information on absences or the circumstances of accidents at work is needed – for example, to calculate a benefit, it may only be necessary to see the length of absence rather than the nature of the sickness.

If computer-based systems are used, employers should consider separating sickness and injury records from absence records with additional password protection.

Q To what extent can sickness records be used by managers?

A Managers should only be provided with sickness and injury records about those who work for them in so far as it is necessary for them to carry out their role. For example, an individual’s number of days’ absence may be disclosed to a manager for the purpose of providing a reference.

A manager should be merely concerned with the impact of a medical condition on a worker’s fitness for work, rather than the medical details. They may access a worker’s sickness record for the purpose of investigating repeated or long-term absence.

The total amount of sickness absence by department or section may also be published provided that individual workers cannot be identified. However, the Supplementary Guide to the Code stresses that league tables of sickness absences of individual workers should not be published, because the invasion of privacy would be disproportionate to any managerial benefit.

Employers should ensure that managers are aware of the sensitive nature of sickness and injury records, and the circumstances under which there may be a legal obligation to disclose information.

Avatar
Personnel Today

previous post
Rise in M&As set to boost recruitment in finance sector
next post
UK employers approve of increases to National Minimum Wage

You may also like

Oxford study highlights best gig economy firms to...

9 Jun 2022

Tesco appeal against fire and rehire ban to...

8 Jun 2022

Bank holidays: six things employers need to know

5 Jun 2022

P&O Ferries boss denies reputational damage after mass...

27 May 2022

Employers lack data to make IR35 worker status...

25 May 2022

Maternity leave: Cost of living crisis highlights need...

25 May 2022

One in five employers planning ‘no jab no...

19 May 2022

MP demands timeline on carer’s leave legislation

13 May 2022

Queen’s Speech: absence of employment bill leaves organisations...

10 May 2022

Queen’s Speech: Exclusivity contracts for low-paid workers to...

9 May 2022
  • NSPCC revamps its learning strategy with child wellbeing at its heart PROMOTED | The NSPCC’s mission is to prevent abuse and neglect...Read more
  • Diversity versus inclusion: Why the difference matters PROMOTED | It’s possible for an environment to be diverse, but not inclusive...Read more
  • Five steps for organisations across the globe to become more skills-driven PROMOTED | The shift in the world of work has been felt across the globe...Read more
  • The future of workforce development PROMOTED | Northumbria University and partners share insight...Read more
  • Strathclyde Business School expands its Degree Apprenticeship offer in England PROMOTED | The University of Strathclyde is expanding its programmes...Read more
  • The Search for Talent: Six Major Employer Pitfalls PROMOTED | The Great Resignation continues unabated...Read more
  • Navigating the widening “Skills Confidence Gap” in 2022, and beyond PROMOTED | Cornerstone OnDemand conducted a global study...Read more
  • Apprenticeships are the solution to your recruitment problems PROMOTED | Apprenticeships have the pulling power...Read more

Personnel Today Jobs
 

Search Jobs

PERSONNEL TODAY

About us
Contact us
Browse all HR topics
Email newsletters
Content feeds
Cookies policy
Privacy policy
Terms and conditions

JOBS

Personnel Today Jobs
Post a job
Why advertise with us?

EVENTS & PRODUCTS

The Personnel Today Awards
The RAD Awards
Employee Benefits
Forum for Expatriate Management
OHW+
Whatmedia

ADVERTISING & PR

Advertising opportunities
Features list 2022

  • Facebook
  • Twitter
  • Instagram
  • Linkedin


© 2011 - 2022 DVV Media International Ltd

Personnel Today
  • Home
    • All PT content
    • Advertise
  • Email sign-up
  • Topics
    • HR Practice
    • Employee relations
    • Equality, diversity and inclusion
    • Learning & training
    • Pay & benefits
    • Wellbeing
    • Recruitment & retention
    • HR strategy
    • HR Tech
    • The HR profession
    • Global
    • All HR topics
  • Legal
    • Case law
    • Commentary
    • Flexible working
    • Legal timetable
    • Maternity & paternity
    • Shared parental leave
    • Redundancy
    • TUPE
    • Disciplinary and grievances
    • Employer’s guides
  • AWARDS
    • Personnel Today Awards
    • The RAD Awards
    • OHW Awards
  • Jobs
    • Find a job
    • Jobs by email
    • Careers advice
    • Post a job
  • XpertHR
    • Learn more
    • Products
    • Pricing
    • Free trial
    • Subscribe
    • XpertHR USA
  • Webinars
  • OHW+