Fears that employers will need individual employees' permission to keep their sickness records are largely unfounded, experts claim.
The latest instalment of the code of practice on data protection, released last month, caused concern by stating that sickness records, as opposed to absence records, were "sensitive personal data" under the Data Protection Act 1998 and therefore subject to strict conditions on use.
The Act allows employers to keep such data without obtaining consent however, if it is necessary for them to comply with legal requirements.
"This is definitely something that has been missed," said Diane Sinclair, lead adviser on public policy at the CIPD. "Keeping sickness records to meet regulatory requirements in relation to SSP or disability discrimination, for example, is allowed."
The records management code itself makes clear that keeping records to ensure staff are not dismissed unfairly for absences is also permissible without consent.
"Though the Act itself does not put it beyond doubt, this final code puts out the very clear message that as long as employers keep and use sickness records in a reasonable manner, they can justify this in terms of their legal obligations and will not need individual consent," said Lucy Baldwinson, professional support lawyer at Allen & Overy.
The Lord Chancellor is now planning amendments to the DPA to close the gap between statute and practice.
Implementation of the code will prove to be a huge administrative burden on HR because most employers will need to completely overhaul their absence management systems, Sinclair warned. "We are not entirely happy about the separation between personal and sensitive personal data," she said.
"This practice may already exist in some companies where occupational health departments know why a staff member is off sick, while the HR team only know how long they have been absent.
"But many companies will need to change their practices."
Warren Wayne, partner at Boodle Hatfield, advised employers to keep sickness records and absence records absolutely separate. For sick pay purposes, for example, payroll needs access only to absence records, not the reasons for absence.
"Managers should be permitted to have access to sickness records so they can investigate persistent short-te