The Information Commissioner has published the first three parts of a four-part code on Data Protection. The final section, on health records, is yet to be published. In anticipation of this, Shona Findlay, a solicitor at McGrigor Donald, examines current best practice in relation to employment health records
Q Do health records fall under the ambit of the Data Protection Act 1998?
A Yes. The extension of the scope of data protection legislation to include manual records means that many health records are caught by data protection for the first time.
Employers hold a variety of health records. Sickness, accident and absence records are commonly held by employers, and will fall within this definition. Information on disabilities or particular health conditions may also be held on file, and are also covered by the Act.
Q Are employers allowed to hold this information under the Act?
A Yes. The Information Commissioner recognises that sickness, accident and absence records are an essential way of monitoring attendance levels and assessing whether staff can undertake the work they are employed for. Such records also provide employers with important health and safety information.
Q Is there a distinction between sickness, accident and absence records?
A Yes. Sickness and accident records contain details of the illness, condition or accident suffered by the worker. Absence records, however, may explain the reason for the absence as 'sickness' or 'accident', but do not include any reference to specific medical conditions. In the case of generic absence records, it is only necessary to comply with general processing criteria under the Act.
If it can be shown for example, that the processing is necessary for the performance of the employment contract, or that it is necessary to hold absence records to monitor staff attendance levels,then the employer will be complying with the requirements.
The Information Commissioner recommends that sickness and accident records be separated from absence records, and that sickness and accident records should not be accessed where records of absence could be used instead.
Q What additional criteria do employers have to satisfy under the Act when holding or using sickness or accident records?
A Information relating to a physical or menta