The Information Commissioner’s Office has published an Employment Practices code to help employers comply with the Data Protection Act and to encourage them to adopt good practice. The code aims to strike a balance between the legitimate expectations of workers that personal information about them will be handled properly and the legitimate interests of employers in deciding how best, within the law, to run their own businesses.
The guidance below contains edited highlights from ICO guidance on workers’ health. It is not designed to replace the full code or supplementary guidance, which are available to browse on the ICO website
Information about workers’ health
How does the Data Protection Act affect the collection and use of information about workers’ health? If you collect or use information about your workers’ health, the Data Protection Act will apply. This might be the case, for example, when you ask workers to complete a questionnaire about their health or where you test them to check their exposure to alcohol or drugs.
The collection and use of health information brings the Act’s sensitive data rules into play. These do not prevent the processing of such information but limit the circumstances in which it can occur. You must be able to satisfy one of the sensitive data conditions.
The Act sets out principles for the collection and use of health information. If you wish to collect and hold information on your workers’ health, you should be clear about why you are doing so and satisfied that your action is justified by the benefits that will result. The Act requires openness – workers must know what information about their health is being collected and why. Gathering information about workers’ health covertly is unlikely ever to be justified.
Requirements for collecting or using information about my workers’ health
• First consider why you want to collect and use this information. This might mean identifying a problem you are trying to solve, for example work that is impaired due to drug or alcohol use.
• Make sure that you can satisfy a sensitive data condition. You are most likely to do this if:
– collecting health information is necessary to protect health and safety; or
– the collection is necessary to prevent discrimination on the grounds of disability; or
– each worker affected has given explicit consent.
• Bear in mind that if you rely on consent it must be freely given. This means a worker must be able to say ‘no’ without a penalty being imposed and must be able to withdraw consent once given. A person is more likely to be in this position at the recruitment stage than when they are employed.
• Once you are clear about the purpose and that you can satisfy a sensitive data condition, check that the collection and use of health information is justified by the benefits that will result.
• In doing so, remember that gathering information about your workers’ health will be intrusive, perhaps highly intrusive. Workers can legitimately expect to keep their personal health information private and expect that employers will respect this privacy.
• Consider whether alternative ways of collecting information about your workers’ health would deliver the benefits you want while being more acceptable to them. For example, you might use health questionnaires rather than medical testing or at least use a questionnaire to select those to be tested.
• Collect information about as few workers as possible. Collect health information in areas of highest risk only; in other words, consider whether you can involve only a few individuals whose jobs are critical to safety or who work in a hazardous environment.
• Keep information about workers’ health particularly secure. This might mean allowing only one or two people to have access to it, for example by password-protecting it, or keeping it in a sealed envelope in a worker’s file.
• Don’t keep information for longer than necessary or collect more information than you really need. This might mean deleting medical details once disciplinary action against a worker is over.
• Remember that, as an employer, your interest is mainly in knowing whether a worker is or will be fit to work. As far as possible it should be left to doctors and nurses to have access to and interpret detailed medical information for you.
• Let your workers know that information about their health is being collected and why. You could give out general information about this by putting a notice on a notice-board or sending a letter to workers. If your workers have computers, you could send them an e-mail about it.
• Where you are taking a specific action, for example where a worker is to undergo a medical test, ensure the worker is fully aware what, why and how much information is to be collected. Be particularly careful that if they are referred to a doctor or nurse, they know what sort of information you will receive as a result.
Other points to consider when collecting information through drug and alcohol testing
Collecting information by testing workers for drug or alcohol use is usually justifiable for health and safety reasons only. Where testing is used to enforce the business’ rules and standards, make sure the rules and standards have been clearly set out to workers.
Follow these guidelines:
• Only use drug or alcohol tests where they provide significantly better evidence of impairment than other less intrusive means.
• Use the least intrusive forms of testing that will bring the intended benefits to the business.
• Tell workers what drugs they are being tested for.
• Base any testing on reliable scientific evidence about the effect of particular substances on workers.
• Limit testing to those substances and the extent of exposure that will meet the purpose(s) for which the testing is conducted.
• Ensure random testing is genuinely random. It is unfair and deceptive to let workers believe that testing is random if, in fact, other criteria are being used.
• Do not collect personal information by testing all workers, whether randomly or not, if only workers carrying out a particular activity pose a risk. Workers in different jobs will pose different safety risks, so the random testing of all workers will rarely be justified.
The information provided and the opinions expressed in this document represent the views of the Data Protection Network. They do not constitute legal advice and cannot be construed as offering comprehensive guidance to the Data Protection Act 1998 or other statutory measures referred to in the document
The information provided and the opinions expressed in this document represent the views of the Data Protection Network. They do not constitute legal advice and cannot be construed as offering comprehensive guidance on the EU General Data Protection Regulation (GDPR) or other statutory measures referred to.