Who's watching?

How will the Employment Practices Data Protection Code on Monitoring at Work, published in June, help OH comply with the Data Protection Act and will it encourage employers to adopt good practice? By Linda Goldman & Joan Lewis.

There is a public perception that the workplace is a hothouse for nurturing litigation.

On one hand, the raft of European and domestic legislation designed to ensure health and safety at work opens a door to legal intervention.

On the other, the current trend towards fair and flexible internal grievance resolution, supported by statutory dispute resolution procedures has not yet reduced the numbers of people making claims in courts and tribunals.

Underpinning any successful solution to otherwise irreconcilable differences is the need for accurate information, properly acquired.

Once facts are on record, the Data Protection Act 1998 (DPA) becomes the framework for justice.

In June 2003, the Information Commissioner published Part 3 of the Employment Practices Data Protection Code on Monitoring at Work. This will help OH practitioners comply with the DPA and, in particular, encourage their employers to adopt good practice.

Rights of the data subject

The facts that comprise information about an individual are called data. The DPA contains eight principles by which data is acquired, stored and used. These are set against the background of the most important fact of all: data is the property of the person to whom it relates.

Responsibilities of data control

OH practitioners acquire and store data. They are therefore data controllers, on whom the duty to process data fairly and lawfully can only be fulfilled by attaining consent from the subject.

Consent will also relate to the release of data in certain specified situations, including for legal proceedings. In a life or death situation, consent for the use of data can be given by a third party.

Data may also be disclosed where necessary for medical purposes if it is undertaken by a health professional subject to an ethical duty of confidentiality.

It is also worth noting that in some circumstances, OH may be privy to information that may need to be disclosed in the 'public interest'.

Take, for example, a drugs test that reveals the use of an illegal drug by someone applying for another job who works in a potentially hazardous occupation, say, a bus driver or fork-lift driver.

What is the duty of the OH department, which has carried out the health surveillance for the new employer to inform the employee's current employer, of the results of the drugs test?

Here the question of disclosure arises because of the risk to the public of a driver with drugs in his system. Disclosure should only be made to his other employer if so advised by the practitioner's legal advisers, as it will have to pick up the tab if it turns out that disclosure should not have been made.

The DPA provides in section 29 for disclosure for the purposes of investigating crime. If the drug is an illegal substance and the police are the agency for investigating crime, disclosure to the police may be made, provided the insurer agrees that any steps should be taken at all.

Since data should only be kept for the purpose for which it is needed and for a justifiable period, the OH practitioner must bear in mind that there will be cases where records may need to be preserved if there is a risk of personal injury litigation. For example, three years is the limitation period running from the date of knowledge of the accident or injury for a claim in negligence.

Where further health records need to be kept because of the risk of long-term illness such as asbestosis or other chemical or product related issues, a view should be taken on maintaining records for longer.

As a matter of good practice, health and safety legislation should be consulted to see if any aspect of the work carried out by the at-risk employee requires retention for longer periods.

The information contained in retained records remains the property of the individual who, for a standard fee of £10, is entitled to have a copy for their own information. It is advisable to keep a record of the fact that any changes to records have taken place, such as when deletions are made.

The Information Commissioner is in the protracted process of issuing a complete code of practice in relation to employment practices in the implementation of the DPA. To date, three parts of the code have been published. The fourth part will relate to medical information, and is expected to be published by the end of the year.

The parts of the code issued to date suggest that a very high standard of compliance with the DPA is required.

For OH practitioners, these standards accord with ethical principles.

Since the fourth data principle requires accuracy of data and the fifth requires data to be kept for no longer than necessary, more interaction with data subjects may be useful. It is suggested that employees be shown their records at regular intervals so updates can be made and inaccuracies identified.

Effect of the code of practice on workplace monitoring

Stringent precautions should be taken when transmitting data, particularly containing medical information, by e-mail, fax or post to ensure security encryption and receipt by the named addressee.

E-mail is an increasing problem. Many complaints are made to the Information Commissioner about refusal of access to information held in e-mails, usually when the data controller believes they have been deleted, but in fact a back-up system has ensured retention.

The commissioner has the power to assess whether there has been a failure to provide access to personal data held in e-mails by making his own investigation. In using that power, he will ascertain whether there has been compliance with the applicable part of the code of practice.

As a general rule, a code of practice does not have the full force of the law, but the employer's failure to comply may be taken into account as evidence tending to support a breach of the Act having been committed.

Transmission of OH records occurs at the stage when they are released under circumstances, which include the request of the subject and change of OH provider.

In the latter instance, the affected data subjects should be informed of the whereabouts of their records and the nature and scope of the new data protection system. When in doubt about the transferral or storage of records, particularly if the original employer becomes insolvent, the Employment Medical Advisory Service may be able to advise.

www.hse.gov.uk

www.hsedirect.com

Linda Goldman is a barrister at 7 New Square, Lincoln's Inn. She is head of training and education for ACT Associates & Virtual Personnel. Joan Lewis is the senior consultant and director of Advisory, Consulting & Training Associates and Virtual Personnel, employment law and advisory service consultancies and licensed by the General Council of the Bar in employment matters under BarDirect.

Sketchplan of data protection principles

Data must be:

- fairly and lawfully processed

- processed for limited purposes compatible with those purposes

- adequate, relevant and not excessive for the purpose

- accurate

- maintained for no longer than necessary

- processed in accordance with the rights of the individual

- kept securely

Data must not be:

- transferred outside the EU without consent of the subject unless that country can assure the rights of the data subject

Casebook - practical aspects of confidentiality

The new Employment Practices Data Protection Code on Monitoring at Work

The latest tranche of the code gives detailed guidance on monitoring at work and covers an employer's use of CCTV cameras and automated checking software to collect information about workers.

Although there may be a bona fide purpose in surveillance, its use often has implications for OH confidentiality. For example, it is not unknown for workers ostensibly on sick leave to have their activities outside the workplace videoed to collect evidence that they may not actually be sick.

E-mail or internet abuse is often a serious disciplinary offence. Distributing or receiving pornographic e-mails is high on the list of reasons for dismissal and is considered to be justification for monitoring e-mail systems. However, general monitoring may affect the way the OH department deals with external communications.

According to the code, the employer should make it clear to staff the circumstances in which, if at all, they may use the e-mail system and internet access for private communications. As for medical matters, provision for confidentiality is made by suggesting the use of clearly marked internal post, probably because of the inherent back-up systems in computers whereby otherwise confidential material may be accessed later. Specific details are available on the Information Commissioner's website www.informationcommissioner.gov.uk under Data Protection, Codes of Practice.

Z v Finland (1998) 25 EHRR 371

The European Court of Human Rights determined that Z's medical records were legally disclosed in proceedings in which her husband was charged with rape and manslaughter for knowingly infecting his victims with HIV.

However, disclosure of her identity was a breach of Article 8 of the Human Rights Convention, which provides that the protection of personal data, not least medical data, is of fundamental importance to a person's enjoyment of their respect for private and family life.

Thecourt held that it is crucial not only to respect the sense of privacy of a patient, but also to preserve their confidence in the medical profession and in the health services in general. Without such protection, those in need of medical assistance may be deterred from revealing such information of a personal and intimate nature as may be necessary in order to receive appropriate treatment and, even from seeking such assistance, thereby endangering their own health and, in the case of transmissible diseases, that of the community.

Z resisted police attempts to discover her HIV status. The police then seized her medical records from hospital. They were included in the court file to be released to the public in 2002. The seizure of records was lawful because it was in pursuance of the legitimate aim of investigating and prosecuting a crime and was proportionate.

London Borough of Hammersmith and Fulham v Farnsworth (2000) IRLR 691 EAT

Farnsworth was offered a job subject to 'medical clearance'. Her medical records showed she had suffered from mental illness in the past. The borough's OH physician reported, "...[although] the GP reports her health has been good over the last year, in view of her medical history I am concerned she may be liable to further recurrence in the future... [that would] affect [her] attendance."

The employment tribunal found she had suffered disability discrimination. The borough ignored the reference, which showed no absence from work in her previous post. The EAT upheld the decision, stating that there was no valid distinction between the borough and its agent, the OH physician.

They were under a duty to continue any enquiry as to Farnsworth's fitness to work. This puts a curious slant on confidentiality. The applicant's agreement that her medical records could be disclosed to the potential employer meant they were deemed to be within the knowledge of the employer, having been seen by the medical officer. Further, the decision confirms that an employer cannot rely on the employee/applicant's failure to make formal confirmation of disability status to avoid a finding of disability discrimination.