Staywell » Blog » Confidentiality and Occupational Health – An Employer’s View

Confidentiality and Occupational Health – An Employer’s View

For many companies, the issue of data protection presents a variety of problems, particularly when they hire third party services that require access to and have the responsibility to gather personal information for employees.

In today’s world, the fact that a company can say they are fully compliant with all data protection legislation doesn’t mean they are – when they choose to form a relationship with any third party, employers need to go that extra mile to make sure data is safe and will remain so in the future.

Nowhere is this more important than in the occupational health industry where sensitive personnel and medical data is often handled.  Whether you are small company with less than ten employees or a multi-national responsible for thousands of staff, the challenges remain the same if you want to comply with legislation or be on the wrong side of legal action for wrongful disclosure.

This not only applies to the time when the occupational health team are providing their service but also must continue after the relationship has ended with any data that remains on record, either with the employer or the occupational health provider, kept secure.

The information given to an occupational health professional, of course, cannot be shared unless the employee has given their consent – even to the employer who has arranged the appointment in the first place. Any storage or the way the information is handled must also comply with the Data Protection Act and the occupational health organisation is required to act accordingly, and that includes when this conflicts with what the employer actually wants.

Encrypted folder with numbers in the background

Covering Confidentiality

Any employer who is looking to contract or outsource an occupational health team will need to be sure of several safeguards that means their employee data is in safe hands:

First of all, the OH team should be registered with the ICO or the Information Commissioner’s Office. This provides a set of guidelines for employers, individuals and organisations to follow and registered parties agree to comply with their obligations. Our registration number is ZA119351 and you can find out more about ICO by visiting their website.

Part of complying fully with the Data Protection Act is in ensuring the right processes are in place. For instance, all staff should have signed a confidentiality agreement and organisations need to make sure they only collect data for clearly defined purposes. On top of that, there are the important measures that need to be put in place if that data is to be fully protected. As we all know there is the threat of digital data being hacked into and an organisation likes ours takes certain measures to ensure data integrity.

  • We encrypt confidential documents with AES-256 bit encryption which gives several layers of protection from outside attacks.
  • We have the option to password protect the confidential reports we send out to clients
  • In our terms and conditions we have a clause to protect IP throughout and beyond the life of our involvement in a contract. This means, even if a business relationship ends, we are bound by our terms and conditions not to reveal any IP.

Employers who contract an occupational health team are liable to the same restrictions and code of practice under the data protection act and, as such, have the same responsibility to safeguard employee information and data.



Recent Posts

What is an Occupational Health Assessment?

What is an Occupational Health Assessment?

One of the most common questions that we get from our clients on a regular basis is “what is an occupational health assessment?”  An occupational health assessment is generally used as a blanket term, often a vital part in sickness absence management or in situations where an employee’s health is affecting their work or there…

Find out more
Neurodiversity: A Guide for Employers

Neurodiversity: A Guide for Employers

Why is it important? At least 20% of the adult population have a diagnosed neurological condition such as autism spectrum disorder (ASD), attention deficit hyperactivity disorder (ADHD), dyslexia and/or dyspraxia. Therefore, it is essential that employers are aware of how to support such employees in order to create a diverse, productive workforce which values everyone’s…

Find out more

Neurodiversity at work: How Occupational Health can help

There is no standard human brain, and every individual has their own areas of strength and areas where they have more difficulty.  This applies no more or no less to people who have diagnosis or traits of neurodiverse conditions.  There is increased worldwide awareness of neurodiversity compared to a few years ago, and people who…

Find out more