Preparing for, dealing with and responding to health and safety incidents requires health and safety professionals to juggle many balls.
Opinion
Tread carefully when sharing personal health and safety data
These include keeping people safe, responding quickly to potential risks, maintaining legal privilege and responding to queries from the regulator and civil claims. At times, some interests can feel competing.
However, over recent years, there has been an increased awareness of the privacy rights of individuals. The pandemic brought into sharp relief the need to carefully balance privacy and health and safety rights. So, what takes priority?
Handling information relating to injuries and medical conditions
Accident reports, witness statements, CCTV (closed-circuit television) footage and details of training will all constitute the personal data of the individuals concerned. As such, the UK GDPR (UK General Data Protection Regulation) – which applies post-Brexit – sets out the legal requirements which must be met when handling the information.
As information about individuals’ injuries will concern their physical and/or mental health, this will be ‘special category data’ for the purpose of UK data protection legislation. This means that additional safeguards need to be in place for the management of such information.
Laura Gillespie: "Accident reports, witness statements, CCTV (closed-circuit television) footage and details of training will all constitute the personal data of the individuals concerned."
Lawful basis for processing
When handling personal information, the ‘controller’ (that is, the company or organisation who decides what information to collect and why), must ensure that it has a lawful basis to hold the information. This includes where the processing is necessary for compliance with a legal obligation or where it is for the ‘legitimate interests’ of the controller or a third party – so long as it does not override the individual’s right to privacy.
If the information concerned contains medical information about an individual, then an additional ground for processing must be met. This includes where it is necessary for the defence of a legal claim or to protect the vital interests of the data subject where they are not able to give consent.
Need for transparency
Hard wired into the privacy legislation is the need to be fair, lawful and transparent when handling people’s private information. Usually this is achieved through the publication of a ‘privacy notice’ wherein it is explained what information an organisation will hold about an individual and with whom it might be shared.
Can personal data be shared with regulators, insurers or the supply chain involved in an investigation?
While the utterance of ‘data protection act’ can often be used as a reason not to share information, it is not impossible to do so.
What it does require is that health and safety professionals take four key steps:
1: Identify whether there is a lawful basis to share the information with the party concerned
2: Consider whether the need for transparency has been satisfied
3: Only share what is necessary, and
4: Document the reasons for the decision.
The Information Commissioner’s Office (ICO) has recently published a new Data Sharing Code of Practice, which aims to reassure when it is possible to lawfully share personal information and what steps should be out in place when doing so.
ICO Data Sharing Code of Practice: bit.ly/3yhvSo5
Laura Gillespie is a partner in Pinsent Masons’ Litigation and Regulatory Compliance team. She specialises in data privacy and cyber security matters. Contact her at: bit.ly/3krCCfS
OPINION
![Thumbs Up Race Equality iStock/PeopleImages](/media/kdgmp30q/thumbs-up-race-equality-istock-1131954346-credit-peopleimages.jpg)
Mandatory ethnicity pay gap reporting: closing the gap towards race equality at work
By Sandra Kerr CBE, Business in the Community (BITC) on 09 December 2024
For nearly 30 years, Business in the Community (BITC) has been working with employers across the UK to help create a fairer world, where everyone feels valued and has equal opportunities for progression, regardless of their background. However, while we have seen many businesses taking vital steps in the right direction, there is still a long way to go before true race equality can be achieved at work and we are tapping into all the talent, skills and potential available. And every employer needs to play their part in getting there.
![Older Worker With Bike Centre for Ageing Better](/media/0ilfaszv/older-worker-with-bike-centre-for-ageing-better.jpg)
Health conditions should not be a barrier for older workers
By Dr Emily Andrews, Centre for Ageing Better on 05 December 2024
Gaps in the labour market can be filled by older workers, but many encounter obstacles in their search for suitable employment. The Centre for Ageing Better is therefore calling upon the Government to help employers recruit more people from this demographic.
![Mike Robinson 3 Med](/media/zrnnlvdn/mike-robinson-3-med.jpg)
How can we support our people better in a changing world?
By Mike Robinson FCA, British Safety Council on 02 December 2024
At the end of November, I had the privilege of presenting top-performing organisations with our prestigious Sword, Globe and Shield of Honour awards, recognising their achievements in health, safety, environmental and wellbeing management. It’s something I relish doing every year, and this time was no exception.