In December, UK Information Commissioner Richard Thomas launched a consultation on a draft of the fourth part of the Employment Practices Data Protection Code, entitled Information about Worker's Health. The draft Code provides guidance for employers on requesting, recording and storing information about the health of their employees.
When finalised the Code will not be legally binding, but will contain the benchmarks that the Commissioner will use when deciding whether or not to enforce the Act.
It is based on the Data Protection Act of 1998, which places responsibilities on any organisation to process personal data that it holds in a fair and proper way. Failure to do so can amount to a criminal offence.
The general position of the Code is that employers are entitled to obtain, record and store information about an employee's health only if one of the Act's "sensitive data conditions" is met. These include, for example, when the information is required in order for the employer to comply with health and safety legislation. Employees are entitled to see any of this information held by an employer.
In brief, the Code states:
In view of the intrusive nature of information relating to health, its collection must be justified by real benefits. An impact assessment may be necessary.
The information must be collected openly and with freely given consent. Covert collection will only be justified in very exceptional cases.
A sensitive data condition under the Act must be satisfied before collection.
Collect data in the least intrusive way possible – possibly by a questionnaire instead of medical testing.
Keep the information very secure, and hold it only for as long as necessary.
The collection of and interpretation of information about health should be left to medical professionals.
The Code also highlights specific problems relating to drug and alcohol testing. In brief:
This is only likely to be permitted if it is justified by the sensitive data condition of health and safety.
The circumstances in which such testing can take place must be clearly laid out for employees, as should the criteria for test selection, material being tested for and the likely disciplinary results.
Only those workers who are likely to be at risk under health and safety grounds – because they are using dangerous machinery for example – should be tested. Suspected illicit use at home, that has no effect on job performance, is not a reason for testing.
Only professional, quality testing should be used, and a duplicate of any sample given to the employee to enable him to make his own tests if necessary.
The TUC welcomed the draft Code, but offers some recommendations of its own:
Testing should only be used when absolutely necessary or if there is a risk to the health and safety of the employee, other staff, customers or the public, rather than merely when the employer can show a business benefit.
Genetic testing of employees should not be allowed in UK workplaces. Testing should only be used to assess an employee's current ability to carry out their job safely and not to assess whether at some indeterminate point in the future they may be unable to work.
Employers should only be permitted to test staff where legislation requires or allows it, i.e. under health and safety law. The fact that a worker signs a consent form is not sufficient to authorise testing, as an employee can never be given a genuine free choice.
Testing should be governed by a clear workplace policy agreed by trade unions and any tests should be carried out by a qualified professional.
The TUC also expressed its support for a report in the latest edition of the TUC-backed Hazards magazine, which criticises the effect of monitoring employees in the workplace. According to the report, the lack of privacy creates stress for employees, which is in turn bad for their productivity and health.
The 'Stop snooping' report draws on a US study showing that monitored workers suffered more work dissatisfaction, depression, extreme anxiety, exhaustion, strain injuries and neck problems than unmonitored workers. It also includes research showing that a lack of autonomy at work is a major cause of work-related stress and strains, heart diseases and sickness.
According to the TUC General Secretary, Brendan Barber, "Big Brother bosses do not get the best out of employees. Staff who are being snooped on are less productive and less healthy."
"There has been an unregulated boom in the intrusive and ineffective drug, drink and health testing of employees. The positive step to tackle this needs to be toughened up to make sure tests are only used when absolutely necessary," he added.
Hazards Editor, Rory O'Neil, said:
"Snooping isn't just taking liberties, it's pure folly. Productivity goes down, accidents, ill-health and sick leave go up and the workforce feel more like felons than valued employees.
"If employers want to know what their staff are doing they should ask them. Consultation and participation are not dirty words, they are the key to a productive workplace."
OUT-LAW is presenting free breakfast seminars that will explain the laws relating to the monitoring of staff e-mail and internet use. These one-hour events will take place in April and May in Glasgow, Dublin, Manchester, Edinburgh and London. Book your free place now. [internal link to Events Diary]