are already several times that the English Agency for Data Protection has spoken about the possibility of access by the employer to an employee health data, derivatives reports emanating from the health services in occupational risk prevention.
On all these occasions the AEPD, considered that this access for an employer is defined as a transfer of data, in terms of Article 3 i) of Law 15/1999, of December 13 Protection Data, in which additional data are handled specially protected, so ever since the Agency has been informed of the need for explicit consent of the owner of the data as required by Article 7.3 of the above standard unless there is a rule with the force of law to enable communication without consent of the affected.
One of the last performances conducted by the AEPD on this point, has been following a query raised about access to health data of workers in Public Administration from employers, derived from reports health surveillance conducted by the services of occupational risk prevention, when those employees are additionally members of the services, including a nurse.
As we see it because the issue involves several fundamental principles of data protection, such as the universal application of the rules of data protection in any area, including the public sector, the need consent for access to sensitive data, together with the duty of confidentiality by the fact be known health information of an employee by their peers and even superiors.
The query raised, as we have said from a risk prevention service work of the Administration Service, thereby reflecting that the scope of the Organic Law on Data Protection extends both data processing in public and private sector, either public or private purposes.
This service is aimed at the prevention of health workers to the risks inherent to the job identified in the opinion of the AEPD, in application of Law 31/1995, the data from monitoring will be communicated to affected workers, limiting their access to medical staff and health authorities to carry out surveillance health of workers, but may be provided by the employer or other person without the consent of the worker, as stated in Article 7.3 of the Data Protection Act noted above.
With additional character states that access to data belonging to a service worker by their peers, which is evaluated for the performance of their duties, is performed in the condition health professionals, and not as superiors, leading to stress that such access occurs as part of their duties, imposing a special duty of confidentiality
and diligence in the use and knowledge of the data, prohibiting the use of the same for something that is not limited to the preventive health service.
With all this, we observe that the matter relating to data protection within the ambit of any order, imposing not only one of its principles but respect for all existing legislation on the subject.
Medical Writing Published in the Tuesday, March 31, 2011. Number 1429. Year VII.
0 comments:
Post a Comment