Data Protection
You are here: > Data Protection
Who we are?
The Health & Wellbeing at Work Co Limited (THWAW) are an independent provider of occupational health services.
What is our purpose of processing your data?
THWAW are contracted to process employees’ personal health data and we confirm that the information provided in the health questionnaires will be processed by occupational health practitioners for the following reasons only:
i) To assess an employee’s ability from a health perspective, to perform their job role
ii) To identify whether any reasonable adjustments may be required to help with any disability or impairment an employee may have
iii) To confirm that none of the requirements of the job role would negatively affect any pre-existing health conditions an employee may have
Our lawful basis for processing your data
As occupational health professionals, Article 9 (2) clause h) of the GDPR states that ‘processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems or services’.
What happens to the health information provided?
i) When the employee has completed this questionnaire, THWAW will make a recommendation to the employer to confirm and identify if any adjustments, supports or restrictions are required to ensure the employee can safely undertake the duties of the job role
ii) We will ask the employer to identify specific individuals to receive THWAW’s recommendation and this may include a line manager(s), human resources department and health and safety departments
iii) We confirm that the employer will not see the health information provided by the employee, without the employee first providing permission and we can confirm under the Access to Medical Records Act 1988 the employer cannot apply to a doctor or other specialist to see an employee’s health records without prior permission from the employee
How long do we retain your data for?
THWAW takes data security very seriously and we will only retain data in secure conditions for as long as we are legally obliged to; and no longer. This means for six years from the date employment is ended and one year from the date of the questionnaire if the job role does not commence.
Employee rights
You can withdraw your consent for us to process your data at any time and if you wish to do so please email THWAW at the following address: admin@fit4industry.com
You can ask to see your data at any time and we have made available a Subject Access Request Form:
Under current Data Protection legislation there may be exceptions set out which may form the basis on which an Occupational Health Professional may refuse to disclose all or part of your occupational health record or reports(s) upon request. The main exemptions are that information must not be released if:
• It is likely to cause serious harm to your physical or mental health or to that of others
• It relates to someone who would normally need to give their permission (where that person is not a health professional who has cared for the patient)
Download Subject Access Form
Useful links
Find out how to request your personal information: https://ico.org.uk/for-the-public/personal-information/
Guidance for job applicants on Section 60 of the Equality Act 2010
http://www.equalityhumanrights.com/uploaded_files/EqualityAct/pre-employment_health_questions_guidance_for_job_applicants_final.pdf
Questions about health and disability during recruitment
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/85013/employment-health-questions.pdf
Access to Medical Reports Act 1988
http://www.legislation.gov.uk/ukpga/1988/28/section/3
Raising a concern with an organisation handling your personal data: https://ico.org.uk/for-the-public/raising-concerns/