News

NEWS: Misuse of GDPR ‘restricting’ work of safety reps, say TUC

By on

Employers are restricting union safety reps’ access to information under a ‘nonsense’ interpretation of the General Data Protection Regulation (GDPR) the TUC has warned.


From May 25, the GDPR brought in new requirements on businesses to manage their data differently. The aim is to ensure a greater level of protection of personal data and more robust security of information.

But, according to TUC’s head of safety Hugh Robertson, there have been unintended ‘worrying’ ramifications for health and safety. Writing in a TUC blog posting, he said: “We find that a lot of employers are saying that the GDPR restricts what information they can supply [to health and safety representatives].

“Examples of this include refusing to hand over information from accident report forms, instead saying they will just give quarterly reports, or instructing their auditor to stop sharing their safety audits with safety representatives on the grounds they contain some personal data.

“This is nonsense. These employers are making no attempt to gain consent for sharing the information or, if consent is withheld, anonymising
the information.”

According to HSE, GDPR should make no difference to union safety reps’ work as the Safety Representatives and Safety Committees Regulations already impose requirements on consent.

A spokesperson told Safety Management: “Employers are required to provide documents and information requested by safety representatives under Regulation 7 of SRSC as before. This includes the requirement to obtain the consent of an individual employee before providing to safety representatives documents which relate specifically to that employee.”

The injured party needs to provide permission for their personal information to be shared with third parties. Photograph: iStock

However, according to Murray Ferguson, director at health and safety software systems provider Pro-Sapien, organisations without ‘flexible’ IT systems may struggle to handle sensitive data appropriately.

“Employers who have left it late to consider the legislative impact may find themselves in a situation where meeting the requirements of GDPR and their union rep obligations are time consuming and cumbersome,” said Ferguson.

“In an ideal situation, the EHS professional should be aware of and ensure that free text fields relating to the incident should not include personal information when managing the Incident Reporting process. This means that the details of an individual can be managed in controlled fields (such as Health Records) and omitted where the recipient third party does not need to know that information – although, as Robertson argues, without some data the report may be useless.

“We see this being handled by using report types; template reports can be created where only the appropriate level of detail is provided based to the recipient of the report and whether the injured party has provided permission for their personal information to be shared.”

He added that the process of gaining such permissions may be a ‘challenge’, but ultimately not problematic. “In the case of union reps it is likely that the data subject would not object to their information being shared.”

GDPR and Health and Safety, a Guide here

GDPR Online training avalaible here

 

 

 

 

NEWS


Open plan iStock-1011792700_monkeybusinessimages SMLL.jpg

Only 5 per cent of firms expect staff in the office full time, says CBI

By Belinda Liversedge on 26 July 2021

93 per cent of firms plan to adopt hybrid working models, according to a Confederation of British Industry (CBI) report.



Istock MED 1212160149 William87

Masks only effective if ‘everyone does it’ warn health leaders

By Belinda Liversedge on 13 July 2021

Experience has taught us that we can’t guarantee people will behave responsibly to prevent Covid transmission and wear masks, the chair of the British Safety Council has warned.



Rekjavik Istock 1281062322 Elena Goosen MED

Iceland embraces four-day week after trial success

By Belinda Liversedge on 12 July 2021

The success of a pilot to trial the four-day working week in Iceland should be noted by other governments, the think tank which led the project has said.