Datos de salud de empleados y confidencialidad en la empresa

Employee health data is specially protected data. A company cannot disclose, forward or share it with third parties unless there is a clear legal basis, a valid Article 9 GDPR exception and a proportionate need.

Employee health data and confidentiality in the company

What counts as health data

Health data is information revealing a person’s physical or mental health. In employment it may appear in sick leave documents, absence justifications, fitness reports, medical examinations, workplace adaptations, occupational risk prevention communications or disability information.

What the company may know

The company may need enough information to manage absences, employment obligations, risk prevention or adaptations. But data minimisation applies: the employer is not entitled to know full diagnoses, treatments or medical details that are not necessary for a legitimate employment purpose.

Common mistakes

  • Forwarding medical documents to people who do not need access.
  • Including diagnoses in internal communications.
  • Keeping full medical reports in ordinary HR files.
  • Sharing health data with clients or suppliers without a legal basis.
  • Not separating HR management from occupational health surveillance.
  • Not limiting access in HR or prevention departments.

Good practices

  1. Request only strictly necessary information.
  2. Separate medical or prevention files from general employment documentation.
  3. Limit access to authorised staff.
  4. Inform employees about the processing of this data.
  5. Review contracts with prevention services and mutual insurance bodies.
  6. Document the legal basis and security measures.

Recommended official sources

Conclusion

Employee health data requires special caution. The company should process only what is necessary, limit access and prevent medical information from circulating as ordinary employment documentation.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *