Good recordkeeping
This page includes guidance on the confidentiality of occupational health information and records.
General principles of consent and confidentiality
Occupational Health nurses have the same general duties of confidentiality as other nurses. The best concise guide on confidentiality is the Confidentiality: NHS Code of Practice.
The same principles apply to non-NHS workers as to NHS workers. The fact that this is an NHS code should not prevent private sector nurses from consulting it.
The general rule is that confidential health information may only be disclosed with the employee’s informed consent. If consent is given orally then this should be recorded in the patient record.
There are limited exceptions to this general rule. Records may be disclosed without consent if:
• The employee is not capable of consent and disclosure is necessary in the best interests of the employee;
• If there is a legal requirement to disclose (e.g. with certain transmissible diseases);
• If there is a court order for disclosure;
• When disclosure is necessary in the public interest.
If there is said to be a legal requirement to disclose (e.g. if a police officer asserts this) but the employee does not consent to disclosure, then it is best to seek legal advice from your employer’s legal advisers before making the requested disclosure.
Regarding disclosure in the public interest, there is a useful supplementary guidance Confidentiality: NHS Code of Practice–– Supplementary Guidance: Public Interest Disclosures.
All nurses should adhere to the NMC code.
Oral or written consent
Oral consent can often cause anxiety and while legally it is perfectly acceptable and consent does not have to be in writing, the concern is that it can be challenged.As a safety net, it is worth getting the individual to sign alongside where the record of their verbal consent has been given, as soon as is practicable.
If what is proposed is a report to a manager, the ideal is a copy of the proposed report with a section at the bottom of the page clearly stating that the individual consents for example:
'I consent to disclosure of the above report to [name of manager]'. Signed.......Dated......'
Case study
A prospective employee challenged a company stating that they had been discriminated against for employment.
The case went to industrial tribunal and the occupational health records were subpoenaed as part of the investigation.
The occupational health nurses record of the telephone conversation had been dated, and the time recorded that the conversation started and finished. This was challenged by the employee, as not being a true and accurate record and that the conversation did not last for the length of time recorded.
The tribunal found that this was an accurate record even though it was a telephone conversation as it clearly stated the time and length of the conversation and it had been signed.
While this was a satisfactory outcome, on reflection the occupational health nurse now requests that wherever possible the employee sign the clinical record to say that it is an accurate recording of our discussion to help difficult cases.
Disclosures to the employee’s manager, with consent
The day-to-day decision that has to be made by occupational health nurses is whether to disclose confidential health information about employees to their managers.
Occupational Health nurses are sometimes put under pressure by management to make wholesale disclosures of health information.
With rare exceptions (considered below) the nurse should not disclose health information to management unless the employee has freely consented to this. The employee should know exactly what disclosure s/he is consenting to, and the purpose of this disclosure. Best practice is to show the employee the draft report.
There is a clear imbalance of power between the employer and the employee. In these circumstances, the General Data Protection Regulation (GDPR) require that confidential information should not be disclosed on the basis of consent alone, but only if one of the other GDPR justifications for disclosure is satisfied.
In occupational health practice, the justification will usually be GDPR Article 9 paragraph 2(h):
'...processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems...'
The occupational health nurse should disclose only as much information as is necessary for this purpose.
When reporting to management, therefore, the OH nurse should normally:
1. Consider what information it is necessary to disclose 'for the assessment of the working capacity of the employee';
2. Inform the employee of the information to be disclosed and the reason for disclosing it;
3. Seek the consent of the employee for disclosure of this information;
4. If consent is granted, send the report;
5. If consent is refused, consider whether or not it is necessary to disclose this information without consent.
See ICO guidance on using consent. See also ICO lawful basis for processing (ARTICLE 6 GDPR) and for data considered a special category, (i.e. sensitive, which includes data about health) See ICO special category data (ARTICLE 9 GDPR). All other legislation; common law and ethical duties of health professionals have not been abolished by the data protection legislation but run in parallel to it see ICO guidance on lawfulness fairness and transparency.
Disclosures to the employee’s manager, without consent
It will not usually be necessary to disclose a report without consent. If the patient does not consent to disclosure, the nurse will usually report to the manager that the employee has not consented, and the manager will then make the necessary management decisions without benefit of health advice.
However, sometimes disclosure without consent is necessary in order to protect others. See the case study, below.
Case study
An employee is a bus driver and refusing to consent to disclosure of the result of their eye test, which indicates that they have an open angle glaucoma causing extensive reduction of the visual field.
In view of the potential danger to the public, some kind of disclosure probably is necessary, even though the employee has not consented.
In these circumstances, it is not necessary to disclose the diagnosis to the manager. However, it is necessary to disclose that the employee has severe eyesight problems and cannot safely work as a bus driver.
Access to reports or records by other members of staff
Occupational health records and reports should only be disclosed to other members of staff on the same basis as to management.
E.g. if disclosure to the health and safety manager is requested, the OH nurse should:
1. Consider what information it is necessary to disclose in order to enable the health and safety manager to carry out her duties;
2. Inform the employee of the information to be disclosed and the reason for disclosing it;
3. Seek the consent of the employee for disclosure of this information;
4. If consent is granted, disclose the information;
5. If consent is refused, consider whether or not it is necessary to disclose this information without consent.
Subject access to records
All patients have a right to access their health records in accordance with the Data Protection Act. The exceptions to this are unlikely to apply in the OH setting.
In rare cases, some names or details in the records may need to be withheld or redacted. Nurses should follow the ICO guidance on right of access
Time limits for storing OH records
As a general principle, OH records should only be kept for as long they are needed. NHS Digital advises that confidential OH records should be kept as long as the employee is in employment plus 6 years or until their 75th birthday, whichever comes first.
In some cases, there is a legal requirement to keep the records for a longer period. Where people are working with ionising radiation, the records need to be kept for 30 years. Where people are working with asbestos or lead or under COSHH, the records need to be kept for 40 years. The period of retention of records of statutory health surveillance is laid down in legislation and detailed by the Health and Safety Executive guidance on record keeping or specific risk-advice. The duration of retention should be identified in the local policies or procedures and be compliant with legislation.
The statutory retention period applies only to the basic health record, which includes the identifying details of the employee, a note of surveillance procedures undertaken and the result in terms of fit/unfit/fit with adjustments. This health record should be given to the employer to keep. The detailed clinical results should be kept separately in the OH records and are confidential to occupational health.
Useful resources
- Data Protection Act 2018
- General Data Protection Regulation GDPR
- Information Commissioner’s Office
- ICO guidance on GDPR including links to useful case studies on the previous Data Protection Guidance
- General Medical Council: Revised confidentiality guidance
- Health and Safety Executive
- HSE advice on record keeping
- NHS Digital records management
- Faculty of Occupational Medicine (FOM)
- FOM guidance on GDPR
- FOM guidance on ethics, which can be purchased from the FOM
RCN members can contact the RCN to discuss particular issues.
Page last updated - 08/07/2023