data protection

Vol. 1, Issue 32 (Mar 06) Data & Data

Health and Safety – Data Protection

Any business that processes personal data must comply with the Data Protection Act 1998. Since all businesses utilise some personal information, for example information relating to employees, agents and directors, data protection affects all businesses, B2B and B2C alike.

The first requirement is to register for data protection unless the business is exempt. The main exemption applies to businesses that do not process personal data as a key part of its service offering, for example a building contractor, retailer or plumber. Some activities are also registrable such as operating a CCTV scheme, using credit reference information and marketing goods and services provided by third parties.

Failure to notify.

Two debt collection agencies were fined by magistrates in October 2005 for the offence of failing to notify contrary to section 21 of the Data Protection Act 1998. The fines levied were the maximum amounts allowed by the legislation, £5,000 plus costs.

Failing to notify is a strict liability offence, there can be no defence to the charge. Therefore businesses are encouraged to notify at a cost of £35 per year rather than risk a charge under section 21.

Key implications for health and safety.

Records that are retained for purposes of Health & Safety will contain personal data relating to employees and others, such as visitors to the organisation’s premises. Generally the following records are held for Health & Safety purposes: -

Details of fire wardens and first aiders. This information may be disclosed to the Emergency Services to assist in managing an incident should one occur. Employees should be aware of this disclosure of their personal data.

Accident books and incident logs. These will necessarily contain sensitive data relating to the physical and/or mental health of those involved in an accident at work. All who are asked to contribute personal data to an accident book should be aware of the identity of the organisation requesting the information, the purposes for which the data will be used and any other information relevant in the circumstances including any likely disclosures to insurers or their agents. The use of sensitive data often requires the consent of the person to whom it relates. Remember also that accident data might be anonymised and disclosed as statistics.

Visitors’ books. These require visitors to supply personal data and should be supported by appropriate statements about the organisation, the purposes for which the details to be recorded will be used and any other information relevant in the circumstances.

Claims files. These are likely to contain sensitive data relating to an incident. The data will be disclosed to insurers. The use of sensitive data often requires the consent of the person to whom it relates.

Monitoring activity. If the employer resorts to monitoring to help reduce or prevent accidents, there are issues related to the use of personal data for monitoring. There is a Code of Conduct for the use of employee personal data which sets out best practice standards for monitoring to cover data protection and human rights requirements.

We would recommend that you seek advice from our friends at www.dp-smart.co.uk. 01883 331134. Data Protection Consulting, an organisation dedicated to providing first rate advice and deliverable solutions for clients.

Control of Noise at Work

Came into force April 2006, they replace the “Noise at Work Regulations 1989″.

Employees Duties.
Employees have a duty to comply with measures that organisations have placed upon them.

This includes using noise control measures as provided and in line with manufactures instructions and guidance.

To wear hearing protectors in accordance with instructions provided when exposed at or above the upper exposure action values and at all times in hearing protection zones.

Taking care of hearing protection and noise control equipment that is provided.

Reporting defects with hearing protection, reporting defects with noise control measures or reporting difficulties with using the equipment provided.

Someone has to have overall responsibility to ensure that there is an appropriate hearing protection programme and that it is adopted, this should include, issue and such distribution of hearing protectors.

You should provide information, instruction and training to all employees at risk and actions they have to take to enable compliance.

You should carry out spot checks to ensure that hearing protectors as issued are used and worn, where employees are not using hearing protection they should be questioned as to why and attempt to resolve difficulties or give and record a verbal warning.

Where employees persistently fail to use hearing protection properly you should follow disciplinary procedures.

You must ensure that any noise-control equipment is maintained and carry out regular checks, and report defects and remedy any defects noted.

You must provide appropriate provide signs and warning notices to state where and when protectors are to be worn and used.

You should reduce exposure to noise to as low as is reasonably practicable, by establishing and implementing a programme of organisational and technical methods, excluding the provision of personal hearing protection.

issue32

Tags:

Wednesday, June 10th, 2009 news Comments Off