©  by Zen Occupational Health Proudly created by The Pixel Bullies.com


Zen Occupational Health Ltd as both the Data Controller and Data Processor is committed to protecting the rights of the individual and acknowledge that any personal data of yours that we handle will be processed in accordance with the Data Protection Act 1998 (DPA) and the new General Data Protection Regulations (GDPR) 2018


What Data will be collected

The following data may be collected, held and stored by Zen Occupational Health

  • Personal information (e.g. Name, Address, Date of Birth)

  • Characteristics (ethnicity, gender)

  • Past and present Job Roles

  • Medical Records

  • Health Surveillance records


Whom will it be collected from

  • Human Resources

  • Managers

  • Employees

  • Occupational Health Physicians

  • General Practitioners

  • Physiotherapists

  • Counsellors

  • Administrators

  • Occupational Health Advisors and Technicians


How will it be collected

  • Information received in the post

  • Via E-mail

  • Verbal (face to face and telephone)

  • Health Questionnaires

  • Health assessments for example hearing tests, lung functions tests and drug and alcohol testing.

  • Medical reports requested by Occupational Health / Human resources


How will it be stored

All personal data is stored electronically on a secure database that only has access by a member of the Occupational Health team. All paper copies are scanned into a database and then destroyed.


Why is it collected

  • For the purposes of preventative or occupational medicine and assessing the working capacity of the employee

  • To ensure the health and safety of the employees at work and to allow consideration of any adjustments that may be required to support their ability to work.

  • Data may also be used for research, audit or statistics but will be anonymised if this is the case.


Lawful Basis for processing the information

  • The lawful basis for processing this sensitive personal information is the employer has a duty to carry out health surveillance under the Health and Safety Act 1974 and associated regulations.

  • Additional condition -  Article 9(2)(h), (3) The processing is required for medical treatment undertaken by health professionals, including assessing the working capacity of employees and the management of health or social care systems and services. Occupational Medicine is a special category thus “processing is necessary for the purposes of Occupational Medicine” and Article 9(3) which states that processing is permitted “When the data is processed by a regulated health professional”.


How long will data be held for

  • Management referral information will be held for 6 years after the employee has left their job or 75 years of age (whichever is soonest) as recommended by the British Medical Association (BMA)

  • New Employee medicals will be discarded after 2 years if the employee doesn’t take up the offer of the job

  • 40 years in relation to Health Surveillance as required by the Health and Safety Executive (HSE)


Who will my information be shared with

  • Information will be shared with appropriate others as per consent. All reports sent electronically will be encrypted and pass worded. Only in the event of a serious risk to life will confidentiality be breeched.


What are your rights

  • You have the right to see any information we hold about you in your occupational health record.

  • You can also request that an amendment is attached to your health record if you believe any of the information held is inaccurate or misleading.


For more information contact us on 01270 845748Office@zenohltd.co.uk