Occupational Health - Confidentiality of sensitive personal information

[Mogs43]

Please can you help?

I have been on sick leave and my employers have asked to have access to my medical reports. My initial response was of course and I was about to send off the signed consent form tonight. However, I have just recalled that my psychiatrist has sent a report to my GP containing some very personal information (sex abuse in my childhood etc) which I am assuming would now be on my medical reports. Previously I would have just trusted that Occupational Health would treat this information confidentially but I had problems with my last line manager (severely bullied after he turned down a FW rest and I appealed). During this process nothing was treated confidently (the whole team knew all the details) and there was a very unfortunate incident where I was accused by my line manager of providing negative feedback to HR (they read aloud the return that was supposed to be anonymous - HR offered to confirm that it hadn't come from me, which it hadn't, but it was too late/my manager wouldn't believe them). This has all made me very worried that the information in my medical records wouldn't be treated confidentially - I would be mortified for people I manage/work with / see in meetings to know about the abuse (only my mother, best friend and psychiatrist know at the moment). It is such a long time ago it almost doesn't feel like it happened but I know that it has shaped my life. It would make me feel very uncomfortable (dirty/grubby/emotional) to think people I haven't told (so far its all men involved) know all the details.

I want to be helpful , could ask for assurance from HR ( they do have a policy) but given my previous experience I am not sure I trust them anymore. Please can you advise me as to what you would do? Thank you

What do your employers need access to your sickness records for exactly?

Why is a doctor's note (or letter if they need to know something specific) not sufficient?

It seems reasonable to give them a letter from GP/specialist, or agree to a medical with their own doctor. But all your medical records seems very excessive and intrusive. Could you seek advice from a union. Or do you have house insurance with a free legal helpline?

You mention OH but mention a request to get a GP report, is it Oh requesting this? Or your manager.

For clarity, Occupational Health could speak to you first as a referral / discussion with an OH nurse, reviewing how you are, diagnosis, prognosis and recommendations, OR, Occ Health could be the ones to write to your GP, to gain an opinion on your health, diagnosis, prognosis etc. OR, it could be a combination of both of the above.

Consent to access medical records should only be “relevant”, so requesting ‘everything’ is unlikely, but more importantly, unnecessary.

Your information, as you rightly say, “sensitive data” (under GDPR, medical info is classified as sensitive therefore needs consent) must be protected carefully by the business and OH. Given that you have prior history and concerns, I would formally write back to the business stipulating what exactly you’re consenting to.

I would personally suggest:

1. request what specific information they would like from your GP. You may be able to provide them with that information. Might be requesting the form or referal letter they are providing your GP too. It’ll be useful to see this prior to you consenting.

2. consent only to the specific health issue that is relevant; eg. This illness, dating back no more than X years (2 maybe?), nothing more.

3. request that only an independent Occ Health company are allowed to request the report from your GP, not the business directly. This would add a layer of independence. OH should be pretty hot on GDPR etc and a decent OH would then receive the info from your GP, and can compile a report based on it (so the company wouldn’t then see the actual GP report)

4. finally, consent only with the option to view the report prior to the sending to the OH provider/business. The Medical Records Act gives you this option, many don’t utilise it but I would. You can then book an appointment with your GP and more or less stipulate what you want to be put into the report. A good GP (or medical secretary) will work with you to only put in what is required.

Summary, GP reports are normally not worth the paper they’re written on or the cost charged to a business. OH reports are far more useful for both the employee, and the business eg recommendations, advice etc It honestly depends on how good the HR team and OH work together. I’ve always worked well with our OH to ensure the employee is fully supported by OH, however I know of businesses who use OH to help them rather than the employee, and that’s where trust is questioned and things turn sour.

Tick the box to see the report before it is sent to your employer. The report should only show information relevant to your health problem.

I have had a number of interactions with OH and I just refused to give permission for my medical records. I was asked why (by OH not my employer) and I explained that I have a (not relevant to the issue I was referred for) condition which is deeply personal and the anxiety caused by giving access would have a detrimental on my welfare and likely lead to more time off work with anxiety/stress. Was never a problem. I did speak with my gp about it before declining permission and he said he doesn't actually get that many requests from OH as they tend to want a quick turn around and having to ask him for records and/or report delays things so much.

@Mogs43 normally you can liaise with your GP and they will provide you with the exact wording of the medical statement to be submitted to your employer.

Even though Occ Health are asking for your "medical records" they certainly do not, and should not, need access to your entire medical history. They will only need what is relevant to your current absence. That's why it's important you approve what your GP will submit in advance, and don't approve anything that isn't relevant to your current absence.

Thank you all so much for your advice- it is extremely helpful . I was thinking about speaking to my TU rep but its all so personal I didn't really know how to word it - you have given me some really helpful suggestions above. Thank you.

I am sorry if my message wasn't very clear. I have been off on sick leave. My line manager has asked for my agreement to refer me to Occupational Health (Health Management ltd who I assume are an independent company, although the referral form says that all information they hold on me can be shared with HR and my line manager , and my employer is the data owner) - so that they can consider my fitness to return to work and any adjustments that might be needed. I thought this might be helpful and was keen to get the process going. However my Line Manger added that they would need access to my medical reports which, for the reasons previously mentioned, I would be anxious about.

My mind isn't very clear at the moment (partly why I am off work) so having reflected I think I should try to take it a step at a time? Agree to the Occupational Health referral but ensure that for now I don't sign anything that agrees to full access to medical records. Going forward I could then proceeded as BackInMarch2020PreCovid has so helpfully set out above.

My normal comprehension/ ability to take things in/ consider detail isn't as good as it usually is so I may ask the TU to check things over so I don't make any mistakes. I hope this is okay. I am sorry for bothering you all with this - I just want to do the right thing (be helpful but also not cause more anxiety/ problems for myself in the future?). This is all a bit frustrating - it demonstrates how things I could once deal with without blinking are a bit of a struggle: I was once capable now not so. Anyway thank you for all your help. I am very grateful.

My normal comprehension/ ability to take things in/ consider detail isn't as good as it usually is so I may ask the TU to check things over so I don't make any mistakes. I hope this is okay. I am sorry for bothering you all with this - I just want to do the right thing (be helpful but also not cause more anxiety/ problems for myself in the future?). This is all a bit frustrating - it demonstrates how things I could once deal with without blinking are a bit of a struggle: I was once capable now not so.

Take things steady - it sounds like you may not be ready to return to work if you currently have problems processing information. Don't feel pressurised to return to work, especially if your employer provides a good (enhanced) sick leave policy. Hopefully you are clear on what they offer in terms of sick pay. If not seek support from your Union, they are there to help.