part of the phsc group

CALL: 01622 717 700
  • BOOK ONLINE
  • CLIENT TESTIMONIALS
  • LOGIN

Health and Safety Consultants

  • Competent Person Service
    • Safety Advisor Service
  • Consultancy
    • Safety Management Systems
    • Safety Auditing
    • Risk Assessment
    • Covid-19 Risk Assessment
    • Environmental Management Services
    • Expert Witness Service
    • Policy Writing
    • Occupational Health
  • Tailored Safety Training
    • Tailored Training
      • Safe Manual Handling Course
      • COSHH Assessment
      • Fire Marshal Warden
      • Fire Safety Awareness
      • Free ISO 45001 Course
      • Health & Safety for Managers and Supervisors Course
      • Health & Safety Representatives and Committees Course
      • Introduction to Behavioural Safety
      • Manual Handling Assessment Course
      • Risk Assessment
      • Stress Awareness
      • Stress Assessment for Managers
    • Accredited & Approved Courses
      • IOSH Accredited Accident Investigation and Report Writing
        • IOSH Accident Investigation and Report Writing
      • IOSH Managing Safely Training Course
      • IOSH Managing Safely Refresher
      • IOSH Principles of Safety Management in Health Care
      • IOSH Principles of Safety Management in Healthcare – Refresher
      • IOSH Safety for Executives and Directors Training
      • IOSH Working Safely
      • NEBOSH HSE Award in Managing Risks and Risk Assessment at Work
      • NEBOSH National General Certificate
      • NEBOSH Environmental Management Certificate
    • E-Learning Courses
      • Health & Safety
      • Food Safety
      • HR Compliance
      • Business Compliance
      • Soft Skills
      • Management
    • Virtual Training
      • Accident Investigation Training
      • Health and Safety Awareness for Employees
      • Health and Safety for Appointed Co-ordinators
      • Health and Safety for Housing Associations
      • Health and Safety for Managers
      • Noise Awareness Training
      • Safe use of Ladders Training
      • Safety Committees and Safety Representatives
      • Senior Executive Briefing
      • Slinging and Lifting Training
      • Stress Management in Contact Centres
      • Understanding COSHH
    • Training help & advice
      • FAQs
  • Sectors
    • Healthcare
    • Social Housing
    • Transport Sector
    • Manufacture and Industry
    • Commercial Sector inc. Office Safety
    • Energy Sector
  • About Us
    • News/Blogs
    • What we do
    • Why us?
    • Meet The Team
    • Careers
    • Client Testimonials
    • PHSC PLC Group Companies
  • MY CART
    No products in cart.
01622 717 700QUICK ENQUIRY

GDPR

by Nicola Coote / Tuesday, 23 January 2018 / Published in PHSC blog
Tweet
Share
Share
Pin
0 Shares

What is the GDPR?

The General Data Protection Regulations (GDPR) will be effective from May 2018 and replaces the previous legislation about how data is should be secured and managed. This affects more departments than IT, and will include those dealing with health and safety management. So what do health and safety professionals need to think about relating to GDPR and this new legislation?

How will it affect your health & safety department?

A health and safety system will most likely have a large amount of personal data about employees, contractors, customers etc depending on the sector in which you work. The data might contain details such as names, addresses and phone numbers, all of which will come under this legislation and therefore need to be controlled. Other types of data that a health and safety department may hold which will come under the new regulations includes:

  • Occupational health reports
  • Risk assessments relating to those with limitations (medical, physical, sensory, learning or mental health)
  • Highly confidential data such as witness statements following accidents
  • Insurance claims and associated reports
  • Complaints from workers regarding health, safety or environmental workplace conditions.

With the new regulations, it is strongly advised that those dealing with health and safety should:

  1. Understand the current data process and identify where personal data may exist in health and safety documents;
  2. Record what personal data is held and the document title/type of document (i.e. make a list/register);
  3. Identify where data is distributed with third party companies and add this to your register;
  4. Consider and assess the reason for possessing the personal data (do you really need to have access to this? – if not – take yourself and your responsibilities out of the equation)
  5. Clarify the risk level which comes with holding personal data (breach of data security legislation, complaints or claims from individuals who feel their personal data has been inappropriately used or shared etc). You could use a basic risk rating matrix for this in the same way as completing a general risk assessment.
  6. Ensure that the data in the list you have compiled is stored securely and not accessible to anyone, including inadvertently, without a valid reason; and
  7. Obey the data retention policies within your own organisation.

Although, it may be challenging to implement the above stages, many of these will most likely be integrated into changes in the organisation’s policies and procedures as a whole.

It has been said, that 75% of businesses might find it difficult to introduce compliant methods before the start date of GDPR. However, if you can prove that you are in the process of effectively putting procedures in place, regulators may take this into consideration.

Health and Safety Management – Are you a Controller or a Processor?

Some people who deal with health and safety documents will be controllers, some will be processers of documentation and others will be both.  There are different requirements for each role-holder. So what is the difference?

As stated by the Information Commissioner’s Office (ICO) a Data Processor is in charge of choosing, whereas a Data Controller is who decides:


Overview of GDPR

GDPR needs to be treated carefully and followed by health and safety employees, even though there is currently lack of clarity and resources available to help us all understand how far we should be going to meet the legal requirements.

Because of this new legislation there may well be further implications relating to cyber and data security and this, together with health and safety management data, go hand-in-hand.

The GDPR means that all businesses will need to identify their health and safety data implications within this legislation, and to develop clear policies and procedures that can be followed without significantly disrupting day-to-day business.

If you would like to know more about how you can achieve this, please call us on 01622 717700 or email us at info@phsc-group.co.uk.  This is something we have already helped a number of clients with, so let us help you get ahead of the game.

Tweet
Share
Share
Pin
0 Shares
Tagged under: cyber and data, data protection, GDPR, health and safety, PHSC

About Nicola Coote

Nicola is deputy CEO and a founder member of AIM-listed PHSC plc, a group offering health, safety & quality systems consultancy and training along with innovative retail security solutions. She has over 30 years’ experience and was the first female in the south of England to attain Chartered Fellowship status of the Institution of Occupational Safety & Health (IOSH). She is also a Registered Expert Witness in both criminal and civil liability cases and an author / contributor to a number of leading publishers including LexisNexis and has been author, consultant editor or contributor to more than 30 titles produced by publishers such as Croner Publications. She is a registered Expert Witness and supports many organisations with civil and criminal cases.Nicola has been a Chartered Member of the CIPD (Chartered Institution of Personnel & Development) for over 20 years and is qualified in Environmental Management and Professional Marketing.

What you can read next

How to Achieve Thermal Comfort
NHS trust fined following patients death
Food firm fined after worker loses his life
NEWSLETTER SIGNUP
I agree that my submitted data is being collected and stored in accordance with our privacy policy.

Need some help?

Speak to one of our experts today.

01622 717700

Drop us an email here

Complete our online form

TOP

Contact

The Old Church,
31 Rochester Rd.,
Aylesford,
Kent ME20 7PR.

Tel: 01622 717700
Fax: 01622 718800
Email: enquiries@phsc.co.uk

Website & Privacy Policy

Terms & Conditions

PHSC plc Contingency Plan Covid 19

Pay Securely

pay securely online

RECENT BLOG ARTICLES

  • Employer’s Guide: Health & Safety Enforcement
  • Corporate Manslaughter for Care Home Company
  • Living with COVID: What Should Employers Do?
  • Home Working Risk Assessment
  • New COVID Vaccine Rules Care Homes

View all

Follow us on Facebook

Personnel Health &Safety Consultants Ltd

 

Copyright © PHSC 2023. Personnel Health & Safety Consultants Ltd. 31 Rochester Road, Aylesford, Kent ME20 7PR. Registered in England, No. 2485626

Personnel Health & Safety Consultants Ltd is a wholly owned subsidiary of PHSC plc.

PART OF THE PHSC GROUP