ÃÛÌÒÖ±²¥

Your web browser is outdated and may be insecure

The RCN recommends using an updated browser such as or

hands pulling out folder from filing cabinet

Good record keeping

This page includes guidance on the confidentiality of occupational health information and records.

General principles of consent and confidentiality

Occupational health (OH) nurses have the same general duties of confidentiality as other nurses.

The same principles apply to non-NHS workers as to NHS workers. The fact that this is an NHS code should not prevent independent sector nurses from consulting it.

The general rule is that confidential health information may only be disclosed with the employee’s informed consent. If consent is given orally then this should be recorded in the patient record.

There are limited exceptions to this general rule. Records may be disclosed without consent if:

  • the employee is not capable of consent and disclosure is necessary in the best interests of the employee
  • there is a legal requirement to disclose (for example, certain transmissible diseases)
  • there is a court order for disclosure
  • when disclosure is necessary in the public interest.

Read the for more information on confidentiality.

If there is said to be a legal requirement to disclose (for example, if a police officer asserts this) but the employee does not consent to disclosure, then it is best to seek legal advice from your employer’s legal advisers before making the requested disclosure.

Regarding disclosure in the public interest, there is a useful supplementary guidance .

All nurses should adhere to the .

Oral or written consent

Oral consent can often cause anxiety and while legally it is perfectly acceptable and consent does not have to be in writing, the concern is that it can be challenged. As a safety net, it is advised to get the individual to sign alongside where the record of their verbal consent has been given, as soon as is practicable.

If what is proposed is a report to a manager, the ideal is a copy of the proposed report with a section at the bottom of the page clearly stating that the individual consents for example:

'I consent to disclosure of the above report to [name of manager]'. Signed.......Dated......'

Case study

A prospective employee challenged a company stating that they had been discriminated against for employment.

The case went to industrial tribunal and the OH records were subpoenaed as part of the investigation.

The OH nurses record of the telephone conversation had been dated, and the time recorded that the conversation started and finished. This was challenged by the employee as not being a true and accurate record and that the conversation did not last for the length of time recorded.

The tribunal found that this was an accurate record even though it was a telephone conversation as it clearly stated the time and length of the conversation and it had been signed.

While this was a satisfactory outcome, on reflection the OH nurse now requests that wherever possible the employee sign the clinical record to say that it is an accurate recording of our discussion to help difficult cases.

Disclosures to the employee’s manager, with consent

The day-to-day decision that has to be made by OH nurses is whether to disclose confidential health information about employees to their managers.

Occupational health nurses are sometimes put under pressure by management to make wholesale disclosures of health information.

With rare exceptions (considered below) the nurse should not disclose health information to management unless the employee has freely consented to this. The employee should know exactly what disclosure they are consenting to, and the purpose of this disclosure. Best practice is to show the employee the draft report.

There is a clear imbalance of power between the employer and the employee. In these circumstances, the General Data Protection Regulation (GDPR) require that confidential information should not be disclosed on the basis of consent alone, but only if one of the other GDPR justifications for disclosure is satisfied. 

In OH practice, the justification will usually be GDPR Article 9 paragraph 2(h):

'...processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems...'.

The OH nurse should disclose only as much information as is necessary for this purpose.

When reporting to management, therefore, the nurse should normally:

  1. Consider what information it is necessary to disclose 'for the assessment of the working capacity of the employee'.
  2. Inform the employee of the information to be disclosed and the reason for disclosing it.
  3. Seek the consent of the employee for disclosure of this information.
  4. If consent is granted, send the report.
  5. If consent is refused, consider whether or not it is necessary to disclose this information without consent.

See . See also and for data considered a special category, (i.e. sensitive, which includes data about health) See . All other legislation; common law and ethical duties of health professionals have not been abolished by the data protection legislation but run in parallel to it see .

Disclosures to the employee’s manager, without consent

It will not usually be necessary to disclose a report without consent. If the patient does not consent to disclosure, the nurse will usually report to the manager that the employee has not consented, and the manager will then make the necessary management decisions without benefit of health advice.

However, sometimes disclosure without consent is necessary in order to protect others. See the case study below.

Case study

An employee is a bus driver and refusing to consent to disclosure of the result of their eye test, which indicates that they have an open angle glaucoma causing extensive reduction of the visual field.

In view of the potential danger to the public, some kind of disclosure probably is necessary, even though the employee has not consented.

In these circumstances, it is not necessary to disclose the diagnosis to the manager. However, it is necessary to disclose that the employee has severe eyesight problems and cannot safely work as a bus driver.

Access to reports or records by other members of staff

OH records and reports should only be disclosed to other members of staff on the same basis as to management.

E.g. if disclosure to the health and safety manager is requested, the OH nurse should:

  1. Consider what information it is necessary to disclose in order to enable the health and safety manager to carry out her duties.
  2. Inform the employee of the information to be disclosed and the reason for disclosing it.
  3. Seek the consent of the employee for disclosure of this information.
  4. If consent is granted, disclose the information.
  5. If consent is refused, consider whether or not it is necessary to disclose this information without consent.

Subject access to records

All patients have a right to access their health records in accordance with the Data Protection Act. The exceptions to this are unlikely to apply in the OH setting.

In rare cases, some names or details in the records may need to be withheld or redacted. Nurses should follow the .

Time limits for storing OH records

As a general principle, OH records should only be kept for as long they are needed. NHS Digital advises that confidential records should be kept as long as the employee is in employment plus 6 years or until their 75th birthday, whichever comes first.

In some cases, there is a legal requirement to keep the records for a longer period. Where people are working with ionising radiation, the records need to be kept for 30 years. Where people are working with asbestos or lead or under COSHH, the records need to be kept for 40 years. The period of retention of records of statutory health surveillance is laid down in legislation and detailed by the Health and Safety Executive guidance on record keeping or specific risk-advice. The duration of retention should be identified in the local policies or procedures and be compliant with legislation.

The statutory retention period applies only to the basic health record, which includes the identifying details of the employee, a note of surveillance procedures undertaken and the result in terms of fit/unfit/fit with adjustments. This health record should be given to the employer to keep. The detailed clinical results should be kept separately in the OH records and are confidential to OH. 

Useful resources

  • ICO  including links to useful case studies on the previous Data Protection Guidance
  • General Medical Council: 
  • FOM 
  • FOM , which can be purchased from the FOM

RCN members can contact the RCN to discuss particular issues.

Page last updated - 31/07/2024