This page describes how personal information is processed in Simployer according to current regulations and . Notification and license obligation disappears in its current form with a new GDPR .
Infotjenester AS has used the law firm Grette DA to determine whether a license obligation / notification obligation arises and if the employee must consent when employers apply the Simployer HRM system.
As a main rule, all processing of sensitive personal data are subject to a license while all other processing (of "non-sensitive" personal data) are subject to notification. From this main rule there are a number of exceptions, for example, for most information in a register of employees. This means that processing of the information in a employee register must comply with the requirements of the law, but normally one do not have to apply for a license or notify the Data Inspectorate in advance .
The purpose of a employee register is personnel management. Examples of what are included in human resources management can be administration of salaries, development, training, career planning and handling of disciplinary matters.
The vast majority of personnel registers are excluded from license and reporting obligations. Personnel registers containing non-sensitive information only, with the addition of certain sensitive information (listed below), are not subject to a license obligation, if:
- the employee has given consent or the processing is laid down by law,
- the information is required to manage the employment, and
- the processing is part of the personnel administration.
The sensitive personal information that may be included without the obligation to notify are as follows:
- trade union information
- required absence information and information that is required to be registered (should be limited to absence date, type of absence and duration, with addition of some information required to be registered in accordance with section 5-1 of the Working Environment Act)
- information needed to facilitate the workplace due to health conditions.
The basic condition for processing personal data is laid down in the Personal Information Act (Pol.) § 11, which again refers to sections 8 and 9, which govern non-sensitive and sensitive personal data, respectively.
The term "sensitive personal information" is a common term for particularly sensitive personal data that has a special protection. In pol. § 2, no. 8 c) "health information" is defined as sensitive personal information. Initially, information about sick absence and other health conditions will therefore be sensitive personal information. Data limited to informing about shorter absence (eg absence due to cold etc) may be assumed to be non-sensitive information. However, information about eg. prolonged sick leave is probably sensitive personally identifiable information. This distinction between sensitive and non-sensitive personal data related to sick absence has been confirmed by telephone by the Data Inspectorate by senior adviser Christine Ask Ottesen.
Thus, it is not possible to provide a clear, general answer to the extent of which the boundary between sensitive and non-sensitive personal data goes as far as absence information is concerned. Our recommendation is therefore that employers treat all personal information in accordance with the terms that apply to sensitive personal information, cf. pol. § 9.
Pol. section 9 stipulates that processing of sensitive personal data requires, firstly, that one of the conditions in section 8 is met. Section 8 states that the conditions for processing is that (1) the registered has consented, (2) that processing is stated by law, or (3) that the processing is subject to one of six different alternative conditions set forth in point a ) to h). In our opinion, points a) and f) are the most relevant in this case. Pol § 8 a) stipulates that processing can be done without consent if necessary to "fulfill an agreement with the registered" , and Section 8 (f) states that there is no need to obtain consent if the processing is necessary for "the processing officer or third parties to whom the information is handed over to may have a legitimate interest, and the privacy of the data does not exceed that interest."
Second, at least one of the alternative additional conditions in § 9 a) -h) must be fulfilled. The relevant legal basis for our assessment is section 9 (f), which states that storage can be done if it is "necessary for the processor to carry out his labor duties or rights". An employer has a number of different legal obligations to his employees, such as the duty to pay sickness benefits, systematic follow-up of HSE and other labor law obligations. Common to these obligations is that they arise from a contract of employment which commits employers to, for instance, to pay sickness benefits. The employer's registration of absence date, and whether the absence is due to own sickness or the absence is due to children's sickness, is necessary to fulfill the employment agreement and safeguard the interests of employees.
In our opinion, pol. § 8 a) and f) and § 9 f) are adequate legal basis for the employer's storage of sickness data without the employee's consent. The employer therefore does not need to obtain consent from the employee for such sickness data to be registered.
Simployer allows for registration of various roles in a hierarchy, and all employees are assigned to an immediate superior, which in turn is allocated to their immediate superior. In the following we will discuss the issue of employers being obliged to impose restrictions on how far up the hierarchy such an approach may be, for example, if employee personnel data may only be available to the immediate superior and thus not available to the immediate superior's head.
The Personal Information Act or the Working Environment Act does not explicitly regulate the extent to which the organization's personal data may be available. However, in our opinion, the legitimate access to the information will depend on the official need for such access. Access must not be open to all the managers of an employer, but only those who will use the information in the performance of their duties. This will usually include the employee's immediate superior as well as the Human Resources Department and the Payroll Department.
How far up in the hierarchy there will be a formal need for access to the employee's sickness data may thus vary. This means that it is up to the employer to decide on the question, and the employer must himself draw the limit for who has a formal need for access to employee data . However, in order to facilitate such a delimitation, Simployer must enable each company to block access for persons who do not have a decent need.
Physical storage of data
There are no specific rules on how data that can be traced to people is stored, other than that it is to be stored in a safe way where access and availability are limited. The Data Inspectorate has made general guidelines for how the applicable legislation is to be interpreted: http://www.datatilsynet.no
Infotjenester always store customer data in customer-specific, separate databases. Data from different customers is never mixed in common databases. The data in the customer database is the client's property and is protected from data processing (Infotjenester) access.
- No labels