Looking for your thoughts on this.
GDPR has 6 legal basis on processing data and I’m aware everyone is sticking to ‘consent’ as the go to.
My understanding is that they have to give explicit consent that is given freely. Which is the case for management federal etc.
In health surveillance however, consent is not given freely. It’s either usually a requirement of the employing company as part of their HSAW policy or a legal requirement. Therefore consent is expected as part of their role.
I am more inclined to think that the legal basis for processing data for health surveillance specifically is more akin to Compliance with a legal obligation.
Any opinions?
Georgina
********************************
Please remove this footer before replying.
OCC-HEALTH ARCHIVES:
http://www.jiscmail.ac.uk/lists/occ-health.html
CONFERENCES AND STUDY DAYS:
http://www.jiscmail.ac.uk/cgi-bin/filearea.cgi?LMGT1=OCC-HEALTH
|