It happens that individual employees in companies are absent due to illness. This results in personal data. What needs to be communicated to whom in these cases? How else should the data of the employee on sick leave be handled? You can find out here.
Information of the certificate of incapacity for work included on all four pages:
- Health insurance company or payer,
- Name, address, date of birth and insured number of the person with the disease,
- Cost Object Identifier,
- Physician number and name of certifying physician,
- Dates of issuance of the certificate, determination, and the beginning and expected end of incapacity for work,
- Initial or follow-up certificate,
- is work the cause (yes/no),
- Transit doctor assigned (yes/no).
On the first, third and fourth pages are additionally noted:
- up to six illnesses or symptom complexes that can justify incapacity for work (coded according to ICD-10), but not in the case of certificates from the dentist;
- Status of the insured,
- Operating site number,
- Accident as cause (yes/no),
- Supply condition (yes/no),
- Rehabilitation services required (yes/no),
- gradual reintegration (yes/no),
- other special measures,
- Sick pay case (yes/no), final certificate (yes/no), if applicable.
On the second page (for the employer), the designation of the illness or its symptoms is missing for reasons of health data protection and medical confidentiality.
How may the employer handle sick leave?
If the employer receives a sick note, it must be handled in the same way as the other sick notes. personal datacollected during the employment relationship: The employer must specify which data it processes (Art. 13, 14 GDPR) and this data must be deleted if the purpose for which it was collected no longer applies. A sick note may only be kept until the employee's claims to sick pay, for example, have been settled.
In addition, the sick note contains health data (just the information that a person is ill is enough), i.e. personal data of the special category (Art. 9 I GDPR). The data is therefore subject to special protection. This must be reflected in how the data is handled: Sick notes are not to be copied and they are to be disposed of properly so that no data is recognizable. Furthermore must not disclose health data from employees to third parties. Secure communication channels must also be used to transmit sick notes.
What may the employer ask?
In principle, the employer has a legitimate interest in receiving information about when and for how long an employee will be absent (Section 32 I 1 BDSG). In addition, employees are entitled to continued remuneration in the event of illness. For this situation, Section 5 of the Continued Remuneration Act (EntgFG) stipulates that the Employee to the employer immediately (i.e. without undue delay) if he is unfit for work and for how long this is likely to remain the case.
As a rule, a medical certificate must be submitted only after the third day of absence, but the employment contract may stipulate otherwise.
An exact reason for the absence does not have to be stated here from a legal point of view.
To whom may the employer disclose the illness?
In most companies, an illness also means that a replacement must be found for the sick colleague. If a team is affected, it usually has to reschedule entire processes. Any statements about the employee's state of health made by the employer to colleagues or other third parties are not permitted under data protection law. An exception to this may exist if the sick employee has consented. In addition, such processing of health data may be necessary for the fulfillment of obligations under the employment contract.
Colleagues must also be careful not to disclose information about the sick employee's health to customers, for example.
Conclusion
In the event of an employee's illness, a lot of particularly sensitive data is generated, which must be handled with appropriate care. It is not only the employer who must maintain an overview; the other employees must also be appropriately trained in data protection law.
English 
Deutsch 
Español 
Français 
Polski