What you should know about procedures on leave management
Leave management, i.e. the administration of annual leave, special leave, sick leave, recuperation of overtime etc., is a routine part of the daily work of Human Resources (HR) departments in EU institutions and bodies. This work includes the collection and processing of personal data (also known as personal information) of staff and sometimes of members of their family. These procedures may relate to the processing of health-related information (sensitive data) and are necessary to establish, for instance, whether sick leave is justified or whether a member of staff is entitled to maternity leave.
However, since special leave (for moving, marriage, death of family member, sickness of a child, voting, etc.) must be justified by providing supporting documents, other kinds of personal information may also be involved. Medical certificates, death certificates and information related to medical tests, sickness and accident insurance are also likely to be collected and processed.
What are the main data protection issues?
Data quality - It is important not to process more personal data than necessary. How? By only collecting relevant - and not more information than necessary - in the first place. In addition, medical certificates and other medical data (referrals from doctors, medical examination reports, laboratory tests, etc.) should be handled only by the medical service of the institution - not by the HR department. The latter should only receive the administrative data necessary to process the sick leave (for example the number of days of sick leave).
Right of information - Staff members must be informed about their rights and for what purposes their information is processed. Such information must be specifically communicated to staff members when a new procedure is being introduced and made permanently available (for example via the intranet of the organisation). This ensures that staff members have access to the information at all times.
Right of access - Staff members should be allowed to access their leave-related information to be able to verify whether it is accurate and to have it corrected if it is not. They must be informed about how they can do so.
Retention period - Organisations must make sure that information relating to leave management is not kept on their files for longer than necessary. Clear retention periods must be established. These can vary in accordance with the type of leave concerned.
Data security - Given the sensitivity of the processing of health-related data, all HR staff dealing with leave request procedures should sign a specific confidentiality declaration and they should be reminded of their confidentiality obligations regularly.
The following non-exhaustive list is a selection of documents for further reading:
EDPS Guidelines concerning the processing of personal data in the area of leave and flexitime
EDPS Guidelines on the processing of health data in the workplace
EDPS prior-check Opinion:
EDPS Opinion on leave management at EMA (case 2011-0851)