Vorabkontrolle

Opinion of 5 December 2008 on the notification for prior checking regarding data processing in the Flexitime management and checking system (Case 2008-173)

Flexitime was introduced in order to manage staff working hours more effectively and provide greater flexibility. The flexitime system is managed by the EFFICIENT database. It imports data relating to individuals, missions and absences (official leave, sick leave, etc.) from the SIC CONGES database and also from the Mission application developed by the Court of Auditors since training absences are recorded by the training department.

The proposed processing operation would not appear to involve any breach of the provisions of Regulation (EC) No 45/2001, provided that the Court of Auditors reviews access rights, the data storage period and the content of information and the manner of providing it.

Opinion of 5 December 2008 on a notification for prior checking concerning the evaluation of interpreters (Case 2008-578)

Opinion of 4 December 2008 on a notification for prior checking regarding the "Coordination of medical, psychosocial and administrative support (COMPAS)" (Case 2008-428)

The European Commission designed a system called "Coordination of medical, psychosocial and administrative support" (COMPAS) to coordinate in a multi-disciplinary fashion the provision of help to staff in active employment. COMPAS will be a counselling facility designed to help individuals who are encountering serious health problem or serious social difficulties due to private or professional reason which interferes with their presence or performance at work. The system is based on the ad- hoc cooperation of several services within the European Commission. In principle COMPAS can only be seized for cases meeting certain criteria where all other single-service solutions and procedures have been properly tackled and exploited beforehand without success. The categories of concerned data subjects are officials and agents who are covered by the Staff Regulations and who encounter serious health problems or serious social difficulties. COMPAS will affect broad categories of personal data which will be used by the services in the interdisciplinary approach: administrative, medical and/or social data.

The EDPS analysis of the processing operations lead to a number of recommendations ensuring that the planned system will be in full compliance with Regulation 45/2001, inter alia: The COMPAS procedure should be run only with the express consent of the staff member concerned. Appropriate measures should be put in place to ensure that all working documents, not needed to be annexed to a COMPAS file, are destroyed by the persons involved from the concerned services once a case is closed. The right of access of the person concerned to his/her file also should include the right to take copies of the data related to him/her. The content of the privacy statement should be revised as to the legal basis and the categories of data recipients. COMPAS should make clear distinction related to the professional secrecy obligation of medical doctors/psychologist and any other professional involved in the COMPAS procedure. Measures should be put in place to ensure those principles.

Opinion of 26 November 2008 on a notification for prior checking regarding the "certification procedure" case (Case 2008-475)

The Economic and Social Committee organises a procedure to select officials to be authorised to participate in training in the framework of the certification procedure, under Article 45a of the Staff Regulations of Officials of the European Communities. The processing operation consists of the receipt, processing and analysis of applications received in the framework of the certification procedure which enables staff at grade AST 5 and above to be appointed as administrators.

The proposed processing does not appear to involve any infringement of the provision of Regulation (EC) No 45/2001, so long as the European Economic and Social Committee guarantees the rights of access to the files and the data quality, informs recipients that they may not use the data for other purposes, reassesses the data storage period and reviews the information provided and how it is provided.

Opinion of 25 November 2008 on the notification for prior checking on the supplementary aid for the disabled (Case 2008-388)

The processing called "Supplementary aid for the disabled", managed by the Welfare Unit, concerns the covering of non-medical expenses of a disabled person, with the individual making a contribution. After exhausting the possibilities of national and statutory aid, and under conditions established by the 2004 guidelines, the data subject can request aid, and data are then collected for the payment/reimbursement of an invoice and for the establishment of the level of the individual's contribution.

Data on health are processed, because additional financial aid for disabled persons can only be granted on the basis of medical reports and invoices concerning the processing necessary for the disability. Furthermore, supporting documents on occupational income, retirement pensions, family allowances and other information given to the welfare officer etc. are provided, so a number of aspects of the data subject's individual situation are assessed, namely financial, family, occupational and social circumstances. This processing operation therefore falls within the scope of the prior checking procedure based on Article 27(2)(a) and (b) of the Regulation.

In its recommendations, the EDPS emphasised inter alia that the GSC conveys to the welfare officer taking notes during discussions and to the welfare unit team responsible for the dossiers the obligation to comply with the principle set out in Article 4(1)(c) of the Regulation. The EDPS also recommended that as a general rule, the right of access and of rectification should be granted to the data subject as regards the personal notes of the welfare officer, in the light of the proportionality principle, other than in legitimate exceptional cases. It was also recommended that an order be drafted with the medical experts in the light of Article 23 of the Regulation.