Health data refers to personal information (also called personal data) that relates to the health status of a person. This includes both medical data (doctor referrals and prescriptions, medical examination reports, laboratory tests, radiographs, etc.), but also administrative and financial information about health (the scheduling of medical appointments, invoices for healthcare services and medical certificates for sick leave management, etc.). Health data is considered sensitive data and is subject to particularly strict rules and can only be processed by health professionals who are bound by the obligation of medical secrecy. Furthermore, the organisation shall take the necessary security measures to ensure that the health data is protected and not subject to any unauthorised disclosure.
At UK/EU-level institutions and bodies collect and process health data of staff and sometimes members of their family for several purposes, such as pre-recruitment medical examination, annual medical visits, sick leave management, request to work part time to care for a seriously ill or disabled family member, etc.