Fitness for Work Assessment
What Personal Data are we collecting?
We request the
following Personal Data: name; contact details; date of birth; position applying
for; assigned recruiter; prospective work location, supervisor, and department; health
information; gender; need for reasonable accommodation to work environment, lifestyle
choices, and occupational hazard exposure history.
What sensitive Personal
Data is being collected?
We need to collect
information about your health to conduct an occupational health assessment as part of
your onboarding process with KAUST. Health data is considered sensitive data under the
Where do we get your Personal Data?
Your Personal Data
will be collected by KAUST's Occupational Health Specialist, contactable at
collects your Personal Data via a webform, and, if additional information is required,
he/she will reach out to you via phone, email or video conference.
Why do we collect your Personal
We gather this information to ensure, so far as is
reasonably possible, that you are fit for work activities you could be undertaking to
protect your own and others' health and safety, and to assist KAUST in creating and
maintaining a safe working environment. Your Personal Data will not be processed later
in a manner inconsistent with the purpose of assessing fitness for work, except as
provided or required by law.
Do I need to provide all of the information requested?
KAUST requires the completion of this questionnaire as a condition of any offer of
employment; thus, all responses to the webform are mandatory. Failure to fully
complete this form may result in you being ineligible for a position with
Why are we able to process your Personal Data?
Saudi Labor Law and its implementing regulation, prospective employers may require
a medical assessment prior to employment. Under the GDPR, we may collect this
information as a step prior to entering into an employment contract. KAUST also has a
legitimate interest in creating and maintaining a safe working
Does the processing involve profiling and/or any automated
No. KAUST does not rely on any automated
decision-making or conduct any profiling in this process.
Who do we share your Personal Data with, and how do they
process the Personal Data?
We only share your
Personal Data with KAUST's Occupational Health Specialist who will not disclose any
Personal Data contained in the form and will only notify your HR Recruiter of your
clearance status, either "fit for work," "not fit for work," or
"pending – further information required." In some cases, KAUST's Occupational
Health Specialist consults with a Dr. Soliman Fakeeh Hospital physician if further
assessments are required to determine fitness. KAUST's Occupational Health Specialist
will reach out to you if additional information is required and will only update your HR
Recruiter as to the final clearance status. If deemed "not fit for work," your
HR Recruiter will notify the hiring manager and the relevant HR manager of the "not
fit for work" status.
How do we protect your Personal Data?
Your completed form
and any additional information provided will be held strictly confidential, accessible
only to KAUST's Occupational Health Specialist. All KAUST employees are required to sign
and comply with KAUST's confidentiality agreement, which requires handling confidential
information with the highest diligence and carefulness, in compliance with data privacy
laws, and prohibits disclosure beyond a strict need-to-know basis. The completed form
and any additional information are treated as confidential medical records and retained
separately by KAUST Occupational Health; these files will not be added to the usual HR
The webform used for collecting your Personal Data
will be protected with with encryption in transit and at rest on Formstack. Formstack
uses AWS in the United States to host its data. Any information received over email will
be stored with strict access-controls and password protection on Microsoft Office 365
applications, which hosts the data in North America or Europe. The European Commission
does not consider the United States to offer an adequate level of data
protection. For more information about the technical measures KAUST applies to
protect your Personal Data, please see KAUST's
Minimum Security Standard,
How long do we keep your Personal
Your Personal Data are permanently retained.