Fitness for Work Assessment

1. What Personal Data are we collecting? 
   
   We request the following Personal Data: name; contact details; date of birth; position applying for; assigned recruiter; prospective work location, supervisor, and department; health information; gender; need for reasonable accommodation to work environment, lifestyle choices, and occupational hazard exposure history. 
   
   
2. What sensitive Personal Data is being collected?  
   
   We need to collect information about your health to conduct an occupational health assessment as part of your onboarding process with KAUST. Health data is considered sensitive data under the PDPL.  
   
   
3. Where do we get your Personal Data? 
   
   Your Personal Data will be collected by KAUST's Occupational Health Specialist, contactable at occupational.health@kaust.edu.sa, who collects your Personal Data via a webform, and, if additional information is required, he/she will reach out to you via phone, email or video conference.  
   
   
4. Why do we collect your Personal Data? 
   
   We gather this information to ensure, so far as is reasonably possible, that you are fit for work activities you could be undertaking to protect your own and others' health and safety, and to assist KAUST in creating and maintaining a safe working environment. Your Personal Data will not be processed later in a manner inconsistent with the purpose of assessing fitness for work, except as provided or required by law. 
   
   
5. Do I need to provide all of the information requested?
   
   Yes. KAUST requires the completion of this questionnaire as a condition of any offer of employment; thus, all responses to the webform are mandatory. Failure to fully complete this form may result in you being ineligible for a position with KAUST. 
   
   
6. Why are we able to process your Personal Data? 
   
   Under the Saudi Labor Law and its implementing regulation, prospective employers may require a medical assessment prior to employment. Under the GDPR, we may collect this information as a step prior to entering into an employment contract. KAUST also has a legitimate interest in creating and maintaining a safe working environment.  
   
   
7. Does the processing involve profiling and/or any automated decision-making? 
   
   No. KAUST does not rely on any automated decision-making or conduct any profiling in this process. 
   
   
8. Who do we share your Personal Data with, and how do they process the Personal Data? 
   
   We only share your Personal Data with KAUST's Occupational Health Specialist who will not disclose any Personal Data contained in the form and will only notify your HR Recruiter of your clearance status, either "fit for work," "not fit for work," or "pending – further information required." In some cases, KAUST's Occupational Health Specialist consults with a Dr. Soliman Fakeeh Hospital physician if further assessments are required to determine fitness. KAUST's Occupational Health Specialist will reach out to you if additional information is required and will only update your HR Recruiter as to the final clearance status. If deemed "not fit for work," your HR Recruiter will notify the hiring manager and the relevant HR manager of the "not fit for work" status.
   
   
9. How do we protect your Personal Data? 
   
   Your completed form and any additional information provided will be held strictly confidential, accessible only to KAUST's Occupational Health Specialist. All KAUST employees are required to sign and comply with KAUST's confidentiality agreement, which requires handling confidential information with the highest diligence and carefulness, in compliance with data privacy laws, and prohibits disclosure beyond a strict need-to-know basis. The completed form and any additional information are treated as confidential medical records and retained separately by KAUST Occupational Health; these files will not be added to the usual HR personnel files.  
   
   The webform used for collecting your Personal Data will be protected with with encryption in transit and at rest on Formstack. Formstack uses AWS in the United States to host its data. Any information received over email will be stored with strict access-controls and password protection on Microsoft Office 365 applications, which hosts the data in North America or Europe. The European Commission does not consider the United States to offer an adequate level of data protection. For more information about the technical measures KAUST applies to protect your Personal Data, please see KAUST's Minimum Security Standard, Information Security Policy, and Data Classification Procedure. 
   
   
10. How long do we keep your Personal Data?  
    Your Personal Data are permanently retained.   

 

Back to Job Applicants page