This isn’t really a legal/privacy question as much as an IT/roles/admin access and implementation issue.
All good HRIS have roles that can be defined for levels of administration, where certain data is only visible to a manager depending on their role. Temporary access to limited data can be provided, and the HR manager can still be the gatekeeper.
https://www.researchgate.net/publication/336590973_Privacy_Security_and_Legal_Issues_for_HRIS
https://www.aihr.com/blog/implement-hris-human-resources-information-system/
https://www.theanswerco.com/confidentiality-keep-sensitive-data-safe-with-the-best-human-resource-information-system/
