If an employee has had a coronavirus test, can we require them to disclose evidence of their test results?
Obtaining an employee’s Covid-19 test result will amount to processing personal data for the purposes of the General Data Protection Regulation 2016/679 (GDPR) and information about an employee’s health is a special category of data (sensitive personal data under the Data Processing Act 2018 (DPA)).
In accordance with the GDPR and DPA, there must be lawful grounds for processing such information. Most employers rely on employees’ consent to obtain medical information and process sensitive personal data and if the employee is unwilling to give consent, you will not normally be entitled to the information.
Special category data can be processed lawfully if it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller. Employers may be able to require an employee to disclose their Covid-19 test if there is a substantial public interest, such as ensuring that the employee self-isolate if they have a positive test. However, there is a risk that this measure could be considered disproportionate particularly if it is enforced on all employees as a blanket measure.
Related FAQs
Employers will need to be flexible with employees who are unable to return to work at present due to childcare difficulties. While schools have reopened, a period of isolation may result in employees having to keep children off school/nursery and therefore have childcare issues. Some employees will be able to manage this with their partner and extended family, whereas others will not. Where an employee simply cannot make any other arrangements to care for their children in the short term then they will be unable to return to work until that situation changes. Any dismissals on the basis that someone is unable to return to work as a result of lack of childcare are likely to be unfair, at least in the short term where such employees may well be able to demonstrate that they had no options available to them.
As the coronavirus outbreak continues to develop, we have seen many countries begin to implement emergency procedures and legislation in an attempt to control the spread of the disease.
These have included bans on gatherings and public events, closures of shops, bars, restaurants and public spaces, and full lockdowns which restrict all but key workers to their homes except in certain limited circumstances.
This has a direct impact on businesses and their ability to operate. So what happens if a contract becomes impossible to perform because of emergency legislation?
For example:
- If you are a hospitality business, you have agreed to host an event, and gatherings are prohibited
- If you are a manufacturer or service provider, and your staff are required to remain at home, making performance of the contract impossible
It has also been proposed in the Corporate Insolvency and Governance Bill that public companies who were due to file their accounts in the period from 26 March 2020 to 30 September 2020 will have until the earlier of the 30 September 2020 and the date which is 12 months after the end of their relevant accounting period to do this.
This is separate from the pre-existing scheme, announced on 25 March 2020, whereby companies can apply to Companies House for a 3 month extension for filing their accounts.
The NHS Test and Trace service is operated by the NHS in England to track and help prevent the spread of COVID-19. Where an individual displays symptoms of coronavirus they can be tested to determine whether or not they have the disease. Those with the disease will then be contacted by NHS contact tracers and asked who they have come into close contract with.
Close contact is defined as:
- Face to face (within 1 metre)
- Spent more than 15 minutes within 2 metres of another person
- Travelled in a car or on a plane with another person
The contact tracer will then contact those people with whom the individual has come into close contact and tell them to self-isolate for 14 days.
In practice this means that any risk assessment will need to be reviewed constantly and adjusted as our understanding of the nature and level of the risk grows.
Some service-providers are instigating special Oversight Groups to keep this issue under review but engagement and consultation with those affected is critical and making sure they feel confident to raise concerns and refuse to work if they believe they are not safe.