If an employee has had a coronavirus test, can we require them to disclose evidence of their test results?
Obtaining an employee’s Covid-19 test result will amount to processing personal data for the purposes of the General Data Protection Regulation 2016/679 (GDPR) and information about an employee’s health is a special category of data (sensitive personal data under the Data Processing Act 2018 (DPA)).
In accordance with the GDPR and DPA, there must be lawful grounds for processing such information. Most employers rely on employees’ consent to obtain medical information and process sensitive personal data and if the employee is unwilling to give consent, you will not normally be entitled to the information.
Special category data can be processed lawfully if it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller. Employers may be able to require an employee to disclose their Covid-19 test if there is a substantial public interest, such as ensuring that the employee self-isolate if they have a positive test. However, there is a risk that this measure could be considered disproportionate particularly if it is enforced on all employees as a blanket measure.
Related FAQs
Privacy policy – You must make sure the relevant privacy policies deal with how you will process Covid-19 data. You should have an employee privacy policy and this may already deal with health data (if it doesn’t, it should). You might also need to look at privacy policies for customers, visitors and suppliers. This ensures that processing is lawful, fair and transparent.
Lawful processing conditions – You will need to consider which processing conditions you are relying on (remembering that you need both an Article 6 condition and an Article 9 condition – this is the part of the GDPR which deals with special category data). As a lot of the data you collect will be about employees, you can’t use consent so you will have to find another lawful reason under GDPR which allows you to process the data.
Appropriate policy document – When you are considering your Article 9 processing conditions, remember you must also have an “appropriate policy document” in place.
Processing record – Finally make sure your processing record is up to date with information on what data you collect and use.
Initially, the relaxation applied to supermarkets and food suppliers. This was subsequently widened to apply to other businesses, permitting them to collaborate where necessary to respond to the crisis in the interests of consumers.
If you don’t want to make redundancies, or if you can’t reduce employee resource, either in a particular department or across the workforce as a whole, then you need to think about alternatives to redundancy.
Equally, you may want to flex the resource you have available to you – without making drastic changes. For example you may want to consider:
- unpaid leave and sabbaticals
- retraining and redeploying
- forcing annual leave
- flexible working
- capability issues
- lay off
- short time working
- reductions in salary
- reductions in working hours
- changing to shift working
The NHS Test and Trace service is operated by the NHS in England to track and help prevent the spread of COVID-19. Where an individual displays symptoms of coronavirus they can be tested to determine whether or not they have the disease. Those with the disease will then be contacted by NHS contact tracers and asked who they have come into close contract with.
Close contact is defined as:
- Face to face (within 1 metre)
- Spent more than 15 minutes within 2 metres of another person
- Travelled in a car or on a plane with another person
The contact tracer will then contact those people with whom the individual has come into close contact and tell them to self-isolate for 14 days.
Your lawyers can take your instructions by telephone, Skype, Zoom or a similar tool. However, the formal requirement to make a valid Will requires two witnesses to be present with you when you sign the Will and they must then add their signatures. The witnesses or their spouse cannot be beneficiaries or they will forfeit their inheritance.
The main challenge is how to have your witnesses with you at a time when we are being advised to socially distance. One option would be for the witnesses to stand outside your window or at a safe distance from you where they have a clear line of sight. The witnesses can watch you sign and then you could post your Will through your letterbox or leave it on a surface for them to pick up so that they can then sign their names too. If the witnesses live together then they do not need to keep two meters apart from each other.
The Wills Act 1837 requires that your witnesses must be physically present when you sign your Will and therefore it is not possible to do this by Skype, Zoom or similar video conferencing means. You may however want to video record the process by which you and your witnesses signed your Will so that you have a record of what was done, particularly if you are worried that someone might challenge the validity of your Will in due course. You can of course re-execute your Will once social distancing has been relaxed if you are particularly concerned.
Be aware that the virus can remain on documents for more than 24 hours so it would be sensible for everyone to wear disposable gloves and in any event to wash hands thoroughly after handling the Will.
Emergency legislation may be passed regarding the requirement to make a valid Will but you must follow the current rules unless or until new legislation is passed.