• Facebook
  • Twitter
  • LinkedIn
Call us now: 01243 836 840   [email protected]
Pure Employment Law
  • Who We Are
    • Nicola Brown
    • Peter Stevens
    • Elena Elsam
    • David Jones
    • Linda Nye
    • Brenda Cherry
  • For Employers
    • Advice on HR and People issues
    • Investigations, Hearings and Appeals
    • Restructuring and Redundancy
    • Defending Employment Tribunal Claims
    • Dismissal of Senior Executives
    • Contracts, Handbooks and Policies
    • Employment Law Training
  • For Employees
    • Settlement Agreements
    • Workplace Issues including Disciplinary and Grievance
    • Bringing an Employment Tribunal Claim
  • Employment Law Events
  • Legal Updates
  • Testimonials
  • Vacancies
  • Contact us
  • Search
  • Menu Menu

Data protection issues on returning to work and Covid testing

25 September 2020

Coronavirus speech bubble

The Information Commissioner’s Office (ICO) has provided new guidance to assist employers in staying legally compliant with regard to data protection issues, if they seek health information from staff in the workplace or undertake Covid testing.

A statement directly from the Information Commissioner was included in the guidance, where she confirmed that Data Protection legislation does not prevent employers from asking employees whether they are experiencing coronavirus symptoms, and it also does not prevent them from introducing testing. However, she reminded employers of the importance of acting with transparency, fairness and proportionality.

The following six key data protection steps were detailed in the guidance:

1) Only to collect and use necessary data

The ICO suggests that employers should ask the following questions when deciding if the collection of health data is necessary:

• How will collecting extra personal information help keep the workplace safe?
• Do we really need the information?
• Could the same result be achieved without collecting personal information?
• If we carry out coronavirus testing, will the test help to provide a safe environment?

The ICO also highlighted that there are extra requirements to comply with if employers carry-out coronavirus symptom checking or testing, including identifying the appropriate lawful basis for using the collected information, and that if health data is going to be processed on a large scale then employers will need to do a data protection impact assessment. See the following link for more information from the ICO on symptom testing and checking: https://ico.org.uk/global/data-protection-and-coronavirus-information-hub/coronavirus-recovery-data-protection-advice-for-organisations/testing/

2) Keeping data collection to a minimum

The ICO assert the importance of not collecting more personal information than is required to implement measures ‘appropriately and effectively’. They also warn against unnecessarily creating permanent records where information needs only to be held on a temporary basis. This is a general principle of data protection law in any event, but it is worth remembering in the current situation.

3) Being clear, open and honest with employees about their data

The ICO is clear that employees must be told how and why it is proposed that employees’ personal information will be used. The guidance states that potential implications of data use should be outlined, including whether data would be shared with other parties and how long the information would be kept. It suggests referring to the employer’s Privacy Notice (if it has one). However, if the Privacy Notice is not detailed enough to apply to the current circumstances, the information above should still be provided.

4) Treat employees fairly

The ICO stresses that if any decisions are made about a staff member’s employment which are based upon health information collected about them, that decisions taken should be fair. The legal risks for an employer are higher where decisions result in detriment to employees or dismissal, and especially if actions could be discriminatory, even on an indirect basis. Inconsistency of treatment between individuals may also be a factor which can point to unfairness, unless that differential treatment can be legally justified.

5) Keep data secure

The ICO reminded employers that any personal data that is obtained must be kept securely, and urged them to consider having a retention policy which details how data will be reviewed, deleted or anonymised. It is also worth considering who will need to have access to the data and keeping access limited as far as possible.

6) Ensure staff can exercise their information rights

The ICO set out their expectation that organisations will inform individuals about their rights in relation to their personal data, such as the right of access to it or rectification of it, and give staff the opportunity to exercise their rights or internally raise any data protection questions or concerns they have. Concerns may be raised informally or as part of a formal grievance procedure and may include employees making Subject Access Requests to see the information that is being held about them.

The law and guidance in this area is likely to develop depending on how testing evolves, but in the meantime it is sensible for employers to be mindful of the above principles. While everyone wants to try to combat the virus and make their workplace as safe as possible, measures involving data collection do need to be measured and proportionate.

If you are an employer dealing with a data protection issue involving your employees, then we can help. Please call us on 01243 836840 for a no obligation chat, or email us at [email protected].

Please note that this update is not intended to be exhaustive or be a substitute for legal advice. The application of the law in this area will often depend upon the specific facts and you are advised to seek specific advice on any given scenario.
Share this article
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on LinkedIn
  • Share on Reddit
  • Share by Mail

Join our mailing list

* = required field
Mailing Lists


Recent Legal Updates

  • Update on Furlough 20th January 2021
  • Restricting Restrictive Covenants? 20th January 2021
  • Q&A: What to expect from a remote Tribunal hearing 20th January 2021
  • FAQs about COT3s 18th December 2020
  • Can an employer withdraw a notice of redundancy? 18th December 2020
Link to: Contact Us

Any questions? Why not get in touch!

Our advice is always given in plain English without any waffle, and we focus on providing practical solutions to our clients’ problems.

Contact us

LEGAL INFORMATION

Pure Employment Law | 1 Little London, Chichester, West Sussex, PO19 1PH
[email protected] | Tel: 01243 836840

Pure Employment Law is the trading name of Pure Employment Law Limited, registered in England and Wales with company number 07134294 and whose registered office is 1 Little London, Chichester, West Sussex, PO19 1PH. Pure Employment Law Limited is authorised and regulated by the Solicitors Regulation Authority with registration number 533794. A list of the company’s directors is available for inspection at the registered office

DISCLAIMER

The information contained in this website is for general information purposes only. The information is provided by Pure Employment Law and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.

Privacy Policy | Cookies Policy | Terms & Conditions | How to make a complaint | Sitemap

© Pure Employment Law 2021

Scroll to top

This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies as defined in our cookie policy.

Accept Cookie Policy

Cookie and Privacy Settings



How we use cookies

We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.

Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.

Essential Website Cookies

These cookies are strictly necessary to provide you with services available through our website and to use some of its features.

Because these cookies are strictly necessary to deliver the website, refuseing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.

We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.

We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.

Google Analytics Cookies

These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.

If you do not want that we track your visit to our site you can disable tracking in your browser here:

Other external services

We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.

Google Webfont Settings:

Google Map Settings:

Google reCaptcha Settings:

Vimeo and Youtube video embeds:

Other cookies

The following cookies are also needed - You can choose if you want to allow them:

Privacy Policy

You can read about our cookies and privacy settings in detail on our Privacy Policy Page.

Privacy Policy
Accept settingsHide notification only