by Breda O'Malley , Matthew Austin January-22-2021 in Data Protection, Employment Law, COVID-19
With the roll out of the COVID-19 vaccine across the country, it is important for employers to consider their role in the process and the potential impact for their workforce.
Can an employer require its employees to be vaccinated?
The short answer is no. There is high risk involved in mandating that employees be vaccinated. We all have a right to privacy, autonomy, and bodily integrity under the Constitution. The right to bodily integrity is the right not to have your body or person unjustifiably interfered with.
Employees are also protected by the Employment Equality Acts 1998 to 2011 and cannot be discriminated against on any of the 9 grounds identified in that Act, including religion and disability. An employee may choose not to receive the COVID-19 vaccine on the grounds of religious beliefs, or for medical reasons where it is deemed unsuitable for them to receive the vaccine e.g. allergies or pregnancy.
An employer can actively encourage its employees to receive the vaccine and may even facilitate this in the workplace by arranging a health professional to administer the vaccine at a time that suits the employee. However, an employer cannot mandate that employees are vaccinated without exposing itself to serious risk of discrimination and other legal claims.
Can I discipline or dismiss an employee who is refusing to be vaccinated?
There would be an even higher risk for the employer if they were to discipline or dismiss an employee for not having the COVID-19 vaccine. It could result in employment law claims being brought by employee against the employer such as unfair dismissal, discrimination and/or victimisation claims.
This is an extremely sensitive issue which requires careful consideration and planning by the employer. As mentioned, there may be a number of reasons why an employee will not or legitimately cannot receive the vaccine. Where an employee is not vaccinated, it is advisable that the employer explore all reasonable alternatives for that employee in order to accommodate them, such as a working from home arrangement.
How do I provide a safe place to work in circumstances where some employees are not vaccinated?
It is important for employers to always follow public health guidance and advice in the first instance. The Government has also published the Work Safely Protocol – further information on this protocol can be found here. In essence, this protocol provides information to employers on measures that need to be implemented to ensure that workplaces can operate safely. This was last updated in November 2020 and is likely to be updated again in response to the COVID-19 vaccinations being rolled out across the country.
There remains the possibility that a vaccinated person could be a carrier of the COVID-19 virus and still transmit it to another person. This raises questions about the vulnerability of unvaccinated workers attending at the workplace. The question that must be considered by the employer is whether redeployment or working from home is a reasonable accommodation for these unvaccinated employees.
Until such time as the Health and Safety Authority or Government issues guidance to employers on this, it is important for employers to keep in mind that they are legally required to provide a safe place of work for their employees under the Safety, Health and Welfare at Work Act, 2005.
It is advised that all employers revisit their Safety Statement and COVID-19 Response Plan in light of the introduction of the COVID-19 vaccine in Ireland. Employers should carry out a risk assessment and determine what their business requirements and needs are and how necessary it is for employees to be vaccinated. It may be that certain businesses can continue to operate as usual with most employees from home. Whatever the outcome of the risk assessment, it is imperative that it is communicated clearly to all employees.
Data Protection considerations – Can employers ask employees to disclose if they have been vaccinated?
The Data Protection Commissioner (“DPC”) has not yet issued guidance for employers on the processing of information in relation to the COVID-19 vaccination, or on whether employers can ask employees to disclose if they have had the vaccine. However, we know that data protection laws should never inhibit the provision of healthcare and/or attending to public health issues. Many steps that employers have had to take to prevent the spread of COVID-19 since March 2020, already involves the processing of their employees’ personal data.
Employers must have a legal basis to process an employee’s personal data under Article 6 and, in the context of health data, under Article 9 of the GDPR. A strong justification for asking employees to disclose this information will need to be established and suitable safeguards put in place to process this data. It may be that the collection of this information is necessary and required for an employer to fulfil its legal obligation to provide a safe place of work for its employees. If this is the case, then it will likely be permissible to collect and process this personal health data under Article 9 of the GDPR and Section 53 of the Data Protection Act, 2018. However, the employer will need to ensure that the organisation’s privacy statement as it relates to the processing of employees’ personal data (required by Article 13 of the GDPR) caters for the processing of employee data of this nature. The organisation’s record of personal data processing activities (required by Article 30 of the GDPR) will also need to be reviewed.
Employers must now begin to consider putting in place strict measures for how employees will be informed, how this data will be collected and processed, how long this data will be retained for and how it will be kept confidential.
The DPC issued advice in March 2020 on the collection and processing of personal data in the context of preventing the spread of COVID-19. The DPC advised that only the minimum necessary amount of data required should be processed for the purpose of implementing COVID-19 measures and that data controllers should ensure each step in the decision-making process concerning the implantation is documented. This advice remains pertinent today and should be followed by all employers when embarking on this unknown territory.
Do other employees have a right to know if their colleagues have been vaccinated?
Employers should avoid, where possible, disclosing to other employees who in the workforce has been vaccinated. It is essential that employees’ personal data is kept strictly confidential unless there is a legitimate and lawful basis for needing to disclose this information. If it is absolutely necessary to disclose such information, there should be open communication with the employee to inform them that such disclosure will be made and, if appropriate, the reasons why. An employer’s obligation to ensure the health and safety of employees must be always balanced with an employee’s right to privacy.
What must employers do:
- Carry out a health and safety risk assessment and keep it under review.
- Revisit and update COVID-19 Response Plan and Safety Statement.
- Determine business needs and if there is a requirement to have employees vaccinated before returning to the workplace.
- Communicate to employees the Company’s COVID-19 Response Plan and any new health and safety measures that will be implemented.
- Monitor public health advice and guidance from the DPC for any further direction and information concerning the COVID-19 vaccine in the employment context.
For further information on any of the issues raised above, please contact Breda O'Malley bomalley@hayes-solicitors.ie or Matthew Austin maustin@hayes-solicitors.ie.
Back to Full NewsShare this article:
About the Authors
Breda O'Malley
Breda is a partner in the Employment Law Team at Hayes solicitors.
Breda advises on the full range employment issues across a broad range of sectors, for established business clients and senior executives.
Matthew Austin
Matthew is a partner in the Commercial & Business team and has considerable expertise in a range of practice areas, having acted for Irish and International clients in domestic and multi-jurisdictional issues. Matthew has advised in civil and administrative law disputes and in regulatory and advisory matters including insolvency/restructuring, IP, defamation and media law, competition and consumer protection and data protection.