Data ProtectionPrivacy

The Italian Data Protection Authority updates its position of Covid-19 checks

The Garante adopted a more "liberal" approach without clarifying its view on a number of issues

Employees recently started returning to work, and the Italian data protection authority issued a new position of Covid-19 checks.

At the beginning of the Covid-19 emergency, the Italian data protection authority had taken a stringent position on checks performed on employees, basically banning any sort of check or request of information. At that time, I had published the article, “Are your Coronavirus checks privacy compliant?“. But the growth of the Covid-19 emergency led privacy authorities to change their position.

The new position of the Italian data protection authority on Covid-19 checks

The Garante now issued its FAQs on checks performed to limit the risk of Coronavirus contagion which can be summarised as follows for activities conducted by companies

  1. Body temperature checks can be performed, but the detected temperature can never be recorded, only in case of employees it is possible to note the detection of temperature above the required threshold;
  2. Individuals can be asked to execute self-declarations on not being exposed to Covid-19 contagion during the previous 14 days as a condition to accessing to an office, but the addressed questions need to comply with the data minimization principle;
  3. The medical practitioner in charge of assessing the suitability of employees to the working activity shall inform the employer about employees that are at high risk of contagion because of their previous diseases, but shall never disclose the nature of prior conditions affecting the individual; and
  4. Employers can never disclose to other employees the identity of workers infected by Covid-19, while they shall cooperate with authorities to track potentials contacts with infected individuals.

My view on the questions left open by the Garante

Giulio CoraggioThe Italian data protection authority seems to have adopted a conservative approach. It confirmed positions already expressed in the anticontagion protocol agreed between the Italian Government and trade unions, but did not clarify its position on other types of practices.

During the coming weeks, several companies are planning to run tests on their employees, and a clear position of the Garante would have helped to understand their view on for instance whether

  • such tests can be imposed and at what conditions,
  • tracking Apps can be used to profile employees and assess potential risks and
  • questionnaires can reach a higher level of detail, rather than a few declarations that prevent a full assessment of the risk.

I believe that a paramount role in assessing the risk of contagion is taken by the medical practitioner in charge of determining the suitability of employees to the working activity. He/she will have access to information that cannot be disclosed to employers, but once a potential risk is detected, shall cooperate with employers to identify the measures aimed at minimizing the risk exposure.

On the same topic, you may find interesting the article “How to deal with employees returning to work during Covid-19 emergency“. We are extensively working on the topic that is really important since any mispractice might lead not only to disputes and sanctions but also could impair the future career of individuals.

Don't miss our weekly insights

Show More

Giulio Coraggio

I am the location head of the Italian Intellectual Property & Technology department and the global co-head of the IoT and Gaming and Gambling groups at the world-leading law firm DLA Piper. IoT and artificial intelligence influencer and FinTech and blockchain expert, finding solutions to what's next for our client's success.

Related Articles

Back to top button