COVID-19 and health data protection

 

1. THE EMPLOYER MAY NOT, IN PRINCIPLE, COLLECT HEALTH DATA RELATING TO COVID-19

In principle, the employer may not take measures likely to infringe on the privacy of its employees, in particular by collecting health data or information relating to the search for possible symptoms (art. 9 of the GDPR and art. 6 of the Data Protection Act).

In this regard, the National Commission for Data Protection and Liberties (CNIL-France) has just specified, in its recommendations on Covid-19 published on March 6, 2020, that it is impossible for the employer to implement, for example:

  • body temperature readings of its employees;
  • the collection of medical information via forms or questionnaires.

These bans also apply to visitors.

2. THE COLLECTION OF HEALTH DATA BY THE EMPLOYER REMAINS HOWEVER POSSIBLE IN THE FOLLOWING CASES

     a) When the data are voluntarily provided by the employee

As the person responsible for the health and safety of its employees (art. L. 4121-1 of the Labour Code), the employer may raise awareness among its employees and invite them to communicate, if necessary via dedicated communication channels, personal information related to possible exposure to Covid-19. In this case, it is recommended that the employer collects the express consent of the employee, in order to legitimize the collection of his health data (Art. 9.2 (a) of the GDPR).

In any event, insofar as it is the employee’s responsibility to safeguard the health and safety of others and of himself in the workplace (art. L. 4122-1 of the Labour Code), the employee is required to inform his employer spontaneously in the event of suspicion of contact with Covid-19.

The processing of this information must then be limited to the sole management of suspected exposure to the virus.

     b) When collection is requested by the health authorities

If health authorities were to request the collection of employees’ health data from employers, those could then base the lawfulness of their collection on “processing necessary on grounds of public interest in the field of public health, such as protection against serious cross-border threats to health” (cf. art. 9.2, i of the GDPR and its recitals 46 and 52).

3. RECOMMENDATIONS

In the event of a report of possible exposure to Covid-19 by an employee, it is recommended to the employer:

  • to record (1.) the data provided by the employee (such as the date of exposure to Covid-19 or the identity of the person suspected of having been exposed) as well as (2.) the organisational measures taken (e.g. containment, teleworking, contact with occupational medicine specialist);
  • to store such data for a period not exceeding the duration of the purpose for which they are processed (Article 5 of the RGPD);
  • to amend the Employee Privacy Policy accordingly;
  • to take into account this treatment in the Treatment Registry ;
  • to adopt all measures to ensure appropriate security of such health data.

Our last newsletters

Sanctions Against Russia. Recent Developments

On 23 February 2024 European Union and the United States introduced a new round of sanctions targeting Russia. The 13th package of European sanctions provides for new individual sanctions, sectoral sanctions, export restrictions. Additionally, EU added the United Kingdom to the list of partner countries for the iron and steel import restrictions. American sanctions include […]

Moscow Desk

+

Newsflash – Corporate – Venture Capital – French government announcements to support Innovative Startup Companies (JEI)

For the occasion of the French Tech’s 10th anniversary, new measures stemming from the  report of Parliament Member Paul Midy (for which Jeantet had been consulted) have been announced. These measures, which aim at supporting the French startup ecosystem, should be included in the next Finance Act for 2024. ► Doubling of companies eligible to […]

| CORPORATE – M&A – PRIVATE EQUITY

+

Russian Counter Measures. Recent Developments

On 23 August, the Russian Ministry of Finance partially lifted a ban for the payment of dividends to foreign shareholders in case such shareholders have invested in the Russian economy. On 8 August, the Russian President suspended certain provisions of double tax treaties. Suspended provisions include tax regime for dividends, real estate, business profit, etc […]

Moscow Desk

+

Sanctions Against Russia. Recent Developments

On 23 June 2023, the EU introduced 11th package of sanctions. It primarily focuses on measures that would prevent circumvention of sanctions. It also includes new import and export restrictions and individual designations. Switzerland has joined European Union in sanctions targeting entities and individuals and may join other sanctions within the 11th package in August. […]

Moscow Desk

+

Newsletter – Tax law

Read the Jeantet Newsletter dedicated to Tax Law, covering issues related to : Transactional taxation Group taxation International Taxation Taxation of LBO transactions Non-profit organizations For more information, please download the Newsletter.

Paris | TAX

+

Russian Counter Measures

On 25 April 2023 Russian President issued a decree establishing cases authorizing him to introduce the regime of external management of certain assets owned by foreign residents. Namely, under the decree, the President may establish the regime of external management, if Russia, or its entities and individuals become deprived or risk of being deprived of […]

Moscow Desk

+

Russian counter measures and measures aimed at business support. Recent developments

Special regime for transactions involving securities On 3 March 2023 Russian President issued Decree No. 138 establishing additional measures involving securities. Namely, the new Decree establishes a specific procedure for transactions / operations involving: shares of Russian joint-stock companies, sovereign bonds, bonds of a Russian issuer, held in collective safe custody of a Russian depository, […]

Moscow Desk

+

Sanctions against Russia. Recent developments (2 march 2023 update)

By the end of February, the EU, US and UK announced new rounds of sanctions, all of them including restrictions targeting prominent Russian financial institutions The EU package includes individual listings of Russian entities and individuals and additional exports restrictions. The US sanctions provide for sectoral sanctions targeting Russian mining and metals sector, as well […]

Moscow Desk

+

Russian counter measures. Recent developments ( 12 january 2023 update)

Governmental Commission on Foreign Investments revised rules on the sale of assets and the payment of dividends On 30 December 2022, Russian Governmental Subcommission of the Commission of the Ministry of Finance on Foreign Investments (the – Commission) published revised rules and criteria for authorization of the sale of assets in Russian companies involving persons […]

Moscow Desk

+

Sanctions against Russia. Recent Developments (21 December 2022 update)

This December, the EU introduced a series of restrictive measures targeting Russia. Council of the EU approved the ninth package of sanctions. Additionally, the European Commission proposed framework that would amend the Lisbon Treaty and harmonize criminalization of violation of sanctions at the level of the Union. Finally, the EU introduced a price cap for […]

Moscow Desk

+

Russian counter measures. Recent developments (21 December 2022 update)

Russia has adopted a series of new measures. Namely, the President introduced new restrictions concerning certain transactions involving credit organizations and joint-stock companies that are not credit organizations. The Russian Central Bank issued decision expanding the scope of application of type C accounts. Moreover, the Ministry of Finance issued clarifications on the scope of transactions […]

Moscow Desk

+