The NHS COVID-19 App was introduced in the UK on 24 September. Many welcome its arrival as another step to contain the spread of COVID-19, while others are concerned about using the app for data and privacy reasons. In this article Helen Farr, a partner at Taylor Wessing, explores the potential legal implications for companies banning staff from using the app while at work.
[Credit: Ascannio/Shutterstock.com]
Employers in the UK life sciences sector face a dilemma. It is not mandatory for staff to use the National Health Service (NHS)’s COVID-19 Test and Trace app, so employers can either leave the choice to download to the employee; or express a view about whether the app should or should not be used in the workplace. This is particularly relevant for those businesses who provide work devices to their employees.
This report addresses the key factors shaping pharmaceutical formulation, including regulation, QC and analysis.
Access the full report now to discover the techniques, tools and innovations that are transforming pharmaceutical formulation, and learn how to position your organisation for long-term success.
What you’ll discover:
Key trends shaping the pharmaceutical formulation sector
Innovations leading progress in pharmaceutical formulation and how senior professionals can harness their benefits
Considerations and best practices when utilising QbD during formulation of oral solid dosage forms
Companies could introduce a requirement that employees use the tracing app on a device that they provide to their staff. If it is not possible to guarantee social distancing between staff in the workplace there are compelling arguments for this approach. Use of the app is another way to protect health and safety in the workplace and should help to minimise sickness absence.
Life sciences employers face the dilemma of balancing the need to protect the health and safety of their staff at work and protecting their personal data…”
If a business wants employees to use the app and intends to process personal data produced as a result, it needs to take advice on whether this complies with its obligations under General Data Protection Regulation (GDPR) and the Data Protection Act 2018. Employers also need to be satisfied about the security of data if they mandate that employees must use the app and share their health data with the employer.
It is difficult to require employees to use the app outside work because doing so could infringe employees’ privacy and would not be a reasonable management instruction. Weighing up these considerations, businesses may take the view that the benefit of requiring staff to use the app at work is limited.
If employees do use the app then the employer must rely on employees’ self-declaration of exposure to infection. For employees who can work from home during any period of isolation this is fine as their pay and ability to work will not be affected.
However, for life sciences business many employees are lab based and cannot work during any period of self-isolation. As a result, their willingness to make a self-declaration is likely to be based on how they are paid during any period of self-isolation. Statutory Sick Pay (SSP) is available for those who are required to self-isolate, but its low rate could deter some asymptomatic employees from reporting exposure.
Is it better that employees do not use the app at work?
This approach has been taken by some companies, for example GlaxoSmithKline (GSK). It has been reported that the pharmaceuticals giant has told staff working at its R&D labs and manufacturing sites to switch off the app when at work. GSK has said that it has taken this step because these working environments are highly controlled and the company is “following the highest COVID-19 security and protection protocols.”
Other businesses are concerned that the app is not sophisticated enough. Because the app is based on phone contact rather than personal contact, it can in certain situations result in misleading results. For example, if bags containing phones are left in lockers away from work stations the contact with other phones left in lockers can trigger the requirement for self-isolation, even though the users of the phones have not been in close contact in the workplace. A concern in this instance is that large numbers of people will be required to stay away from work unnecessarily.
Life sciences businesses employing those working in labs or in closely controlled working environments may choose to follow GSK’s lead. But before doing so, they must be confident that they are able to offer and maintain the highest standards of protection against COVID-19.
Even if these conditions exist, employers should be aware that in the frequently asked questions section of the government guidance on the use of the app, it is still an important part of the defence against COVID-19.
Considering this, some employees may feel strongly that they should be allowed to continue to use the app at work as part of their fight against the disease. Forcing staff to switch off the app could result in employee relations issues. Many stakeholders may also view this negatively and so there could be problems relating to reputation management from this decision.
These concerns mean that the pressure on businesses to be confident that they are taking all steps to protect the health and safety of their employees in the workplace using other measures increases. It also puts pressure on businesses to give clear messages about these steps to concerned staff and relevant stakeholders.
Does taking the step of requiring employees not to use the app at work increase the risk profile for the business?
No employer can prevent an employee from using the app outside work. If an employee develops COVID-19 symptoms but has used the app outside the workplace, without being requested to self-isolate through it, it strongly suggests that the illness has been contracted in the workplace. This potentially enhances the risk of a claim against the employer, especially if the ill employee can point to occasions when the employer’s COVID-19 defences were breached.
The introduction of the NHS COVID-19 App in the UK is an important part of the fight to stop the spread of the coronavirus. Life sciences employers face the dilemma of balancing the need to protect the health and safety of their staff at work and protecting their personal data with the need to ensure that their businesses remain operational and productivity is maintained. The question of whether to require employees to download this app is one element for life sciences to consider as part of this balancing exercise.
About the author
Helen Farr is a partner at Taylor Wessing. Her practice covers the full spectrum of employment law and human resources strategy with extensive experience in complex advisory and litigation projects. Helen has particular expertise of working with clients in the financial, tech and professional services sectors.
This website uses cookies to enable, optimise and analyse site operations, as well as to provide personalised content and allow you to connect to social media. By clicking "I agree" you consent to the use of cookies for non-essential functions and the related processing of personal data. You can adjust your cookie and associated data processing preferences at any time via our "Cookie Settings". Please view our Cookie Policy to learn more about the use of cookies on our website.
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorised as ”Necessary” are stored on your browser as they are as essential for the working of basic functionalities of the website. For our other types of cookies “Advertising & Targeting”, “Analytics” and “Performance”, these help us analyse and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these different types of cookies. But opting out of some of these cookies may have an effect on your browsing experience. You can adjust the available sliders to ‘Enabled’ or ‘Disabled’, then click ‘Save and Accept’. View our Cookie Policy page.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Cookie
Description
cookielawinfo-checkbox-advertising-targeting
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertising & Targeting".
cookielawinfo-checkbox-analytics
This cookie is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-necessary
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance
This cookie is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Performance".
PHPSESSID
This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed.
viewed_cookie_policy
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
zmember_logged
This session cookie is served by our membership/subscription system and controls whether you are able to see content which is only available to logged in users.
Performance cookies are includes cookies that deliver enhanced functionalities of the website, such as caching. These cookies do not store any personal information.
Cookie
Description
cf_ob_info
This cookie is set by Cloudflare content delivery network and, in conjunction with the cookie 'cf_use_ob', is used to determine whether it should continue serving “Always Online” until the cookie expires.
cf_use_ob
This cookie is set by Cloudflare content delivery network and is used to determine whether it should continue serving “Always Online” until the cookie expires.
free_subscription_only
This session cookie is served by our membership/subscription system and controls which types of content you are able to access.
ls_smartpush
This cookie is set by Litespeed Server and allows the server to store settings to help improve performance of the site.
one_signal_sdk_db
This cookie is set by OneSignal push notifications and is used for storing user preferences in connection with their notification permission status.
YSC
This cookie is set by Youtube and is used to track the views of embedded videos.
Analytics cookies collect information about your use of the content, and in combination with previously collected information, are used to measure, understand, and report on your usage of this website.
Cookie
Description
bcookie
This cookie is set by LinkedIn. The purpose of the cookie is to enable LinkedIn functionalities on the page.
GPS
This cookie is set by YouTube and registers a unique ID for tracking users based on their geographical location
lang
This cookie is set by LinkedIn and is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc
This cookie is set by LinkedIn and used for routing.
lissc
This cookie is set by LinkedIn share Buttons and ad tags.
vuid
We embed videos from our official Vimeo channel. When you press play, Vimeo will drop third party cookies to enable the video to play and to see how long a viewer has watched the video. This cookie does not track individuals.
wow.anonymousId
This cookie is set by Spotler and tracks an anonymous visitor ID.
wow.schedule
This cookie is set by Spotler and enables it to track the Load Balance Session Queue.
wow.session
This cookie is set by Spotler to track the Internet Information Services (IIS) session state.
wow.utmvalues
This cookie is set by Spotler and stores the UTM values for the session. UTM values are specific text strings that are appended to URLs that allow Communigator to track the URLs and the UTM values when they get clicked on.
_ga
This cookie is set by Google Analytics and is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. It stores information anonymously and assign a randomly generated number to identify unique visitors.
_gat
This cookies is set by Google Universal Analytics to throttle the request rate to limit the collection of data on high traffic sites.
_gid
This cookie is set by Google Analytics and is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visited in an anonymous form.
Advertising and targeting cookies help us provide our visitors with relevant ads and marketing campaigns.
Cookie
Description
advanced_ads_browser_width
This cookie is set by Advanced Ads and measures the browser width.
advanced_ads_page_impressions
This cookie is set by Advanced Ads and measures the number of previous page impressions.
advanced_ads_pro_server_info
This cookie is set by Advanced Ads and sets geo-location, user role and user capabilities. It is used by cache busting in Advanced Ads Pro when the appropriate visitor conditions are used.
advanced_ads_pro_visitor_referrer
This cookie is set by Advanced Ads and sets the referrer URL.
bscookie
This cookie is a browser ID cookie set by LinkedIn share Buttons and ad tags.
IDE
This cookie is set by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
li_sugr
This cookie is set by LinkedIn and is used for tracking.
UserMatchHistory
This cookie is set by Linkedin and is used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.
VISITOR_INFO1_LIVE
This cookie is set by YouTube. Used to track the information of the embedded YouTube videos on a website.
