The Information Commissioner’s Office (ICO) has published guidance for employers on workplace testing during the coronavirus pandemic. It covers the extent to which employers can carry out tests on staff on their return to work to see if they have either coronavirus or symptoms of it.
The guidance makes clear that any testing needs to comply with the GDPR and the Data Protection Act 2018, and that any personal data relating to health is special category data. The topics covered in the guidance include:
- the lawful basis that can be used for testing employees
- demonstrating compliance with data protection laws, including the data protection principles
- data retention
- data sharing
- the exercise of data subject rights by staff
- the data protection considerations where staff have arranged their own tests and disclose the results to their employer
- the use of on-site temperature checks or thermal cameras for testing or monitoring staff.