Vittorio De Luca of De Luca & Partners said the Confindustria proposal to allow employers to require the green pass to access workplaces and carry out related activities was “appropriate” to open the health passport debate on the protection of workers’ health and production. However, it will have to overcome some significant critical issues. “How is it possible that the employer cannot ask employees if they have been vaccinated when instead we show the vaccination passport to go even to the restaurant or the airport?”

Legally, the Data Protection Authority, has expressed a negative opinion on the possibility of employers asking their employees to provide information on their vaccination status or copies of documents certifying vaccination.

De Luca continued: “There is then a problem of limitation of constitutional personal freedoms and rights such as health and work. Health is protected as a fundamental right of the individual and as an interest of the community. Work must be “actual” (art. 4, paragraph 1, of the Constitution) and it is inconceivable that it is reserved only for workers who have been vaccinated.

Unless there is a legal provision, which at the moment I think can hardly be approved.

Even the solution of changing the temporary assignment to different tasks or remote working has limited practical use.

Think of a worker who is unlikely to work remotely or be assigned to different tasks that do not require access to company premises. Even if we do not consider the critical aspects mentioned above, we cannot overlook that such an initiative could indirectly entail the imposition of a medical treatment, which is hardly compatible with the principle of art. 32 of the Constitution, according to which health treatments (such as vaccination) can only be made compulsory by law.”

That said, in the face of the various critical issues, “a decisive legislative measure that can balance the various constitutional rights with the principle of reasonableness, is desirable.”

Source: Norme & Tributi Plus Diritto de Il Sole 24 ore

Sundar Pichai, CEO of Google, has recently announced that the company intends to permanently integrate remote working into its working practices,  albeit with a hybrid approach, e.g. three days in the office and two days remotely.

These statements highlight the growing interest in remote working, a system that many companies were forced to try out for the first time during the lockdown and which has now become a real revolution. In many cases, it has become a structural choice due to its undoubted advantages, from a better work-life balance to reducing the stress of travelling to work.

A NEW NORMALITY

At present, according to INAPP (National Institute for Public Policy Analysis) data, 54% of employees in large companies work wholly or partly on a remote basis; furthermore, according to an analysis conducted by the Milan Polytechnic Observatory and Randstad Research, remote working may involve 3 to 5 million workers in the coming months. The path should be the one traced by the CEO of Google: according to a recent study by Fondirigenti, people will prefer to split the week in two or to alternate days in the office and remote work, so as not to sacrifice social relations and physical interaction with their colleagues. According to Vittorio De Luca, managing partner of the De Luca & Partners law firm, specialised in labour law and GDPR (General Data Protection Regulation), “in the near future, remoteworking policies will become more and more a rule and no longer just an exception”. remoteworking policies have also been promoted by the law: the Riaperture Decree has extended until 31 July the possibility for employers to use this instrument with a unilateral act, i.e. without having to sign an individual agreement. This deadline should be extended until 31 December also for the private sector, thus aligning it with what is already in place for the public administration. “However,” De Luca points out, “at the end of the emergency period it will be appropriate and necessary to regulate the relationship between the parties involved, i.e. employers on the one hand and workers (remote workers) on the other hand.”

THE PROBLEMS TO BE SOLVED

Remote working was first introduced in the Italian system by Law 81/2017. Remote working, says De Luca, is defined in the law “as a new and flexible way of organising employment, with no exact definition of the place and time of work, providing that the activity can take place partly inside the company’s premises and partly outside, without a fixed location, though in compliance with the limits on maximum daily and weekly working time established by law and by the applicable national collective agreement. In order for this to happen”, he adds, “an agreement, strictly in writing (for the purposes of proof and administrative regularity), must be entered into by the company and the worker”. And it is precisely the release from spatial and temporal limits, notes the expert, “which, if not regulated in advance, might have negative consequences for both the employee and the employer, from both a professional/work and a social/personal point of view”.

“Indeed, remote working has made the time profile of the service not essential, placing the objectives and performances of the resources concerned at the centre”, explains De Luca. So that “it is of primary importance for employers to be able to check and assess the results of remote workers”, whilst also determining “the forms of exercise of the employer’s power, paying attention to the manner, purpose and content of the same”. There follows the need, he concludes, to “introduce agreements, accompanied by internal procedures and regulations, which govern these aspects, also instructing the worker on the use of work equipment and on company security and personal data protection”.

Under the Law No. 81 of 22 May 2017 on “Measures for the protection of non-entrepreneurial self-employment and measures aimed to facilitate flexibility in regard to locations and times of subordinate work”, remote working has been recently regulated in the Italian legal regime for the first time.  This is a flexible style of working, regulated within the employment relationship and characterised by the absence of time- and workplace constraints and by forms of organisation of work by stages, cycles and objectives.

When implementing remote working in their company, employers must take personal data protection regulations into account.

Regulation (EU) 2016/679 on the protection of personal data (the “GDPR”) introduced the principle of accountability, namely the requirement for the data controller (in our case the employer) to take proactive steps to show that concrete measures have been put in place to ensure the implementation of this Regulation. Essentially, the employer is obliged to identify and manage risks associated with the data processing carried out, in accordance with the principle of data protection “by design” (involving the protection of specific data processing operations) and  “by default”.

This means that, in the case of remote working, the employer must carry out a proper risk assessment and, where necessary, an impact assessment in order to analyse all existing and potential risks and identify the technical and organisational data security measures that are required in order to guarantee secure data protection operations. The employer, accordingly, must adopt Regulations, Policies or Guidelines which set out the conduct that smart workers must adopt in order to ensure the confidentiality, integrity and availability of data processed in the course of their duties.

The employer must also ascertain and verify that remote controls are not invasive in nature, in contravention of Article 4 of Law 300/1970.  This means that the systems that allow continuous monitoring of employees’ use of work tools and the company network must be subject to detailed scrutiny.

For this very reason, remote workers must receive detailed information on the various ways in which the employer exercises its power of control, and on what forms of conduct could potentially trigger or attract disciplinary sanctions.

Beyond this, the employer must train remote workers so that they are fully cognisant of and familiar with the tools available to them, the various risks, and the measures to be adopted while remote working.