Updated German Regulations on Occupational Safety due to Increase of COVID-19 Infections – What Employers Now Need to Know

Dechert LLP
Contact

Dechert LLP

Due to a significant increase in Covid-19 infections over the past weeks, the German legislator updated and extended the applicable occupational safety regulations in connection with the pandemic. Based on the German SARS-CoV-2 Occupational Health and Safety Regulation (SARS-CoV-2-Arbeitsschutzverordnung) and the German Infection Protection Act (Infektionsschutzgesetz) the following occupational safety regulations in connection with COVID-19 apply until March 19, 2022:

1. Mandatory Workplace Access Controls:

When accessing the workplace and throughout their stay on site, employees must carry the relevant proof with them that they are either vaccinated, tested negative against, or recovered from, Covid-19 (“VRT Status”). Employers are now obligated to perform strict controls of the compliance with this requirement and to document these controls.

Employees with valid vaccination or recovery certificate may be exempt from daily access controls once the employer has checked and documented their VRT Status.

If employees provide a negative Covid-19 test as evidence for their VRT Status, the test shall not be older than (i) 24 hours in case of an antigen or rapid test, or (ii) 48 hours in case of a PCR test.

There is no requirement to control the VRT Status of employees working exclusively from home.

2. Home Office:

The employer is generally required to offer the employees to work from home, unless there are compelling operational reasons requiring that the work is performed out of the office. Such compelling operational reasons include the following:

  • office activities such as: the processing and distribution of incoming mail, the processing of incoming and outgoing goods, counter service;
  • contact with customers and employees is required;
  • front office activities;
  • maintenance and repair activities, IT service;
  • in general, whenever operations or production can otherwise only be maintained to a limited extent or not at all and/or would be accompanied by considerable loss of revenue; or
  • technical issues, such as non-convertibility of telephones.

Employees shall accept the employer’s offer to work from home, unless they have compelling operational or personal reasons that impede the work from home. Reasons impeding employees to work from home may include space constraints, interference from third parties, or inadequate technical equipment.

3. Self-Testing:

At least twice a week, employers shall offer regular self-testing in their premises to all employees who do not work exclusively from home. The cost for the tests shall be borne by the employers.

4. Vaccination:

  • Employees are entitled to schedule an appointment for a COVID-19 vaccination during working hours.
  • The employer shall provide organizational and personnel support to the company doctor (Betriebsarzt) (if any) who carries out COVID-19 vaccinations in the company.
  • Employees shall be informed of the health risks of a COVID-19 infection and the possibility of a protective vaccination.

5. Hygiene Measures:

  • Employers shall prepare and implement operational hygiene plans (e.g. including adequate hand hygiene at the workplace, regular ventilation, contact minimization, etc.) and make them accessible to its workforce.
  • Due to the COVID-19 pandemic German employers shall carry out an assessment of the infection risks at the workplace (based on the work arrangements such as number of employees, shared offices, type of work, etc.) and implement a hygienic concept accordingly addressing all measures that the employees working in Germany shall comply with to reduce the infection risk of the workforce.
  • Such hygiene concept needs to be communicated to the employees, but there is no specific form requirement. Hence, communication via e-mail, intranet or printouts handed out to each employee would be fine from a legal perspective.
  • Personal contacts and the simultaneous use of operating and break rooms by several people should be reduced to the necessary minimum (e.g. virtual meetings instead of in person meetings, keeping 1.5m distance, avoid hand shaking, etc.).
  • If the protection of employees by technical and organizational protective measures is not sufficient and therefore it is necessary for employees to wear medical face masks (mouth-nose protection), these must be provided by the employer.

6. Public Enforcement:

  • In case of violations of these requirements the competent occupational health and safety authorities may enforce compliance with the requirements by first issuing official orders on a case-by-case basis, and if employers violate these orders may impose fines of up to €30,000.
  • For violations against the obligation to monitor or carry evidence of the VRT Status the German Infection Protection Act provides for a fine of up to €25,000.

Considerations from a Data Protection Perspective

The cost for the tests shall be borne by the employers.The monitoring of the employees’ VRT Status constitutes processing of special categories of personal data and must be in compliance with the General Data Protection Regulation (Regulation (EU) 2016/679 – GDPR).

Therefore, general principles relating to the processing of personal data need to be complied with. These include the principles of data minimization and storage limitation. Thus, the employer needs to limit the processing of the VRT Status to the extent necessary and store the health data no longer than is necessary for fulfilling its legal obligations. The employer shall only collect and store the VRT Status and the time period of its validity, but not a copy of the respective certificate itself. Further, employers should ensure to delete any the VRT Status once they are no longer required by law to monitor it. In addition, technical and organizational data security measures must be taken to prevent that any unauthorized persons (e.g. third parties or colleagues) can gain knowledge of the VRT Status collected. For example, such data shall not be included in the personnel file of the respective employee, but shall be kept separately and secure (e.g. in a password protected excel file, which can only be accessed by a minimum of authorized persons).

The employer should also provide the employees concerned with transparent information about the processing of their VRT Status and issue a respective amended employee privacy notice.

Violations against GDPR may result in damage claims from data subjects or sanctions by supervisory authorities, including administrative fines up to EUR 20,000,000 or 4% of the total annual worldwide turnover of the group of the preceding fiscal year, whichever is higher.

We note that each federal state may impose additional regulations for preventing the spread of the Covid-19 virus and therefore requirements relating to workplace safety may differ depending on the location of the employer’s operation. 

Written by:

Dechert LLP
Contact
more
less

Dechert LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.