Skip to content

Our Ontario Lawyers

When success matters, there is no substitute for the advantage that comes from experience.

Search for a lawyer below:

Office:

Search Results

We're sorry, We cannot locate any lawyers with that criteria. Please search again.

Sort By:

Experience and Expertise:

How Can We Help? We’ll be happy to match you to the right qualified Lerners Lawyer.
LERNx

Re-opening Your Business and COVID-19: Protecting Client and Employee Safety and Privacy

3 minute read

Businesses are working on their reopening plans as the provincial government moves us through the phases of recovery from COVID-19.  An important part of that plan are COVID-19 screening measures – for employees and for clients. What does a business need to have in place to protect client and employee safety and privacy?

There is an obligation on businesses to keep their employees and their clients safe. One way of doing so is having COVID-19 screening measures in place. Many of the possible screening measures that could be implemented will result in the collection of personal health information, which is considered to be sensitive information, and requires additional protection.

In order to meet privacy law obligations, businesses should keep the collection, use and disclosure of personal information to the minimum required to prevent and to manage COVID-19 in the workplace. They also have to ensure that meaningful consent is provided by an individual when collecting their personal information.

The federal, provincial and territorial guardians issued a joint statement on COVID-19 contact tracing apps to ensure that Canadian citizens’ privacy rights were protected. The privacy principles raised in the joint statement are equally applicable to businesses developing return to work/business plans, and need to be considered when drafting them:

  • Consent and trust – businesses need to demonstrate a high level of transparency and accountability to their clients and to their employees.
  • Legal authority – proposed measures are to be grounded in a clear legal basis, and consent for the collection of personal information is to be meaningful.
  • Necessity and proportionality – screening measures should be necessary for a specific purpose (e.g. to be able to notify individuals exposed to COVID-19), tailored to the specific purpose, and is likely to be effective in achieving that purpose.
  • Minimum intrusiveness – the personal information collected should be the minimum required to meet the specific purpose identified by the business for its collection.
  • Purpose limitation – personal information must be used for its intended purpose and for no other.
  • De-identification – depending on the personal information collected, businesses may need to consider de-identifying the data.
  • Time limitation – a retention period for the personal information needs to be set, and the data destroyed when it expires.
  • Transparency – individuals should be fully informed about the personal information being collected, how it will be used, to whom it will be disclosed, where it will be stored, how it will be securely stored, and when it will be destroyed.
  • Accountability – businesses should conduct ongoing monitoring to ensure the effectiveness of the return to work/business plan, as it relates to the collection, use and disclosure of personal information. As more control over the pandemic is achieved, the amount and/or frequency of personal information needed to be collected may change.
  • Safeguards – appropriate organizational and security safeguards need to be in place to protect the personal information collected.

The Lerners Privacy, Data and Information Security team of lawyers can assist businesses in developing policies related to COVID-19 screening measures to implement as operations resume and employees and clients return to the workplace. Privacy Impact Assessments can be conducted to evaluate and minimize the privacy implications of return to work/business plans.

Learn more about our Lerners’ Privacy, Data and Information Security Group

LERNx Sidebar

LERNx

LERNx is committed to making the law easier to access for all by publishing high-quality and industry-leading content.

Alysia M. Christiaen

We are here to help.

Do you have any questions about your unique scenario? Feel free to reach out directly by visiting my Lerners Profile View My Full Profile