Following the outbreak of the Coronavirus pandemic, the hybrid system of working became more popular. A number of workers are now able to work in the office, at home or in some cases even from abroad.
It is currently estimated that around 78% of companies allow a form of hybrid working, according to data from the Chartered Institute of Personnel & Development (CIPD).
An employer needs to address several practicalities and a range of legal and practical issues when entering into homeworking or hybrid working arrangements with their employees.
All employees have an implied duty not to disclose confidential information or use it for any purpose other than in the course of the employer’s business. In practice, however, confidentiality is more difficult for an employer to monitor when the employee is working remotely.
On this basis, an employer should carefully consider where staff are permitted to work and ensure that this is reflected in the employment contract and any associated policy. Employers may want to include an express confidentiality clause in a homeworker’s or hybrid worker’s contract, clearly defining what information is confidential.
Employers may also want to consider precautions for keeping confidential information secure such as restricting access by the employee’s household members in respect of work devices, ensuring devices are password protected and encrypted, or by providing a secure filing cabinet and facilities for confidential disposal such as a shredder or confidential bin.
Employers need to take appropriate technical and organisational measures against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
Homeworkers and hybrid workers may need specific training on their obligations and those of the employer in relation to data protection and confidentiality. This includes the procedures which they must follow, and what is and is not an authorised use of data. For instance, employees should not mix the organisation’s data with their own personal data. Employees should lock their devices when not in use and ensure that adequate password protections are in place. Employees should also hold conversations where they are less likely to be overheard and position their screen where it is less likely to be overseen.
Employers should bring any relevant IT and other policies (such as those relating to the use of devices and the employer’s data protection policy) to the attention of employees.
Employers may want to carry out a data privacy impact assessment of the data protection implications of employees working from home. This would cover who would have access to the employee’s computer, whether the remote working system permits the employee to encrypt or password-protect information, establish where paper files are kept and whether there are rules on retention of documents/proper disposal.
Health & Safety Risk Assessments
Employers have common law and statutory duties relating to the health and safety of their employees. This includes both mental and physical health. An employer has the same health and safety responsibilities for people working at home as they do for any other worker.
The Health and Safety Executive (HSE) guidance confirms that employers must protect their workers from health and safety risks associated with working from a computer or laptop at home. The HSE also provides a workstation checklist to assist with the requirement to carry out a workstation assessment.
Employers must conduct a suitable and sufficient risk assessment of all work activities carried out by their employees, including homeworkers and hybrid workers, to identify hazards and assess the degree of risk and decide what measures need to be put in place.
The ACAS Guide suggests that employers who cannot carry out a full risk assessment should provide employees with information on working safely at home and could require them to carry out a self-assessment of their workspace and equipment.
Employers should also talk to their employees about their arrangements, as working from home may not be suitable for everyone. For example, some employees may not have an appropriate place to work or may prefer to come into the workplace for wellbeing, mental health or other reasons. It may also make it harder for managers and colleagues to recognise when a colleague is struggling if they work remotely on a full time basis. Employers should be aware of these issues, consider what steps should be taken to provide appropriate supervision, monitor work, hours and stress levels, and try to integrate homeworkers into the team as much as possible.
To support the longer-term move to hybrid working, the guidance encourages the creation of space, time and opportunities for connecting, in addition to the maintenance of effective channels of virtual communication.
Employers should also review any existing policy on health and safety to consider whether amendments are needed to reflect changed working practices.
Availability of employees
When considering hybrid working arrangements, employers need to decide whether there will be a minimum expected attendance at the workplace, for example two days per week in the workplace and three days worked from home, and whether these are set days or more flexible. It is important that the expectations are clear to both parties.
Employers may also require employees to attend the workplace from time to time, for example to attend client meetings, training, team meetings, appraisals and disciplinary issues.
Please note that this is a very brief summary of the key elements concerning hybrid working considerations. The contents of this article do not constitute legal advice. If you require any further information please contact us at employment@berrysmith or on 02920 345 511.