The following explanations are of course neither to be understood as conclusive nor as generally valid. In particular, a different assessment may be required on the basis of the applicable employment contract, company and collective bargaining regulations as well as personal, company and other circumstances.
Risks / Need for action
Since the outbreak of the corona pandemic, many companies have set up emergency staff at short notice and sent workers to home offices in order to protect the health of staff, customers and service providers. These short-term measures are right and important.
However, the introduction of home offices gives rise to a large number of legal problems and risks that should be clarified and minimized in a timely manner. This is not only in the interest of the company, but also of particular importance for the persons acting responsibly. The most important issues and risks are, among others
1.The licenses for remote use of the applications should be reviewed and adjusted; the access authority of the company owner must not be lost.
Here, it is important, among other things, to avoid considerable risks of damages and to maintain the ability to act and make decisions.
2. Compliance with data protection regulations must be ensured, particularly in the home office (this applies all the more so as employees come into contact with sensitive data and/or are under a special obligation to maintain confidentiality (HR, research, client, patient, tax secrecy, etc.)). There is a need for specifications and guidelines, among other things, in the case of the use of private end devices (BYOD), in the selection and use of applications (e.g. PDF scanner for the mobile device, etc.) and for a uniform storage and deletion concept.
In this context, it is important to avoid, among other things, claims for damages, penalties and severe fines as well as other negative consequences for the persons acting responsibly and the company.
3. Especially in the home office, an adequate level of protection for business secrets must be ensured.
Here it is necessary to take precautions to protect the company’s know-how
4. More detailed specifications for the introduction and design of work in the home office should urgently be made, in particular regulations on the right to issue instructions, the employee’s obligations to cooperate, core hours, standards etc.
Here, it is particularly important to minimise the risk that deviating requirements of the employer are no longer legally enforceable.
5. Parts of the specifications for the home office are subject to the codetermination of the works council; regularly, the commencement of home office activities is a transfer under works constitution law and the works council must therefore be consulted.
Here it is important to rule out the risk that the arrangements made and the action taken in the home office will be ineffective and that the works council can demand an injunction.
6. From a compliance point of view, IT security as well as adherence to occupational health and safety regulations (in particular those relating to working hours) must be ensured by the employer, especially in the home office.
In this context, it is important to minimize the risk of claims for damages, loss of insurance coverage, penalties and severe fines, as well as other negative consequences for the persons acting responsibly and the company.
Munich, the 22.03.2020
Zirngibl Lawyers Partnership mbB
