You are probably among the many employers who as a result of the sudden onset of the coronavirus pandemic were abruptly forced to adopt a home office policy. Prior to that, home office was probably not allowed in your company at all or maybe only in limited cases as an employee benefit. Be advised that Act No. 262/2006 Coll., Labour Code (the “Labour Code”) and regulations on occupational health and safety fully apply to work performed at home. In our experience, employers often make mistakes when it comes to home office.
Home office agreement
Since the place of work is an essential component of the employment contract, the employer cannot unilaterally order an employee to work from home. If the employment contract does not include an agreement on home office, you should conclude one with the employee as a new document or as an annex to their employment contract, where you can also address other risks in relation to home office, such as working hours and their recording, reimbursement of the employee’s costs associated with working from home (energy, internet, etc.) or how work equipment provided by the employer is used.
Even during the coronavirus pandemic, the provisions of the Labour Code on delivery still apply, meaning it remains impossible to conclude a home office agreement just via e-mail. The employee’s consent to home office sent by a simple e-mail is insufficient. If you have used this method during the pandemic, we advise you to correct this and conclude valid agreements with the employees who continue to work from home, even if only irregularly.
Even if an employee cannot be unilaterally ordered to work from home, more specific rules for home office may be adopted in the form of an internal regulation, which can be later referred to in individual home office agreements. On the plus side, the internal regulation can be unilaterally amended by the employer without the need to amend the individual agreements with employees.
Occupational health and safety (OHS) and fire protection (FP)
The employer’s general obligation to ensure the occupational health and safety of employees also applies in the case of home office. The costs associated with ensuring the safety and health of employees working at home must be borne by the employer and these costs cannot be passed directly or indirectly to the employee. The employer should provide the employee with safe equipment to work, taking into account the type of work performed at home, provide the employee with regular OHS and FP trainings focused on the home environment and ideally ensure that the home environment of the employee complies with OHS and FP according to the law and internal regulations of the employer (upon the consent of the employee). Ideally, the employer should ensure revisions and inspections of technical devices in the home environment of the employee, e.g. electrical installation (wiring, sockets) and electric devices (PC, printer, kettle). However, employers often do not ensure such revisions and inspections, which can lead to serious problems when a work accident occurs.
Monitoring employees on home office
Monitoring an employee working from home is usually a problematic area. Here too it is necessary to comply with the relevant provisions of the Labour Code regarding the monitoring of employees by the employer, as well as other regulations on privacy and personal data protection. According to the Labour Code, the employer is entitled to check by appropriate means whether the employee is using the employer’s work equipment, including computer technology or telecommunications equipment, for their own personal needs without the employer’s consent. The monitoring of the employee at the workplace (including the home environment) is possible only if there is a compelling reason based on the special nature of the employer’s activities. All monitoring must be proportional, and the employee must be informed about the scope of the monitoring and how it will be carried out. Before implementing any monitoring mechanism, it is necessary to consider many aspects and always prefer monitoring mechanisms that interfere as little as possible with the employee’s privacy, e.g. blocking programmes and applications or individual websites and social networks on the employee’s PC which are not needed for the performance of work, without monitoring the employee’s specific online activities, etc.
As regards the recording of working hours, especially where overtime performed in home office is concerned, the employer should carefully monitor such records and revise if necessary without undue delay. Otherwise there is a risk that the employee can claim unpaid overtime up to three years back, since in the case of home office the right to compensation for overtime cannot be excluded and Section 317 of the Labour Code (stating exemptions for employees that do not work at the employer’s workplace but perform the agreed work during working hours which they schedule themselves) usually does not apply, as classic home office working hours are scheduled by the employer. In general it is at the employer’s discretion whether to choose a fixed working time schedule or flexible working time schedule consisting of mandatory and optional working hours.
Employees should be regularly trained in the area of data and personal data protection with a special focus on home office. They should also be required to use only a secure VPN connection to perform work from home, not to download files from unknown sources and servers to the work PC, and to use only employer-approved storage or cloud solutions for sharing documents with colleagues. We also recommend adopting an internal regulation stating the rules regarding the handling of working documents in paper form, especially to restrict their migration from work to home, and setting rules for their printing, storage and disposal outside the employer’s premises. Be advised that the loss of documents containing personal data or their sharing via unsecured storage may meet the conditions for a security incident, which, in accordance with the GDPR, the employer as the data controller is required to report to the Data Protection Authority within 72 hours together with the proposed or already adopted corrective measures.
These are only some of the risk areas in relation to home office. We will of course be happy to advise you on other practical issues in this area as well. If you are interested we will gladly prepare a new home office agreement for you or revise your current one, draft appendices to employment contracts or internal regulations, or prepare trainings for you in OSH, FP and data protection focused on home office.
This document is a general communication only and should not be regarded as legal advice in a specific matter.