Creating Conducive Workplace To Fight Pandemic Aftermath In Organizations

Work Environment: Making work place safe, healthy, competitive, collaborative, efficient, congenial, non-exploitative and empathetic, is a basic functionality feature for all employers. While WFH and WFO may continue to remain optional for most, changing work place may create distrust or fear in employees leading to their exit. There should be mutual trust between employers and employees, which can help employer make & implement its policies creatively and employee to accept them without ado. The feeling of anxiety, fear and distrust created by pandemic will impact the workforce as a lot of them have been affected personally making them feel vulnerable and anxious, which would unknowingly allow that feeling to seep into the organizations as well. Mental health would be impacted even for those who have been witnessing the havoc that pandemic has been creating and not just faced it. Only creating an empathetic environment can allow this from not spreading and threatening overall efficiency and productivity. Employers would have to ensure sessions on mental health and team building/trust exercises. Health and safety would remain a major concern allowing employer to prescribe additional measures mainly flowing from the orders of National Disaster Management Authority or Health Ministry or Labour & Employment Ministry, for WFO protocols and to allay fear of WFO. Apart from having physical health & safety measures (sanitizers, tissues, disinfectants, temperature check, etc.), trainings on well-being and steps to improve social interactions would be equally important.

Engagement: The HR could seek details of covid vaccination and ask for certificate, especially when (s)he has to work in proximity with others or working in departments requiring travel or meeting with external parties and let candidates know that everyone in their organization has been vaccinated. While employers cannot force its employees to get vaccination but in order to ensure a safe work environment while asking its employees to WFH, it can definitely have it in its policy to allow only those who have been vaccinated to WFO. With the Government of India releasing the Liberalised Pricing and Accelerated National Covid-19 Vaccination Strategy, every citizen above the age of 18 years has become eligible to receive vaccination from May 1, 2021. Though it is not mandatory yet, the employers can sensitize its employees on significance of vaccination. As per the Guidance on COVID-19 Vaccination at Work Places, employers can also organize vaccination session at workplace upon meeting certain conditions.

Data Safety: An organization collects data from its employees or third parties and also generates them internally. The data protection regime in India, although lacking in a standalone formalized legislation to govern it, is guided principally by the Information Technology Act, 2000 ("IT Act"), and is applicable to body corporates and intermediaries to govern data and information in electronic form. As per Section 7A of IT Act 2000, electronic records shall be subject to the same auditing and record keeping standards as applicable to physical records. The IT Act not only provides legal recognition to electronic records but also prescribes requirement to store any data/information in electronic form or any negligence in implementing and maintaining reasonable security practices and procedures in dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, the companies can have liability to pay compensation by way of damages to the affected person. The Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("SPDI Rules") implemented under the IT Act specifically defines "personal information" and "sensitive personal information" and employers collecting, receiving, possessing, storing, dealing or handling SPDI (such as passwords, financial information, health conditions, sexual orientation, medical records and biometric records) are obligated to provide a privacy policy and ensure that the same are available in website for view by such providers of information who has provided such information under lawful contract. SPDI Rules lays down the process by which a body corporate must collect the information, seek consent, state the purpose of collection, disclose where the information be stored and time of storage, among others. The body corporate has to keep the information secure, designate a 'grievance officer' and publish its name and contact details on its website. Further, under the SPDI Rules, there are obligations regarding transfer and implementation of reasonable of reasonable security practices and procedures that contain managerial, technical, operational, and physical security control measures that are commensurate with the information assets being protected with the nature of business and implement the International Standard IS/ISO/IEC 27001 on "Information Technology – Security Techniques – Information Security Management System – Requirements." The data retention or cross-border transfer requirements should also be adhered to. Any monitoring or surveillance of employees by the employer should not undermine the right to privacy under Article 21 of the Constitution.

Employment Policies: Despite creating new policies to address covid induced situations at work place or WFH, organizations will have to work towards revisiting their existing policies (on leaves, travel, training, retention, health & safety, data protection & retention, workplace data security, online workplace harassment, etc.) to address pandemic-caused situations, creating additional procedures/protocols, enhancing employee communications, and allowing employees to take leaves to unwind & rejuvenate to minimize disruptions. A team or a person can be designated to take care of all aspects of pandemic after-effect to enable rapid coordination with all departments, fast decision-making, establishing accountability, effective monitoring and reporting. Reviewing of relevant standard operating procedures and manuals and updating them would be critical and equally crucial would be to monitor the situation and provide regular briefings to leaders on any emerging threats and issues. As organizations adjust their business continuity plans, they should ensure that their programs are sustainable and has the ability to evolve, devoid of rigidity & archaic obstinacy and inherent ability to adapt to new developments. The implementation of general directives should be checked against legal obligations under the contract of employment and local law.

It would be important for organizations to understand the safety concerns not only for their data but also w.r.t. the well-being of their employees. It is this sensitization that would be necessary for organizations to thrive and remain respected. While employers have a lot to do, employees should also cooperate and comply fully with preventive measures or directives, take reasonable care of their own safety and the safety of others and observe company policies.

Neeraj Dubey is a Partner at Singh & Associates, Bangalore. Views are personal.