This is A MoFo Privacy Minute, where we will answer the questions our clients are asking us in sixty seconds or less.
Question: Can a company require proof of a COVID-19 vaccination to visit work sites and/or venues in the EU or the UK?
Answer: Requiring that an individual shows proof of vaccination, recovery from a COVID-19 infection, or a recent negative test appears to be gaining traction in the EU and the UK as more and more court decisions, guidelines, and laws are published. Here are the latest three developments:
However, please note that the deciding factor seems to be whether proof of vaccination/recovery/test is merely presented for a visual check (without data actually being stored) or whether the proof is checked for its validity (e.g., by scanning QR codes). The latter may indeed entail the processing of personal data, and data protection laws would apply.
Visit our Privacy + Data Security page for additional information from our privacy library and resource centers on cybersecurity, state privacy laws, and the General Data Protection Regulation (GDPR).