Authors note: the information held within this article is generic and anyone reading this should not rely solely on the information herein as specific advice for their organisation.
As the country prepares to open the economy back up, we need to prepare our businesses. This article will discuss the four areas the Minister for Small Business, the Hon. Michaelia Cash, outlined in a recent email that businesses need to prepare for.
- Prepare comprehensive plans so employees and customers know what to expect both in undertaking daily business but also in the event of a COVID-19 related incident or outbreak
- Develop workplace and business models to prevent the spread of COVID-19 incorporating measures such as physical distancing or barriers and hygiene as appropriate (depending on the nature of your business operations)
- Prepare plans to respond in the event of an incident involving an infected employee or customer including testing and isolation measures (as well as providing support and information flow to employees and their families)
- Prepare plans and protocols to recover after incidents including cleaning and testing the workplace.
Before we go into these four areas, we need to consider the following question:
“are these items for COVID-19 or are they an essential part of the ‘new normal’?”
We believe that COVID-19 has taught us we need to plan how we respond to future events like COVID-19, and that these four areas need to be considered not as a response to COVID-19, but as the new best practice that is here to stay.
That is, in this article we will discuss these areas of consideration not as COVID-19 measures, but as infectious disease protocols. In practical terms, isn’t COVID-19 an extremely infectious version of a really, really, really bad flu?
If we consider it as such and contextualise our workplaces in this light, then we will not only be able to contain future COVID’s (COVID-20 and so on), but we will also minimise the rates of infection during the usual cold and flu seasons and mitigate other transmittable diseases such as viral gastroenteritis (for example).
The ‘new normal’ will present itself in many ways- will the aisles of your local Bunnings go back to resembling an obstacle course littered with clearance items forcing people to trip over each other to get through, or will your local Woollies or Coles continue to shrink their aisles in order to get more shelves in? Airlines may undergo massive changes (potentially) with significant increases in fares and the reintroduction of that mythical creature (legroom) being on the cards not to mention a potential requirement to have medical travel clearances given up to 48 hrs prior to boarding!
SBAAS does not believe you should be thinking of this as a ‘come-and-go’ exercise, but rather a ‘this is how we do things now’ exercise. People will forget, it is the one major superpower humans have; the ability to forget. However, this forgetfulness may take a while, certainly not before the Alpha Generation (our Screenagers) are in charge and running the show alongside the Millennials (the equivalent of the Baby Boomers and Gen X now).
Now, let’s have a look at what you need to consider moving forward and have ready real soon!
Prepare comprehensive plans so employees and customers know what to expect both in undertaking daily business but also in the event of a COVID-19 related incident or outbreak.
Many large organisations already have some form of infectious disease response protocol, but small businesses that have a certain intimacy of contact with their clients (this includes general proximity trading) such as a masseuse, hair dresser, nail salons, cafes, restaurants (all hospitality really), retail and so forth will need to also have appropriate protocols. This is about taking control!
This topic is a twofold issue, so let us look at these elements separately.
Many organisations such as mechanics and couriers have already introduced non-contact service delivery, this will not be as easy for a masseuse or, say, a Beauty Therapist.
So, what do you need to do?
- Review your usual process in dealing with customers, how can you change this to be infectious-safe?
For example: A masseuse can implement protocols where their clients are required to sanitise their hands prior to entering the treatment room, ensure that all towels, etc. are removed and replaced with fresh ones between each client and their treatment beds are sanitised between clients (hopefully, most of this is a pre-existing protocol). The main change here may just be that you are now informing your clients of the protocols and you are documenting these protocols so you can illustrate that all staff are aware and compliant with them.
- Spatial awareness will need to be reviewed. That is, how are you using your space and how many humans are you forcing into this space? Whilst a complete reopen may not have limited numbers of people per square metre, many people will have newly formed social distancing habits and will not be comfortable dealing with businesses that are not enabling this. How is your workplace set up for people to work and buy from you whilst still allowing social distancing?
Outbreak or Incident
- What if a staff member or customer tests positive? Do you have appropriate communication processes in place (internally and externally) in order to fully inform them of such an incident?
What processes could/would you put in place and how would you let people know this? Again, by stating this is your ‘infectious disease’ policy you now have a simple process to follow be it COVID-19 or gastro, furthermore, it makes you appear to be far more on top of everything than an organisation that has a one-off policy.
Develop workplace and business models to prevent the spread of COVID-19 which incorporate measures such as physical distancing or barriers and hygiene as appropriate depending on the nature of your business operations
Whilst this incorporates more of the ‘new normal’ than previous versions of infectious disease control policies, there is still a simplicity to what is required overall.
We have been saying for a while now that social distancing measures will be here to stay until the superpower of forgetfulness takes control. This means that current retail practices of 1.5 metre markers on floors and sneeze guards at check outs are likely to stay, as with the provision of sanitiser. These hygiene protocols are reflective of food handling protocols – applied to all walks of life.
Regular washing of hands, cleaning of bench tops, and wiping down of equipment will be here to stay; what can you do in your workspace to be infectious-safe? If you are, say a law firm, then the regular wiping down of your computer equipment, printers, filing cabinets and phones would be an excellent start. Every workplace can take the fundamentals of excellent food hygiene practices and apply them in their workspace.
In practical terms, it is just clean first sanitise second, repeat frequently and make sure you are always cleaning (or replacing) the cleaning equipment! The simplicity of good hygiene is one of the factors of the pandemic that has concerned us; I mean, did we really have to teach people to wash their hands properly. Short answer yes, a recent study showed an appalling number of people were not washing their hands after going to the toilet so …!
Prepare plans to respond in the event of an incident involving an infected employee or customer including testing and isolation measures (as well as support for and information flow to employees and their families)
This does tie in with the first suggestion from the Hon. Michaelia Cash and just requires a process whereby you publicise how you will communicate any infectious episodes, be it your website, social media, megaphone from your rooftop, a classified in the local paper, all of the above, a combination of these, whatever. Remember though, whatever you say you will do, you need to do if something happens, so keep it simple, but effective! We suggest website and socials.
If you have an affected staff member, what will you do to support them, how are you going to keep the communication channels open, and how are you going to do this whilst ensuring protection of privacy?
Finally, in all this, are you going to arrange testing, or inform people where testing can be done if an occurrence happens?
Our suggestion here is remember, first and foremost this is about good communication and the protection of your staff and customers, but there are underlying considerations such as privacy and employment law, so whatever you do, you need to protect yourself too!
It is important to remember an employer owes a primary duty of care to its employees (and other persons in the workplace) under the Work Health and Safety Act 2011 (QLD) (the Work Health and Safety Act). As part of fulfilling this duty, the provision of information, training and instructions to employees (or other workers engaged by a business such as contractors or volunteers) is an important consideration. By developing plans (preferably in writing) to respond in the event of an incident involving an infected employee or customer and conducting training at appropriate intervals (which may include performing drills) with employees and workers, an employer can demonstrate they have fulfilled their primary duty of care under the Work Health and Safety Act.
Of course, employees and workers themselves owe a secondary duty of care (under the Work Health and Safety Act) to take reasonable care for their own health and safety to ensure they do not adversely affect the health and safety of other employees and workers. As part of this secondary duty of care, employees and workers must comply with reasonable instructions as well as policies or procedures put in place by their employer. Written plans (put in place before an incident occurs) and policies will assist employees and workers in fulfilling their secondary duty of care.
The Privacy Act 1988 (Cth) (Privacy Act) and equivalent State legislation governs how personal information can be collected, stored and disclosed within many Australian workplaces. That said, the Privacy Act is limited in its application and doesn’t apply to the majority of small businesses. The Privacy Act applies to health services, some government agencies (and government contractors), all private sector businesses with an annual turnover of more than $3 million and some small businesses within the private sector.
As mentioned, small businesses with a turnover of less than $3 million annually are excluded from having to comply with the legislation. However section 6D(4) of the Privacy Act prescribes the following instances when small businesses will still be covered by the Privacy Act:
- The business provides health services and holds health information beyond the scope of employee records;
- The business discloses personal information about another individual to anyone else for benefit (e.g. the selling of data to a marketing company);
- The business provides a benefit, service or advantage relating to the collection of personal information;
- The business is contracted to the Government or benefits from a Government contract (whether or not it is a party to the contract);
- The business is a credit reporting body.
It is also worth mentioning that small businesses that operate a residential tenancy database are required to comply with Privacy Act irrespective of turnover because they are classified as ‘organisations’ pursuant to section 7 of the Privacy Regulation 2013 (Cth).
Small businesses are able to “opt in” to the legislation and are henceforth required to comply its provisions. There are other very specific exceptions to coverage under the Privacy Act which are too extensive to list here. Employers that are unsure of their privacy obligations should seek independent legal advice.
For businesses not excluded from having to comply with privacy legislation, employers are required to have a policy in place which outlines how it plans to deal with personal employee information in accordance with the terms of the Privacy Act. Personal information regularly collected by employers include employee training, wages, leave and contact details among other things. In this regard, the Privacy Act contains general principles, known as the Australian Privacy Principles (APP) for employers to follow in terms of drafting their bespoke privacy policies.
Sensitive information (including employee medical details) is afforded higher protection under the Privacy Act. Generally, employers can only collect sensitive information concerning an employee if it has first acquired the employee’s consent to do so. However, the APP allows an exception to this general rule of consent when the information is reasonably necessary, or directly related to one or more of the business’ functions or activities. This exception would include managing COVID-19 within the workplace as it relates to the health and safety of individuals and the public at large.
Similarly, the APP allows for the disclosure of sensitive information if it is necessary to prevent or mitigate a serious threat to the health and safety of individual employees or the public at large. In short, COVID-19 presents an unprecedented burden on employers to balance the privacy of employees with their duty to assist in managing the national health crisis. In practical terms, employers should seek consent wherever possible and take steps to limit the information to only what is necessary. This may include providing the relevant authorities with the pertinent information whilst limiting the information provided to colleagues within the workplace to only general details (i.e. withhold the employee’s identity if possible).
It is likely that a vast majority of readers will fall into the “excluded category” being a small business with a turnover of less than $3 million annually. That said, the Fair Work Ombudsman advises that it is best practice for businesses to comply with the provisions of the Privacy Act despite being excluded.
Prepare plans and protocols to recover after incidents including cleaning and testing the workplace.
This, in our opinion is the simplest of all items. Shut down for however long, clean then sanitise the workplace thoroughly and, if appropriate and available, arrange testing of staff before allowing them to return to work.
If there is a confirmed incident of an (infected) employee or customer attending the workplace, employers may be able to stand down employees pursuant to the Fair Work Act 2009 (Cth) on the basis of a stoppage of work (to allow for professional cleaning and sanitisation of the workplace) which the employer cannot be reasonably held responsible for causing. To maintain the lawfulness of a stand down, employers should promptly communicate with its staff members once cleaning has been completed (and work can resume).
It is arguable that directing an employee to obtain medical clearance forms part of an employer’s primary duty (set out above) to ensure, so far as reasonably practicable, the health and safety of its workers. This may well be the case even if an employee was not ‘patient zero’ and confirmed to be infected – there is a risk an employee may have been exposed to patient zero.
Whilst it is likely directing an employee to obtain medical clearance constitutes a lawful and reasonable direction, it may be preferable for employers to review their employment agreements with employees to ensure there is an express contractual right for employers to direct employees to obtain medical clearance (in circumstances where there is reasonable doubt as to an employee’s fitness for work).