Organisations employing electrical trades workers in the construction sector are using blood analysis as a means of screening future employees for ‘health risks’ that they allege may impact on their performance of work, according to a recent report.
While collecting sensitive information from blood analysis is restricted under Australia’s privacy laws, the report called for tighter rules about when and how much personal and sensitive information organisations can ask workers to provide.
The No Blood-No Job: Australia’s privacy laws and workers’ rights report, which was conducted by The Centre for Future Work at the Australia Institute, is based on interviews with electrical trades workers who were required to provide blood samples for testing as a precursor to recruitment to work in the construction of mine sites and in oil and gas exploration operations.
Four workers, seeking employment with three different companies, were interviewed for the report, while The Centre for Future Work researchers also discussed the issue of blood sampling of electrical trades workers with senior national officials of the Electrical Trades Union (ETU).
Access to the information in the ETU’s files regarding the experience of other workers who had been required to provide blood samples to prospective employers/employers was also made available to the Centre for Future Work.
“The findings of this report raise concerns about power, privacy, fairness, and the potential for discrimination in the practices being adopted by some organisations,” said Lisa Heap, a labour lawyer and researcher at The Centre for Future Work at the Australia Institute.
“These findings also show that Australia’s current privacy and workplace relations laws do not adequately address these concerns. The use of ‘health risks’ or ‘health and safety concerns’ as a broad justification for the collection of workers’ information will be challenged if the law reforms proposed in this report are adopted.”
In the future, Heap said organisations would have to demonstrate that collecting sensitive information from workers and conducting invasive tests on workers to collect this information should only occur when strictly necessary and when a defined need can be established.
“This need must be specific. A general call on health and safety, will not be enough. Where there may be a need related to health and safety, other alternative measures to collecting sensitive information should be used and therefore collecting sensitive information should be a last resort,” she said.
The report also calls for the removal of the employee records exemption from privacy laws, and Heap said this would mean that all information collected and maintained in employee records will be handled with stricter parameters.
“The growing collection of data from workers through health and wellbeing programs will be covered by these stricter rules. The purpose of the worker-centric approach, set out in the report, is to make the protection of workers’ privacy the focus,” said Heap.
“The proposed approach addresses the concern, identified by the Office of the Information Commissioner that, in the context of new technological developments and innovations, privacy laws in Australia have swung too far in favour of organisations gathering information and away from the individuals whose information is being gathered.”
In the context of the asymmetrical power structures at work, Heap said the worker-centric approach outlined in the report emphasises collective processes necessary to ensure that power imbalances between data controllers and data subjects are addressed.
Nerida Jessup, a partner at international law firm Herbert Smith Freehills, said that she wouldn’t describe the practice of employers inexplicably undertaking invasive medical examinations without explanation or justification and without proper consent as widespread.
“Medical screening and testing are required, sometimes by legislation, to protect the safety of their workers – and most employers are cautious about getting too much health and medical information about their workforce,” said Jessup, who advises clients on safety governance, compliance and crisis management issues.
“In any case, the casual approach to collection and use of medical information told in the anecdote in this paper will already to expose businesses to a raft of legal risk under existing laws – not just the privacy regime but employment and discrimination laws.”
In discussions about sensitive information there is a balance to be struck, according to Jessup: “There is already complexity in the collection and use of sensitive health information, and legal risk for organisations and OHS professionals who get this wrong – we are seeing challenges under privacy laws brought by individuals and unions,” said Jessup, who added that OHS professionals should be clear on what health data it is being collected and why, for example:
- If workers are being required to undergo health testing/monitoring, is there a clear policy and justification for that (including where such testing/monitoring is required by laws)
- Is there clear consultation and communication with workers about these matters
- Are consent and data protections in place for the way in which the data will be (and is being) collected, used and stored
- Are clear drug, alcohol and fitness for work policies in place