Privacy vs pandemic
Privacy vs pandemic Mass vaccination appears to be our ticket out of lockdowns. However, concern is being raised by individuals and industry around the rights of employers to force employees to be vaccinated and the right of an employee to privacy.
There is currently no specific law requiring a person to be vaccinated. However, there are some workplaces that by their very nature require employees to vaccinated against COVID for example, health care and aged care. The Federal Government has recently mandated that all aged care workers be fully vaccinated by September 1 2021.
However, not everyone is able to be vaccinated and employers need to be careful about requesting employees to be vaccinated or else run the risk of direct or indirect discrimination.
It is not unlawful for an employer to request medical proof of an inability to obtain a vaccination provided that it is not for the purpose of discrimination. However, an employee’s medical records are protected by privacy laws. Therefore, an employer cannot access an employee’s medical records without their consent.
Legal concerns?
If you are concerned about your employer’s vaccination requirements, it is important that you seek legal advice. COVID is an ever-evolving beast that will no doubt throw up many employment and discrimination challenges.
Current position & practical guidance (NSW/Australia)
- No general vaccination mandate: There is still no across-the-board law requiring every person to be vaccinated. Whether a workplace can require vaccination depends on WHS risks, contracts/awards, and whether a direction is lawful and reasonable. See the Fair Work Ombudsman guidance. :contentReference[oaicite:0]{index=0}
- Sector policies can change: NSW Health removed its blanket COVID-19 vaccine mandate for health workers in May 2024 (vaccination now strongly recommended, not required), though individual employers may still have policies based on WHS risk. :contentReference[oaicite:1]{index=1}
- Aged care settings: Aged care remains a high-risk environment and providers may implement vaccination policies consistent with federal guidance and WHS duties. See the Department of Health’s aged care COVID-19 vaccine resources and sector updates. :contentReference[oaicite:2]{index=2}
- Privacy of vaccination information: Vaccination status is sensitive health information. Employers should only collect it if reasonably necessary, with consent, store it securely, and limit use/disclosure in line with the Privacy Act and OAIC guidance (note the employee records exemption for private-sector employers applies only after collection and only where directly related to the employment relationship). See OAIC resources. :contentReference[oaicite:3]{index=3}
- Discrimination risk: Any policy must consider disability, pregnancy, religion and other protected attributes, and whether reasonable adjustments are available. See the Australian Human Rights Commission overview. :contentReference[oaicite:4]{index=4}
- WHS duties: PCBUs must manage COVID-19 risks using a risk-management approach (vaccination is one control among many). See Safe Work Australia. :contentReference[oaicite:5]{index=5}
- Health advice: For 2025 vaccine guidance (e.g., who should get boosters), see ATAGI’s latest statement. :contentReference[oaicite:6]{index=6}
Need tailored advice on workplace vaccination policies, privacy and discrimination? Speak with our civil & employment team or criminal law team, or call (02) 8806 0866.
