On 7 December, the social partners and the Ministry of Labour and Social Policies signed the “National Protocol on remote working” (the “Protocol“).

As stated in the introduction, the protocol“establishes the reference framework for the definition of remote working by expressing guidelines for national, corporate and local collective bargaining in compliance with the legal framework set out in Law 22 May 2017, no. 81 and existing collective agreements, entrusting collective bargaining with what is necessary to implement the different and specific production frameworks.”

The main guidelines

Firstly, the Protocol clarifies that applying remote working must be voluntary and must be subject to signing an individual agreement without prejudice to the right of withdrawal. Any refusal by the worker to perform remote working does not constitute dismissal for just cause or justified reason, nor is it relevant from a disciplinary point of view.

The individual agreement must regulate aspects such as

• the duration (fixed-term or open-ended);
• the alternation between periods of work inside and outside company premises;
• the places, if any, excluded for the performance of the work outside the company premises;
• aspects relating to the work performance;
• working tools;
• disconnection;
• control methods;
• training;
• methods for exercising trade union rights.

Remote working does not require a precise working time but independence within the pre-established objectives and respect for the organisation and assigned tasks to ensure company operability and interconnection between the various business departments. This independence was found in the choice of workplace. However, the Protocol clarifies: “the service performance […] can be divided into time slots, identifying […] the disconnection time in which the worker does not work.” ” technical and organisational measures must guarantee the disconnection period.”

The Protocol points out that, as a rule, the employer provides the technological and IT equipment necessary for remote working. If it is agreed to use personal tools, it is necessary to establish adequate security criteria and requirements.

The Protocol requires the worker to process personal data accessed for professional purposes under employer instructions. To ensure compliance with personal data protection legislation and confidentiality, the employer must:

• adopt appropriate technical and organisational measures;
• inform the worker about the processing of data concerning them; and
• instruct them, providing guidelines on the security measures to follow.
• adopt company policies for managing personal data (e.g. procedure for managing data breaches, data subjects exercising their rights and the correct use of work tools);
• update the processing register under Art. 30 of the GDPR. It is recommended to carry out an Impact Assessment under art. 35 of the GDPR.

During remote working, the employer must ensure health and safety by providing the worker, and RLS (Workers’ Safety Representative) written information describing the general and specific risks associated with remote working. The Protocol states that the worker continues to be entitled to protection against accidents at work and occupational diseases, risks related to work performed outside the company premises, even if this is remote working.

The employer must (i) provide training courses aimed at increasing specific technical, organisational and digital skills for the effective and safe use of the work tools provided and (ii) guarantee compulsory training on the protection of workers’ health and safety and personal data.

◊◊◊◊

The Protocol provides guidelines as a reference framework for future national, corporate or local collective bargaining, without prejudice to existing and individual agreements.

Other related insights:

• Remote working and returning to work: post-emergency considerations
• Remoteworking: how to improve it after the emergency phase