Flexible working

Yes. With respect to employees you have an obligation to protect their health so you can gather information to do that. You might gather information from your employees on who has the virus, who has had it and recovered and also who has tested negative. You might also want to know if individuals have been in contact with someone who has it or if they are in a vulnerable group. It is reasonable to want to know where individuals have travelled. In the future it may also be reasonable to know if they are planning to travel to a virus hot spot, as the impact of the virus around the world is likely to continue for some time even after the outbreak has been contained in the UK.

It is reasonable to gather some information about visitors to your site, be they customers or suppliers, as this information will also help protect your staff. However, you should keep what you gather to a minimum. For visitors, it’s unlikely that you need to know anything more than they have Covid-19, are displaying symptoms or have recently been in contact with someone who has the virus.

You can claim for regular payments you are obliged to pay staff such as non-discretionary overtime, non-discretionary fees, non-discretionary commission and piece-time payments. Overtime in this context is referred to as ‘past overtime’ in the updated guidance which would suggest that you should use the variable pay calculation (see FAQ above) for those who regularly carry out overtime.

If a business has been provided with a loan from 23 March on commercial terms, providing the borrower meets the CBILS eligibility criteria, lenders have been asked to bring these facilities onto CBILS wherever possible (e.g. where the lender is accredited to offer the same facility through CBILS) and changes retrospectively applied as necessary. Please contact us if this applies to you and we can review facilities and advise upon the potential changes that may be made retrospectively to the benefit of the business.

The ICO is providing new guidance to organisations regarding data protection and coronavirus, which can be accessed here: https://ico.org.uk/for-organisations/data-protection-and-coronavirus/

Information about the Covid-19 health status of individuals is special category data under the GDPR. This means it is high risk which has implications for how you use it, store it and keep it secure.

You will already hold health data about your employees as this is necessary to provide a safe, accessible place to work and to make reasonable adjustments to the workplace. You now need to make sure that the information you gather about your employees, visitors to your sites, customers and suppliers about Covid-19 is processed in accordance with data protection laws.

The guidance states that people should aim to wear a face-covering in indoor spaces where social distancing is not always possible and they come into contact with others, for example on public transport or in some shops, and potentially in the workplace. Face coverings do not mean face masks such as clinical masks worn by certain key workers as PPE, which should be reserved for those people.

Staff working in areas that are open to the public must wear face coverings, this includes:

• shops
• supermarkets
• bars
• pubs
• restaurants
• cafes
• banks
• estate agents
• post offices
• public areas of hotels and hostels

If these businesses have taken steps in line with Health and Safety Executive guidance for COVID-19 secure workplaces to create a physical barrier between workers and members of the public then staff behind the barrier will not be required to wear a face covering.

For other indoor settings, employers should assess the use of face coverings on a case by case basis depending on the workplace environment, other appropriate mitigations they have put in place, and whether reasonable exemptions apply.