How do I ensure my use of video conferencing calls complies with GDPR?
With the loss of face-to-face meetings in the current situation, video conferencing has taken centre stage. But how do you do that in a compliant way? Here are some of the main high-level data protection issues to consider when selecting and implementing a new third party provider’s video conferencing system.
- Make sure you do your due diligence on the security measures offered by the provider. Clearly you can’t visit them, so look at the information offered publicly by the provider and read good quality, reliable, third party sources and ask the provider questions directly. Also ask any other organisations you know that use the provider. Document all this.
- If personal information is being sent outside of the UK/European Economic Area, make sure that transfer complies with GDPR. If it’s a US provider, is it registered in the EU-US Privacy Shield list or does it offer a model clause contract (you’re likely to need the 2010 version)? Or is the service provided from a country whose data protection laws offer equivalent protection to those in Europe? Look at the support service as well as the hosting. Document this.
- Make sure you put a compliant processor agreement in place. The provider should offer one as part of the contract terms. Check it meets GDPR requirements.
- You’re likely to need to update your privacy notice, particularly if you’re going to record calls. Provide participants with a short message and link to the privacy notice in the meeting invite and on any registration page.
- Create or update other GDPR-mandated documentation – for example, depending on your use, you may need a legitimate interests assessment and to update your record of processing.
- Finally, configure and use the system in a secure and compliant way. Look at the settings/options carefully and think through the security and compliance implications of each. That could include deciding who in the meeting can share their screen; whether or not you use passwords for participants; whether or not to record, and if you’re going to record, where to store the recording. Document your decisions and the reasons for them.
The ICO has said it understands that resources, whether they are finances or people, might be diverted away from usual compliance work during the pandemic. However the last thing you need at the moment is to create a bigger problem than the one you are trying to solve. So do the best you can, ask for help from one of our specialists if you need it, and keep the whole thing under review.
On 16 April 2020, Ian Hulme, the ICO’s Director of Assurance, posted a blog for business owners, employers and managers about how to safely roll out the latest video conferencing technology.
On 21 April 2020, the NCSC published security guidance for organisations on choosing, configuring and deploying video conferencing services.
Related FAQs
Following our webinars on all aspects of furlough and alternatives to redundancy, it is an unfortunate fact that a number of organisations are likely, sooner or later, to be forced to make some employees redundant.
Our employment experts Jamie Gamble and Roisin Patton take you through the key aspects of conducting cost reduction redundancies, but with a focus on aspects that make this exercise different this time. For instance:
- How are you going to conduct sensitive meetings remotely?
- How are you going to ensure that dismissing any furloughed staff will be fair? You may have furloughed at speed, but redundancy selection criteria cannot be defined by such factors.
- Will you use this time to review your selection criteria if you already have some in place?
- How will you deal with individuals who are shielding, have child care issues or are pregnant?
- How do you ensure this is all done sensitively and fairly for those roles that are being made redundant, but also for those who continue to work for you but are still isolated on furlough or working from home?
- And what are the risks for making redundancies in this “new normal”?
Although you may be perfectly familiar with redundancy exercises these are far from normal times and it is therefore worth pausing to think about the impact that Covid-19 might have and what else you need to think about or plan for.
The webinar was recorded on Thursday 2nd July.
You will be eligible if you are a self-employed individual or a member of a partnership and you:
- have trading profits of up to £50,000
- earn the majority of your income from self-employment
- have submitted a Tax Return for 2019
- have traded in the tax year 2019/20
- are trading when you apply for a grant, or would be except for Covid-19
- intend to continue to trade in the tax year 2020/2021
- have lost trading/partnership profits due to Covid-19
All policies will impose a stringent obligation, often with time limits, for you to notify insurers of circumstances that may give rise to a potential claim under the policy and non-compliance may well negate your cover. If therefore you have potential cover under your policy you must make a precautionary notification to Insurers as soon as possible.
- Trusts should allow for telephone advice rather than face-to-face review from critical care when clinically appropriate.
- Hospitals should discuss the sharing of resources and the transfer of patients between units, including units in other hospitals, to ensure the best use of critical care within the NHS.
Please note, the above is intended to provide a summary of the key recommendations which emerge from this guidance. Access to the full guidance can be found here.
Commercial leases generally prevent a tenant from withholding payments of rent. If a tenant stops paying rent there will be a breach of the tenant’s covenant to pay rent which, strictly speaking, will entitle the landlord to forfeit the lease and/or seek to recover the arrears in the courts.
However, on 23 March 2020, the Ministry of Housing, Communities and Local Government announced that all commercial tenants in England, Wales and Northern Ireland missing rent payments are to benefit from a government ban on forfeiture of their lease. This change, which will prevent landlords from terminating leases and evicting commercial tenants, is included in the Coronavirus Bill. It will come into force very shortly (once the Coronavirus Bill receives Royal Assent, which is expected to be in a matter of days) and will last until 30 June 2020, with an option for the government to extend this deadline.
It is anticipated that many commercial tenants will take advantage of the reprieve and withhold their rent. Importantly note the rules will apply not only to principal rent but to “any sum a tenant is required to pay”, leaving the burden of supplying services and insuring the premises on landlords.
It is also important to note however that the protection offered by the government is from the threat of forfeiture should tenants withhold rental payments. The liability to pay the rent however remains an interest on unpaid rents will accrue. Furthermore, remedies other than forfeiture may be pursued by the landlord e.g. service of a statutory demand before insolvency or ordinary litigation proceedings for arrears etc.. Tenants then ideally should look to reschedule or suspend rental payment through discussions with their landlord.
The advantage of this being you might be able to negotiate a sensible and manageable repayment program in respect of the suspended rent, free of the threat of litigation.