How much data can I gather?
You also need to consider other aspects of data protection.
Be proportionate – only gather and use Covid-19 data where you need to.
Keep data to a minimum – you shouldn’t gather more data than you need. You need to know someone has Covid-19 but you don’t need to know all their symptoms. Data minimisation also applies to who gets access to the data. It’s unlikely that a spreadsheet, accessible to everyone updating them on the health status of all employees, would be appropriate. Data should be shared on a need to know basis. You need to balance the privacy of individuals against your duty of care to be responsible with regards to the data of your employees, visitors, customers and suppliers.
Keep it up to date – make sure you update data. People’s health status will change and if you keep a record of this, you need to make sure it is accurate and up to date (although this doesn’t mean you should batter individuals with constant requests for updates on health status. Again, be proportionate).
Identify individuals only when you need to – although you will need to know who has Covid-19, that doesn’t mean you need to tell everyone in the organisation. As soon as you can, you should remove personal data from any information you gather. For example, you might want to update employees on the health status of their fellow employees but you probably don’t need to name individuals and even if you feel it is necessary, you should keep the information you provide to a minimum. Removing personal identifiers in a document is also a good data security technique.
Keep the Covid-19 health data secure – Covid-19 data will be special category data and deemed high risk. This means that if you have a breach of this data you will need to notify it to the ICO. A breach could happen by someone losing a print-out of the names of Covid-19 employees, customers or visitors. It could also happen if you set access rights to lists of Covid-19 sufferers open to more people than need to know the information. The risk of ICO enforcement action increases with the potential harm the disclosure could cause. Although the ICO has indicated that it will be understanding about the impact of Covid-19 on normal operations, this doesn’t mean that they will not prosecute you if the breach is sufficiently serious.
Destroy the data once you don’t need it – Finally, of course, make sure that you delete data at the end of your needs. This might last longer than the pandemic, for example if you have an insurance claim or ongoing litigation. If you do need to keep it, consider whether or not you can delete some of the data to minimise what you hold.
Related FAQs
We have developed a Toolkit to help with these issues. The Toolkit contains:
- LO1 How to Guide: Lay off and short time working
- LO2 Letter directing employee to take annual leave
- LO3 Letter confirming lay off (contractual right)
- LO4 Letter confirming short time working (contractual right)
- LO5 Letter proposing lay off (no contractual right)
- LO6 Letter proposing short time working (no contractual right)
- LO7 Counter notice disputing entitlement to claim redundancy payment
- LO8 Script for announcing lay off or short time working (contractual right)
- LO9 Script for announcing lay off or short time working (no contractual right)
- LO10 Letter proposing reduction in working hours and pay
The cost of this Toolkit is £500 plus vat. If you would like to find out more about the Toolkit, please speak to your usual Ward Hadaway employment contact, or get in touch one of the contacts at the bottom of this page.
Individual contractors who are not operating via an intermediary (eg sole traders) do not need to be assessed under IR35. However, you will always have the risk with those individuals that there is no intermediary – therefore if their tax status is wrong, HMRC are very likely to consider that responsibility for this would fall on the hiring company in any event.
As their employer, you have an overriding duty to provide a safe system of work. The Trust would not be able to run a defence to say that an employee “waived their rights” and chose to continue to work. Provided the decision around restricting duties has been carefully thought out, a full risk assessment undertaken and the employee has been truly consulted about the impact on them, then the decision taken will be a reasonable management instruction. Failing to follow that reasonable management instruction could amount to a disciplinary offence.
In part in response to the Covid-19 pandemic, legislation was passed by the government earlier this year which sought to assist companies to trade through the current economic climate. Included within the measures is a degree of protection from compulsory winding up.
The Corporate Insolvency and Governance Act 2020 (The Act), was laid before parliament on 20 May, and became law on 26 June. It is important creditors are aware of what changes have been implemented and the potential and impact which it may have upon debt recovery action you may be considering or have already commenced.
The main part of the Act affecting creditors is the temporary restriction on presentation of winding up petitions and the factors that the Court has to take into account when deciding whether to wind up a company.
On Thursday 24 September 2020 the government passed a further statutory instrument which extended the operation of these restrictions. As a result, the measures which were due to expire on Wednesday 30 September 2020 have now been extended until 31 December 2020.
A key point to note is that the Act has retrospective effect so any pending petitions presented after 27 April will be affected, along with any winding up orders made after that date.
The Act has introduced the following restrictions:
- A petition cannot be presented by a creditor during the period of 27 April 2020 and 31 December 2020 unless the creditor has reasonable grounds to believe that (a) coronavirus has not had a financial effect on the debtor, or (b) the debtor would have been unable to pay its debts even if coronavirus had not had a financial effect on the debtor;
- A petition cannot be presented after 27 April 2020 if it is based on a unsatisfied statutory demand served between 1 March 2020 until 31 December 2020;
- When deciding whether to make a winding up order the Court will need to be satisfied that the grounds giving rise to the petition would have arisen even if Covid-19 did not have a financial effect on the debtor;
- All winding up orders made between the 27 April and 31 December will automatically be void (that is, of no legal effect) unless the Court would have made the winding up order if the new law was in force at the time the order was made.
No, government advice remains that if employees can work from home, they should continue to do so in order to minimise social contact across the country in order to keep infection rates down.