Skip to content
Menu

Home FAQs How much data can I gather?

How much data can I gather?

You also need to consider other aspects of data protection.

Be proportionate – only gather and use Covid-19 data where you need to.

Keep data to a minimum – you shouldn’t gather more data than you need. You need to know someone has Covid-19 but you don’t need to know all their symptoms. Data minimisation also applies to who gets access to the data. It’s unlikely that a spreadsheet, accessible to everyone updating them on the health status of all employees, would be appropriate. Data should be shared on a need to know basis. You need to balance the privacy of individuals against your duty of care to be responsible with regards to the data of your employees, visitors, customers and suppliers.

Keep it up to date – make sure you update data. People’s health status will change and if you keep a record of this, you need to  make sure it is accurate and up to date (although this doesn’t mean you should batter individuals with constant requests for updates on health status. Again, be proportionate).

Identify individuals only when you need to – although you will need to know who has Covid-19, that doesn’t mean you need to tell everyone in the organisation. As soon as you can, you should remove personal data from any information you gather. For example, you might want to update employees on the health status of their fellow employees but you probably don’t need to name individuals and even if you feel it is necessary, you should keep the information you provide to a minimum. Removing personal identifiers in a document is also a good data security technique.

Keep the Covid-19 health data secure – Covid-19 data will be special category data and deemed high risk. This means that if you have a breach of this data you will need to notify it to the ICO. A breach could happen by someone losing a print-out of the names of Covid-19 employees, customers or visitors. It could also happen if you set access rights to lists of Covid-19 sufferers open to more people than need to know the information. The risk of ICO enforcement action increases with the potential harm the disclosure could cause. Although the ICO has indicated that it will be understanding about the impact of Covid-19 on normal operations, this doesn’t mean that they will not prosecute you if the breach is sufficiently serious.

Destroy the data once you don’t need it – Finally, of course, make sure that you delete data at the end of your needs. This might last longer than the pandemic, for example if you have an insurance claim or ongoing litigation. If you do need to keep it, consider whether or not you can delete some of the data to minimise what you hold.

Related FAQs

In a situation where a building has a B1 EWS1 rating but the insurance companies are either refusing to quote or saying the cladding is a fire risk (due to the result of the intrusive survey for the EWS1 rating) and quadrupling insurance premium, is there anything that will help with this situation in the Building Safety Act or the secondary regulations when they come in or do you think it is something case law will have to address?

The amount an insurer charges for providing cover is a critical aspect of the underwriting process. The premium must be sufficient to cover expected claims but must also take into account the possibility that the insurer will have to access its capital reserve –it is risk assessment based and the greater the risk, the higher the premium. Historically, insurers of high-rise buildings would have only had to prepare for a loss caused by damage to just a few flats within a building. That is because the design and construction of that building, with the right materials and fire safety provisions in place, should have limited the spread of fire and allowed the damage to be contained –or at least make this an extremely low risk. Now we know that many buildings have been designed, built and signed off in a regulatory system that an independent Government review has found was not fit for purpose. Premiums will reduce overtime but will be dependent upon the perceived level of risk reducing as the regulatory regime, BSA and BSR become more established.

Last updated on 13th October, 2022

What will be the added cost to business of furloughing staff from 1 July 2021?

Similar to the position for claims between 1 August 2020 and 31 October 2020, for claims between 1 July 2021 and 30 September 2021 there will be a cost to businesses of furloughing staff, which will gradually increase until the scheme closes at the end of September as follows.

  • From 1 July 2021 employers will be required to contribute 10% of wages, with the Government contributing 70%.
  • From 1 August 2021, the employer contribution increases to 20% and the Government will contribute 60%.
  • 30 September 2021: scheme closes.

Employees will continue to receive 80% of their current wages, up to £2,500 a month.

 

Last updated on 2nd June, 2020

Do employers still have to enrol and reenrol employees?
  • Yes, and this includes furloughed employees under the Coronavirus Job Retention Scheme.
  • Employers must continue to assess their new employees or newly eligible existing employees and enrol them where required, but can make use of the statutory postponement procedure which allows them to delay for up to three months the assessment of new employees for the purpose of enrolment (see further details here on the Pensions Regulator’s website). Declarations of compliance for new employers must still be completed in the normal way.
  • Postponement cannot be used for re-enrolment. The Regulator recommends employers use the re-enrolment date tool on the Regulator’s website to choose a date up to three months after the third anniversary of enrolment to assess staff for re-enrolment. Further information about employers’ obligations about reenrolment from the Pensions Regulator can be found here. Re-declarations of compliance for new employers must still be completed in the normal way.

Last updated on 14th April, 2020

I’m a landlord. How do I comply with Regulation 36 of the Gas Safety Regulations 1998 during the coronavirus outbreak?

Under their obligations arising from Regulation 36 of the Gas Safety (Installation and Use) Regulations 1998, landlords must service domestic gas appliances on an annual basis and provide tenants with a record of the service within 28 days of that service. Failure to comply can result in prosecution by the Health and Safety Executive (HSE) or downgrading by the Regulator.

We know how important this is. But how can you comply with your obligations during the Covid-19 epidemic?

The latest restrictions on leaving the home, currently allow registered gas engineers to undertake essential work, whilst taking the appropriate precautions advised to avoid spreading or contracting the virus in a new setting.

Last updated on 27th March, 2020

How do I access the scheme?

Those who are eligible will be contacted directly by HMRC based on tax returns they have received. If you are eligible you will be asked to fill out an online application. HMRC will pay applicants directly.

Last updated on 31st March, 2020