How much data can I gather?
You also need to consider other aspects of data protection.
Be proportionate – only gather and use Covid-19 data where you need to.
Keep data to a minimum – you shouldn’t gather more data than you need. You need to know someone has Covid-19 but you don’t need to know all their symptoms. Data minimisation also applies to who gets access to the data. It’s unlikely that a spreadsheet, accessible to everyone updating them on the health status of all employees, would be appropriate. Data should be shared on a need to know basis. You need to balance the privacy of individuals against your duty of care to be responsible with regards to the data of your employees, visitors, customers and suppliers.
Keep it up to date – make sure you update data. People’s health status will change and if you keep a record of this, you need to make sure it is accurate and up to date (although this doesn’t mean you should batter individuals with constant requests for updates on health status. Again, be proportionate).
Identify individuals only when you need to – although you will need to know who has Covid-19, that doesn’t mean you need to tell everyone in the organisation. As soon as you can, you should remove personal data from any information you gather. For example, you might want to update employees on the health status of their fellow employees but you probably don’t need to name individuals and even if you feel it is necessary, you should keep the information you provide to a minimum. Removing personal identifiers in a document is also a good data security technique.
Keep the Covid-19 health data secure – Covid-19 data will be special category data and deemed high risk. This means that if you have a breach of this data you will need to notify it to the ICO. A breach could happen by someone losing a print-out of the names of Covid-19 employees, customers or visitors. It could also happen if you set access rights to lists of Covid-19 sufferers open to more people than need to know the information. The risk of ICO enforcement action increases with the potential harm the disclosure could cause. Although the ICO has indicated that it will be understanding about the impact of Covid-19 on normal operations, this doesn’t mean that they will not prosecute you if the breach is sufficiently serious.
Destroy the data once you don’t need it – Finally, of course, make sure that you delete data at the end of your needs. This might last longer than the pandemic, for example if you have an insurance claim or ongoing litigation. If you do need to keep it, consider whether or not you can delete some of the data to minimise what you hold.
Related FAQs
The Home Office has provided useful guidance on how to carry out a compliant Right to Work check using the temporary adjustments in place for Covid-19. In summary:
- You will need to ask the job applicant to send you digital copies of their original documents, for example by scan, photo or mobile app.
- Hold a video call with the job applicant and ask them to show their original documents on camera so you can check them against the digital copies you have already received.
- On the date you made the check, record that you have done this by using the following wording “adjusted check undertaken on [insert date] due to Covid-19”. Evidence of right to work checks still need to be held securely either in paper or electronic format.
- You can use the online RTW checking service where the job applicant has Biometric Residence Permit or pre-settled or settled status under the EU Settlement Scheme. You should do this whilst on the video call with the applicant/employee, and you must first obtain their permission to view their details on this scheme.
The Town and Country Planning (Use Classes) (Amendment) (England Regulations) 2020 were laid before Parliament and come into force on 1 September 2020. They apply in England only.
The changes include the revocation of the following Use Classes;
- A1 – shops
- A2 – financial and professional services
- A3 – restaurants and cafes
- A4 – drinking establishments
- A5 – hot food takeaways
- B1 – business. Also revoked are the sub parts of B1;
- B1(a) – offices
- B1(b) – research and development of products and processes
- B1(c ) – industrial process
- D1 – non residential institutions
- D2 – assembly and leisure
The changes include the amendment of the following Use Class;
- B2 (industry)
The changes include the introduction of the following Use Classes;
- E – commercial, business and service
- F.1 – learning and non-residential institutions
- F.2 – Local community
There are no changes to the following Use Classes;
- C1 – hotels, boarding and guest houses
- C2 – residential institutions
- C3 – dwellinghouses
- C4 – small HMO
From 1 September 2020;
- Small retail shops (not more than 280 sq metres net sales area) selling essential goods including food and at least 1 kilometre from another shop will cease being an A1 use and will become a F.2 (local community) use;
- Other A1 shops will become an E (commercial, business and service) use;
- A2 uses will become an E (commercial, business and service) use;
- A3 uses will become an E (commercial, business and service) use;
- A4 uses will not be in a Use Class, they will be sui generis, ie not in any use class;
- A5 uses will not be in a Use Class, they will be sui generis, ie not in any use class;
- B1 uses (included B1(a), B1 (b) and B1 (c) will become an E (commercial, business and service) use;
- B2 uses will either be B2 uses or will be Class E uses.
- Clinics, health centres, creches, day nurseries and day centres (previously D1 uses) will become an E (commercial, business and service) use;
- Schools, non residential education and training centres, museums, public libraries, public halls, exhibition halls, places of worship, law courts (previously D1 uses) will become an F.1 ( learning and non-residential institutions) use;
- Cinemas, concert halls, live music performance venues, bingo halls and dance halls (previously D2 uses) and will be sui generis, ie not in any use class;
- Gyms, indoor sport, recreation or fitness not involving motorised vehicles or firearms principally to visiting members of the public (previously D2 uses) will become an E (commercial, business and service) use;
- Hall or meeting place for the principal use of the local community (previously D2 uses) will become an F.2 (local community) use;
- Indoor or outdoor swimming baths, skating rinks, outdoor sports or recreation grounds (not involving motorised vehicles or firearms) (previously D2 uses) will become an F.2 (local community) use.
Changes of use within a Use Class do not constitute development. That being the case, provided the Order is applicable, its operation not having been restricted by planning condition, Agreement or Article 4 (1) Direction for example, planning permission would not be required, development as defined not happening. If legally binding confirmation is required that planning permission is not required this can only be obtained by way of a successful application for a Certificate of Lawfulness. In the absence of such, there is some risk.
It remains the case that planning permission may be required for operational works to buildings. It also remains the case that other consents and permissions may be necessary for example licenses. Furthermore amendments to leases may be required if the property is rented.
The Regulations additionally include transitional arrangements because of permitted development rights for changes of use in the Town and Country Planning (General Permitted Development) (England) Order amongst others. To respond to this Regulations introduce a ‘material period’ which is defined as meaning the period beginning 1 September 2020 and ending 31 July 2021. It is expected during the material period the Orders giving permitted development rights for changes for use which do constitute development will be amended / updated to reflect the new use classes.
Click here to view the Regulations.
The above is based on our understanding of the new Regulations at the time of issue and in advance of planning practice guidance being issued.
Under CBILS, for the purposes of calculating the applicant’s annual turnover, approved lenders have been aggregating turnover across the whole of the private equity investor’s portfolio meaning they failed to qualify for the scheme as they were deemed to exceed the £45 million threshold.
For private equity-backed businesses, the removal of the upper limit on annual turnover criteria for CLBILS seemingly avoids the issue of turnover aggregation across investment portfolios seen with the CBILS, potentially enabling more private equity sponsor portfolio companies to be able to access the CLBILS funding.
The Cabinet Office has published a helpful Procurement Policy Note (“PPN”) on relief available to suppliers due to Covid-19 (available here). This can include making advance payments to suppliers, if necessary. The PPN sets out actions that public sector bodies should take (until at least 30 June 2020) to ensure continuity of service and to ensure that its suppliers can resume normal contract activity once able to.
The actions public sector bodies should be taking include:
- Informing its suppliers (that they believe are at risk) that they will continue to be paid as normal until the end of June 2020 (even if service delivery is currently interrupted). Risk might include supply chains collapsing and/or significant financial implications for a supplier
- If a contract involves a payment by results mechanism, basing payments on previous months (e.g. the average monthly payment over the previous 3 months), and
- Ensuring that invoices submitted by suppliers are paid immediately to maintain cash flow in the supply chain and help to protect jobs.
If you are a supplier to a public sector body, you must act transparently and on an open-book basis, making cost data available to your public sector clients. You must also continue to pay your employees and subcontractors / suppliers. Suppliers to the public sector must not expect to make profits on any undelivered elements of a contract. The PPN makes clear that, should suppliers be found to be taking undue advantage, or failing to act transparently, a public sector body can take action to recover payments made to that supplier.
The PPN requires public sector bodies to urgently review their contract portfolios and take steps to support suppliers who they believe are “at risk”. However, no definition of “at risk” is given in the document. We would suggest that if you are a supplier and you have yet to hear from a public sector client, you should seek to get in touch with them as soon as possible, particularly if you have concerns about your supply chain, staff retention and/or are experiencing financial difficulties currently. Given the requirement for transparency, you may be required to provide evidence, so it may be helpful to have any relevant documentation ready to send, if necessary, as this may help ensure a decision is made by the public sector client more promptly, particularly as the public sector body may have a number of contracts to consider.
The only potential negatives are the potential for MHFAs to become overloaded, or for MHFAs to overstep the boundaries of their role. Both would be avoided if a suitable framework is in place around them, and if adequate ongoing support and training is provided.