How much data can I gather?
You also need to consider other aspects of data protection.
Be proportionate – only gather and use Covid-19 data where you need to.
Keep data to a minimum – you shouldn’t gather more data than you need. You need to know someone has Covid-19 but you don’t need to know all their symptoms. Data minimisation also applies to who gets access to the data. It’s unlikely that a spreadsheet, accessible to everyone updating them on the health status of all employees, would be appropriate. Data should be shared on a need to know basis. You need to balance the privacy of individuals against your duty of care to be responsible with regards to the data of your employees, visitors, customers and suppliers.
Keep it up to date – make sure you update data. People’s health status will change and if you keep a record of this, you need to make sure it is accurate and up to date (although this doesn’t mean you should batter individuals with constant requests for updates on health status. Again, be proportionate).
Identify individuals only when you need to – although you will need to know who has Covid-19, that doesn’t mean you need to tell everyone in the organisation. As soon as you can, you should remove personal data from any information you gather. For example, you might want to update employees on the health status of their fellow employees but you probably don’t need to name individuals and even if you feel it is necessary, you should keep the information you provide to a minimum. Removing personal identifiers in a document is also a good data security technique.
Keep the Covid-19 health data secure – Covid-19 data will be special category data and deemed high risk. This means that if you have a breach of this data you will need to notify it to the ICO. A breach could happen by someone losing a print-out of the names of Covid-19 employees, customers or visitors. It could also happen if you set access rights to lists of Covid-19 sufferers open to more people than need to know the information. The risk of ICO enforcement action increases with the potential harm the disclosure could cause. Although the ICO has indicated that it will be understanding about the impact of Covid-19 on normal operations, this doesn’t mean that they will not prosecute you if the breach is sufficiently serious.
Destroy the data once you don’t need it – Finally, of course, make sure that you delete data at the end of your needs. This might last longer than the pandemic, for example if you have an insurance claim or ongoing litigation. If you do need to keep it, consider whether or not you can delete some of the data to minimise what you hold.
Related FAQs
Transparency is considered to be central to the philosophy of the COP. The guidance provides details on issues concerning transparency of proceedings and involvement/attendance of P. Whilst there will be some difficulties with ensuring that remote hearings are accessible to the public as an ‘open court’, provisions have been made for the continued presence of the press where the facilities can accommodate this.
The application is made via the Companies House website, and only takes a few minutes to complete. Companies House have indicated that the extension is “automatic and immediate” and will be for three months.
Having said that the extension is “automatic”, their website also says that Companies that have already extended their filing deadline, or shortened their accounting reference period, may not be eligible for an extension.
If an extension is granted, it will not affect the due date for filing accounts in future years – so the deadline will revert to the usual date for the next accounting period.
Where a development is considered to be “EIA development” (being development where an Environmental Impact Assessment or Environmental Statement is required to be submitted) there are additional statutory publicity and notice requirements over and above the requirements for a standard planning application. Regulations usually require that the environmental statement is to be made available for inspection by the public at all reasonable hours at an address in the locality for a period of at least 30 days. Copies of the environmental statement are also to be made available for people to take away from that address. This clearly requires physical copies to be available at a specified location for a prolonged period of time, which may prove problematic during the current health crisis.
New regulations came into effect on 14 May 2020 which will temporarily suspend the above requirements and will instead require the Environmental Statement to be available for inspection online. The applicant must however provide a certificate to the Local Planning Authority stating what steps have been undertaken to bring the application (and the Environmental Statement) to the attention of people who are likely to have an interest and why it considers that such steps were reasonable.
It could be possible depending on your contract. If there is no force majeure clause in a contract, it may be possible that the contract may have been “frustrated” by emergency legislation. In legal terms, a contract can be frustrated where an event occurs after it is entered into which was not contemplated by any party at the outset, is not due to the fault of any party, and which makes the performance of the contract impossible.
If this is the case, the contract could be “discharged”, meaning that the parties’ obligations under the contract are no longer binding.
It is possible that a contract could be frustrated within this particular legal doctrine by a change in the law that makes performance of a contract illegal. However, if it simply becomes more difficult, or more expensive, then the legal tests for frustration might not be satisfied. There are also limits to the application of the rule if the frustrating event was already known about at the time the contracted was entered into.
Again, careful legal advice will be required at an early stage. The rules about force majeure or frustration might help businesses that find themselves unable to perform a contract because of the coronavirus outbreak.
Any new contracts that are concluded should expressly deal with the possibility that performance might become more difficult, more costly, or impossible to perform.
An amendment to the Civil Procedure Rules’ Practice Directions has been approved by the Master of the Rolls and the Lord Chancellor on 1 April 2020, and is now Practice Direction 51ZA. This has the effect of allowing the parties to extend by prior written agreement up to a maximum of 56 days (rather than the usual 28 days detailed at CPR 3.8(4)) any rule, practice direction or order provided that any extension does not put at risk any hearing date. This Practice Direction will cease to have effect on 30 October 2020.
Additionally each regions’ Designated Civil Judge (DCJ) has issued a Covid-19 Protocol. There are some minor variations between the regions, but overall the guidance is very similar.
In Northumbria, Durham and Teesside the DCJ guidance for multi-track cases provides that “The parties are at liberty to extend, by consent, any step in the timetable up to a maximum of 90 days (as opposed to the present limit of 28 days)” and the Court does not need to be notified if the Trial date is not effected. Where Trial windows are likely to be impacted due to Covid-19 and the parties are in agreement to extending this, a letter can be sent to the Court with a draft order proposing a new timetable, including a new trial window and agreed availability within the trial window.
The same guidance also confirms that an electronic signature on all documents including witness statements and disclosure statements will suffice.