How should an employer handle personal information in relation to NHS Test and Trace?
Employers will be collecting and sharing health information. Health information is sensitive and higher data protection standards apply. Here are a few key pointers.
- Update privacy notices to cover the new collection and sharing of employees’ information and provide these to the workforce. Be transparent and fair.
- Identify the legal basis and condition for use of this information and put any required paperwork in place. The ICO guidance will help. For some conditions such as the employment condition, an Appropriate Policy Document (APD) will be required. The ICO has an APD template.
- Only use the information for the purpose of managing the workforce during the pandemic.
- Only collect or share information if it’s necessary – if it’s a targeted and proportionate way of achieving your purpose.
- Make sure any health information collected and shared is accurate – there may be serious consequences if it’s not.
- Work out how long the information must be kept for. Keep a record of that period and act on it at the appropriate time.
- Security is very important – there may be malicious actors trying to trick employers and employees. Make sure employees know how to identify a genuine NHS Test and Trace contact. Keep the information secure. Use the ICO’s data sharing checklists** and keep a record of the disclosures made and why. Control external disclosures – only certain authorised members of staff should make them.
- Make sure individuals can still exercise their data protection rights – that’s also very important. Keep data protection records up-to-date and ensure any exports of personal information outside the UK are compliant.
- Before introducing employer-led testing like taking temperatures, thermal imaging or other potentially intrusive tests, work out if a data protection impact assessment (DPIA) is required. It will be if the intended processing is ‘high risk’. If it is, then carry out a full DPIA. It will help address the issues systematically and mitigate risks.
- All this demonstrates ‘accountability’ – it shows affected individuals and the ICO that the employer is complying with data protection requirements.
If you need further help, please visit the ICO’s data protection and coronavirus information hub or ask our data protection team.
** Please note that this link is to the ICO’s existing checklists and data sharing code of practice. We will update the link to the ICO’s new checklists after they are published.
Related FAQs
The courts are seeking to adapt to our new circumstances and have urgently been looking to introduce new ways of working. The courts have been testing out different ways of holding court hearings. The advice is changing almost daily and some courts have been developing local practices. Going forward the court, the parties and their representatives will need to be more proactive about all forthcoming hearings.
Everyone involved in the case is to consider as far ahead as possible how future hearings should best be undertaken and work collaboratively. It will normally be possible for all short, interlocutory, or non-witness, applications to be heard remotely. Some witness cases will also be suitable for remote hearings. The parties just need to ensure that everyone involved can use the technology suggested.
The courts have been looking at and held remote hearings using, non-exhaustively, BT conference call, Skype for Business, court video link, BT MeetMe, Zoom and ordinary telephone call. Bundles for the hearing will be prepared and circulated electronically.
If the hearing cannot be held remotely because the parties do not have the requisite technology or the length of the hearing combined with the number of parties or overseas parties, representatives and/or witnesses make it undesirable to go ahead with a hearing in court at the current time, then it may be that the case will need to be adjourned. We are hearing of trials being adjourned and that they will not be re-listed before at least September.
HMCTS has advised that several priority courts will remain open during the coronavirus pandemic to make sure the justice system continues to operate effectively. It publishes a daily operational update from the courts and they aim to update it by 9am. The link is https://www.gov.uk/guidance/hmcts-daily-operational-summary-on-courts-and-tribunals-during-coronavirus-covid-19-outbreak.
Also, the courts have circulated a civil listing priority list with Priority 1 listing work which must be done and which includes injunctions, any applications in cases listed for trial in the next three months, any applications where there is a substantial hearing listed in the next month and all Multi Track hearings where parties agree that it is urgent.
In the Priority 2 list, which consists of hearings which could be done, are enforcement of trading contracts, trial involving the survival of a business or the insolvency of an individual, small and fast track trials where the parties say they are urgent, and appeal in these kinds of cases.
Similarly, in arbitration proceedings, the parties and arbitrators are being encouraged to utilise technology to make sure that hearings take place. We have heard of Zoom being used very successfully for multi-party proceedings.
Where a development is considered to be “EIA development” (being development where an Environmental Impact Assessment or Environmental Statement is required to be submitted) there are additional statutory publicity and notice requirements over and above the requirements for a standard planning application. Regulations usually require that the environmental statement is to be made available for inspection by the public at all reasonable hours at an address in the locality for a period of at least 30 days. Copies of the environmental statement are also to be made available for people to take away from that address. This clearly requires physical copies to be available at a specified location for a prolonged period of time, which may prove problematic during the current health crisis.
New regulations came into effect on 14 May 2020 which will temporarily suspend the above requirements and will instead require the Environmental Statement to be available for inspection online. The applicant must however provide a certificate to the Local Planning Authority stating what steps have been undertaken to bring the application (and the Environmental Statement) to the attention of people who are likely to have an interest and why it considers that such steps were reasonable.
Hosted by NewcastleGateshead Initiative, Partners Damien Charlton and Jane Garvin discussed in this webinar contracts, managing supply chains and the role of directors, with a particular focus on cancellation of events and businesses in the tourism and hospitality sector.
You can find a recording of the webinar from NGI here.
Any hearings attended in person will need to be approved by the judge hearing the matter, if necessary, in consultation with the regional lead COP judge. Such requests are highly unlikely to be granted during COVID-19 unless there is a genuine urgency. However, it is deemed to be appropriate matters are likely to be adjourned on the basis that a remote hearing is not possible and a hearing in person is not safe or possible.
Yes. Their contracts can be renewed or extended during the furlough period without breaking the terms of the scheme.
If the employee’s contract has not already expired, the contract can be extended or renewed. The employee may be furloughed provided that they were employed on or before 30 October 2020. You must also have made a RTI submission to HMRC between 20 March 2020 and 30 October 2020.
If the employee’s contract expired on or after 23 September 2020, the employee can be re-employed and furloughed. Please note that the employee must have been employed by you on 23 September 2020 and you must have made a RTI submission to HMRC between 20 March 2020 and 30 October 2020.