How should an employer handle personal information in relation to NHS Test and Trace?
Employers will be collecting and sharing health information. Health information is sensitive and higher data protection standards apply. Here are a few key pointers.
- Update privacy notices to cover the new collection and sharing of employees’ information and provide these to the workforce. Be transparent and fair.
- Identify the legal basis and condition for use of this information and put any required paperwork in place. The ICO guidance will help. For some conditions such as the employment condition, an Appropriate Policy Document (APD) will be required. The ICO has an APD template.
- Only use the information for the purpose of managing the workforce during the pandemic.
- Only collect or share information if it’s necessary – if it’s a targeted and proportionate way of achieving your purpose.
- Make sure any health information collected and shared is accurate – there may be serious consequences if it’s not.
- Work out how long the information must be kept for. Keep a record of that period and act on it at the appropriate time.
- Security is very important – there may be malicious actors trying to trick employers and employees. Make sure employees know how to identify a genuine NHS Test and Trace contact. Keep the information secure. Use the ICO’s data sharing checklists** and keep a record of the disclosures made and why. Control external disclosures – only certain authorised members of staff should make them.
- Make sure individuals can still exercise their data protection rights – that’s also very important. Keep data protection records up-to-date and ensure any exports of personal information outside the UK are compliant.
- Before introducing employer-led testing like taking temperatures, thermal imaging or other potentially intrusive tests, work out if a data protection impact assessment (DPIA) is required. It will be if the intended processing is ‘high risk’. If it is, then carry out a full DPIA. It will help address the issues systematically and mitigate risks.
- All this demonstrates ‘accountability’ – it shows affected individuals and the ICO that the employer is complying with data protection requirements.
If you need further help, please visit the ICO’s data protection and coronavirus information hub or ask our data protection team.
** Please note that this link is to the ICO’s existing checklists and data sharing code of practice. We will update the link to the ICO’s new checklists after they are published.
Related FAQs
If you consider the factors used to determine status you can include the following terms that are more in line with a self-employed relationship:
- The right to provide a substitute of the contractor’s choice in the event the individual is not able to perform the services;
- The ability to work for other businesses as long as doing so will not affect the services to be provided by the contractor;
- The contractor should have sufficient control over how, when and where (if possible) they provide the services;
- A degree of financial risk can be included for unsatisfactory work or failing to complete a project or task
We have terms that cover all of these points that can be tailored to your needs. The consultancy agreement is included in our IR35 toolkit.
After 25 March 2020, and until 30 September 2020, a landlord can only start possession proceedings against a tenant if they have served 3 months’ notice upon the tenant – irrespective of any grounds relied upon.
On 27 March 2020, the Court introduced new rules to put all possession proceedings (except against trespassers) on hold until 25 June 2020 – it means that the Court cannot make an order for possession or any other order that would cause someone to be evicted during that time.
These rules do not just apply to tenants who have fallen into rent arrears.
On 5 June 2020, the Government announced that this stay would be extended further until 23 August 2020.
This means that you can issue new possession proceedings (provided you have complied with the new temporary rules in relation to notice periods, if the notice was served since 25 March 2020) and you can continue with existing possession proceedings.
However, any progress you may be able to make in dealing with those proceedings is likely to be very limited – the Court will allow you to comply with directions orders that have already been made but non-compliance will not be punished (at least for the time being).
These rules, and the latest announcements, are in keeping with the Government’s expectation that landlords show compassion towards affected tenants and that all parties will work together to establish a suitable repayment plan to allow tenants to repay the arrears at an affordable rate.
This will be dependent upon the how the leasehold structure is set up for each relevant building, but it may be the local authority. We would be happy to provide further advice in relation to specific buildings if you contact us separately with the relevant details and documents.
The best advice is that parties should proceed as they would have done before the crisis began.
Because they all have devolved governments, when there are changes to spending levels in England, the Government makes adjustments to the amount of public expenditure allotted to Scotland, Wales and Northern Ireland. In this case £60 million will be made available for all of the devolved administrations as a result of the £370 million funding allocated to charities in England. This is broken down as follows:
- £30 million for the Scottish Government
- £20 million for Welsh Government
- £10 million for the Northern Ireland Executive
There may be further allocations, dependent on the final projects funded, through the £360 million direct grant pot.