Skip to content
Menu

Home FAQs How should an employer handle personal information in relation to NHS Test and Trace?

How should an employer handle personal information in relation to NHS Test and Trace?

Employers will be collecting and sharing health information. Health information is sensitive and higher data protection standards apply. Here are a few key pointers.

  • Update privacy notices to cover the new collection and sharing of employees’ information and provide these to the workforce. Be transparent and fair.
  • Identify the legal basis and condition for use of this information and put any required paperwork in place. The ICO guidance will help. For some conditions such as the employment condition, an Appropriate Policy Document (APD) will be required. The ICO has an APD template.
  • Only use the information for the purpose of managing the workforce during the pandemic.
  • Only collect or share information if it’s necessary – if it’s a targeted and proportionate way of achieving your purpose.
  • Make sure any health information collected and shared is accurate – there may be serious consequences if it’s not.
  • Work out how long the information must be kept for. Keep a record of that period and act on it at the appropriate time.
  • Security is very important – there may be malicious actors trying to trick employers and employees. Make sure employees know how to identify a genuine NHS Test and Trace contact. Keep the information secure. Use the ICO’s data sharing checklists** and keep a record of the disclosures made and why. Control external disclosures – only certain authorised members of staff should make them.
  • Make sure individuals can still exercise their data protection rights – that’s also very important. Keep data protection records up-to-date and ensure any exports of personal information outside the UK are compliant.
  • Before introducing employer-led testing like taking temperatures, thermal imaging or other potentially intrusive tests, work out if a data protection impact assessment (DPIA) is required. It will be if the intended processing is ‘high risk’. If it is, then carry out a full DPIA. It will help address the issues systematically and mitigate risks.
  • All this demonstrates ‘accountability’ – it shows affected individuals and the ICO that the employer is complying with data protection requirements.

If you need further help, please visit the ICO’s data protection and coronavirus information hub or ask our data protection team.

** Please note that this link is to the ICO’s existing checklists and data sharing code of practice. We will update the link to the ICO’s new checklists after they are published.

Related FAQs

What should I do if the contractor is in suspected financial difficulty?

In the event that the contractor is displaying one or more of the above signs, then it is worth considering the following actions to protect the employer’s position as far as possible:

  • Closely monitor the financial and on-site performance of the contractor in order to assess the likelihood and timing of potential insolvency
  • Ensure all bonds, guarantees and collateral warranties have been obtained under the building contract, and if not take steps to obtain them immediately
  • Consider the terms of any guarantees to ensure that the guarantor’s obligations are not inadvertently discharged
  • Bonds may require adjudication to have been commenced (or even completed) prior to insolvency so as not to be stayed pursuant to insolvency laws
  • Carry out an audit of the on-site plant, equipment and materials, and evidence this (for example with photographs and written records)
  • Ensure that copies of all relevant documentation have been obtained, for example drawings, specifications and anything required to comply with CDM requirements. If not, take steps to obtain these
  • Review the payment position under the building contract, including whether any over payments have been made to the contractor which should be reclaimed, what retention is held or has been released, whether any payment notices may be necessary, and whether there are rights of set-off which should be exercised
  • Check whether the involvement of any third party is required, for example funders, landlords, tenants or purchasers who may have rights in relation to the building contract and how it is administered
  • Review the terms of the building contract relating to contractor insolvency – hopefully the parties will be fully aware of the building contract terms and have been administering it correctly to date, but if it has been hiding in a draw then now would be a good time to dust it off and ensure familiarity with the relevant provisions!

In general. there is often a stick or twist decision.  If the employer chooses to financially support the contractor (for example by agreeing different payment arrangements), this may help to keep the contractor solvent and more likely to complete the project, but it also exposes the employer to greater risk if the approach is not successful.  Conversely, withholding payments  from the contractor may make insolvency a self-fulfilling prophecy.  The precise advantages and disadvantages of the approach will be dependent on the specific circumstances of each case.

Last updated on 28th March, 2020

Can employees on fixed-term contracts be furloughed?

Yes. Their contracts can be renewed or extended during the furlough period without breaking the terms of the scheme.

If the employee’s contract has not already expired, the contract can be extended or renewed. The employee may be furloughed provided that they were employed on or before 30 October 2020. You must also have made a RTI submission to HMRC between 20 March 2020 and 30 October 2020.

If the employee’s contract expired on or after 23 September 2020, the employee can be re-employed and furloughed. Please note that the employee must have been employed by you on 23 September 2020 and you must have made a RTI submission to HMRC between 20 March 2020 and 30 October 2020.

 

Last updated on 6th April, 2020

Can those on sick leave or who have been advised to self-isolate be furloughed?

If an employee is self-isolating (as a result of the pandemic) they may be entitled to SSP. Employers should not furlough employees in this category just because of their absence, but they can furlough if there are genuine business reasons for doing so and other eligibility requirements are met. In these cases the employees should no longer receive sick pay and they would be classified as furloughed.

The guidance has specified that those on long term sick leave or who are ‘shielding’ for 12 weeks in line with public health guidance can also be furloughed. But it is important that you clarify that they do fall in the category of extremely vulnerable (https://www.gov.uk/government/publications/guidance-on-shielding-and-protecting-extremely-vulnerable-persons-from-covid-19). It is up to employers to decide whether to furlough employees who are shielding or on long-term sick leave.

You can claim from the CJRS and also for the two week SSP rebate scheme (see below) for the same employee but not for the same period of time. Therefore if you have a furloughed employee who becomes ill and you subsequently move them to SSP you cannot claim the furlough rate of pay. If you keep the employee on the furloughed rate you can continue to claim this under CJRS.

Last updated on 14th April, 2020

If a member of staff does not inform me that they ought to be self-isolating will I still be liable for a fine?

Potentially no.

If an employer is not put on notice that the circumstances of a worker or agency worker are such that they ought to be self-isolating, by either the worker or agency worker themselves or another member of staff, then there ought to be a reasonable excuse, and potentially, no fixed penalty notice will be issued.

Last updated on 29th September, 2020

Will funding audits continue during the coronavirus pandemic?

Funding audits are being paused and no new audits will be commenced during the lockdown period.

Last updated on 7th April, 2020