How should an employer handle personal information in relation to NHS Test and Trace?
Employers will be collecting and sharing health information. Health information is sensitive and higher data protection standards apply. Here are a few key pointers.
- Update privacy notices to cover the new collection and sharing of employees’ information and provide these to the workforce. Be transparent and fair.
- Identify the legal basis and condition for use of this information and put any required paperwork in place. The ICO guidance will help. For some conditions such as the employment condition, an Appropriate Policy Document (APD) will be required. The ICO has an APD template.
- Only use the information for the purpose of managing the workforce during the pandemic.
- Only collect or share information if it’s necessary – if it’s a targeted and proportionate way of achieving your purpose.
- Make sure any health information collected and shared is accurate – there may be serious consequences if it’s not.
- Work out how long the information must be kept for. Keep a record of that period and act on it at the appropriate time.
- Security is very important – there may be malicious actors trying to trick employers and employees. Make sure employees know how to identify a genuine NHS Test and Trace contact. Keep the information secure. Use the ICO’s data sharing checklists** and keep a record of the disclosures made and why. Control external disclosures – only certain authorised members of staff should make them.
- Make sure individuals can still exercise their data protection rights – that’s also very important. Keep data protection records up-to-date and ensure any exports of personal information outside the UK are compliant.
- Before introducing employer-led testing like taking temperatures, thermal imaging or other potentially intrusive tests, work out if a data protection impact assessment (DPIA) is required. It will be if the intended processing is ‘high risk’. If it is, then carry out a full DPIA. It will help address the issues systematically and mitigate risks.
- All this demonstrates ‘accountability’ – it shows affected individuals and the ICO that the employer is complying with data protection requirements.
If you need further help, please visit the ICO’s data protection and coronavirus information hub or ask our data protection team.
** Please note that this link is to the ICO’s existing checklists and data sharing code of practice. We will update the link to the ICO’s new checklists after they are published.
Related FAQs
The Chief Coroner adopts the approach taken by the Lord Chief Justice in that no physical hearing should take place unless it is urgent and essential business, and it is safe for all involved. If a hearing is to take place, social distancing must be maintained. All hearings that can take place remotely should do so, if it is not possible for social distancing requirements to be met. The expectation is that some hearings will go ahead, most notably Rule 23 hearings. Coroners are reminded that they must however conduct any remote hearings from a court. Decisions as to the most appropriate approach will be left to the senior coroner in that jurisdiction.
As we have already seen, some inquests will be adjourned, most notably those with multiple witnesses and/or a jury.
The guidance stresses the need, when dealing with medical professionals, for coroners to recognise their primary clinical commitments, particularly in these high-pressured times. This could mean avoiding or deferring requests for lengthy reports/ statements and accommodating clinical commitments if clinicians are called as witnesses.
The guidance encourages proactive reviews of outstanding responses to Prevention of Future Death reports and extending timescales for Trusts to respond.
These periods are often mistakenly referred to as minimum lengths of consultation (especially by Trade Unions). That is not correct. Consultation can commence, conclude and notices of dismissal be issued within the 30 and 45 day periods. The expiry of the notice would just have to be outside of those restricted periods.
If you don’t want to make redundancies, or if you can’t reduce employee resource, either in a particular department or across the workforce as a whole, then you need to think about alternatives to redundancy.
Equally, you may want to flex the resource you have available to you – without making drastic changes. For example you may want to consider:
- unpaid leave and sabbaticals
- retraining and redeploying
- forcing annual leave
- flexible working
- capability issues
- lay off
- short time working
- reductions in salary
- reductions in working hours
- changing to shift working
An employee can refuse to attend work but their refusal to do so will have to be based on a reasonable belief that their health and safety is in danger. Whether or not their refusal is reasonable will take into consideration factors such as the employee’s own health and whether they are at a higher risk of becoming seriously ill if they contract Covid-19 and the steps their employer has out in place to mitigate the danger of contracting Covid-19 at work.
In such circumstances where the employee’s belief is deemed to be reasonable, they will be entitled to stay at home and receive full pay.
If an employee is subsequently dismissed for refusing to attend work in these circumstances, they may be able to bring a claim for unfair dismissal.
Remote mediations have become increasingly popular as a way of settling a dispute before it goes to court. There are a number of ways in which you can mediate remotely, but the most common platform is Zoom, due to its easy-to-use nature and the ability to have ‘break-out rooms’. We have answered some FAQs and set out a quick guide to remote mediations below.
What is remote mediation?
- Mediation is a form of assisted negotiation, in which a neutral 3rd party mediator seeks to help the parties resolve their dispute. The process on the day is managed by the mediator and adopts certain key ground-rules. These are that discussions are private and cannot be referred to in court; and the process is entirely voluntary and non-binding, if and until a settlement is finalised. In the current pandemic mediations are now usually conducted remotely by video conference, instead of an in-person meeting.
- The structure of the mediation will depend on the matters that are in dispute. Before the mediation the parties will exchange their views in position papers and prepare a bundle of the key documents.
- Generally the parties will start the mediation in the same ‘room’ as the mediator, where they will be invited to set out their positions. The mediator will then put the parties into ‘break-out rooms’. These rooms serve as your own private ‘room’ which the mediator will join. You will therefore be able to have private discussions with the mediator without the other side being able to hear those discussions. The mediator will go between the ‘break-out rooms’ to discuss a party’s position further in order to attempt to reach a settlement.
- If an agreement is reached, at the end of the mediation the Settlement Agreement will be drafted. The Settlement Agreement works as an enforceable contract. The Settlement Agreement will outline the details of what has been agreed and the intentions of the parties, such as any actions required, payments to be made and appropriate timescales. Each party will sign the Settlement Agreement, which can be done electronically.
- It is not always possible to reach a resolution/agreement by mediation, but the mediator serves as an impartial third party in order to aid the process. If no agreement has been reached, the mediation may still prove useful as it will give you a better understanding of the other side’s position.
What should I do before the mediation to prepare?
- Ensure that you are in an area with minimal distractions. Mediation is a confidential process, so make sure that you are in a private location.
- Ensure that your microphone and camera work and that you have access to the online platform that will be used. We send our clients a link to the website in advance so that this can be tested out.
- Consider any agreed dress code and dress appropriately.
- Have a copy of the mediation bundle to hand, whether in hard or soft copy, and be aware of what documents are in there.
Any tips on what to do on the day?
- Remember to make sure that before you have any private conversations with the mediator you are in your break-out room.
- You may contact the mediator whilst being in the break-out room. On Zoom there is an ‘Ask for Help’ button on the screen. The mediator will then be prompted to join your room.
- Ensure that you inform the mediator if you or others enter/leave the room. It is important that the mediator knows who is present.
- Be mindful of body language and facial expressions as these can appear more enhanced on the screen, and they are easier to pick up in a remote mediation.
- Stay calm and focussed at all times. When you have a dispute it is sometimes tricky to maintain a calm manner, but this is always vital in attempting to reach an agreement.
- When engaging with the mediator avoid any external distractions such as text messages and emails, as it may come across that you are not interested in the process. It is important to pay attention so that you do not miss any dialogue which may be key to any agreement that is reached.
- When you are in the break-out room without the mediator make sure that you take breaks and keep refreshed, as virtual mediations can be tiring.