How should an employer handle personal information in relation to NHS Test and Trace?
Employers will be collecting and sharing health information. Health information is sensitive and higher data protection standards apply. Here are a few key pointers.
- Update privacy notices to cover the new collection and sharing of employees’ information and provide these to the workforce. Be transparent and fair.
- Identify the legal basis and condition for use of this information and put any required paperwork in place. The ICO guidance will help. For some conditions such as the employment condition, an Appropriate Policy Document (APD) will be required. The ICO has an APD template.
- Only use the information for the purpose of managing the workforce during the pandemic.
- Only collect or share information if it’s necessary – if it’s a targeted and proportionate way of achieving your purpose.
- Make sure any health information collected and shared is accurate – there may be serious consequences if it’s not.
- Work out how long the information must be kept for. Keep a record of that period and act on it at the appropriate time.
- Security is very important – there may be malicious actors trying to trick employers and employees. Make sure employees know how to identify a genuine NHS Test and Trace contact. Keep the information secure. Use the ICO’s data sharing checklists** and keep a record of the disclosures made and why. Control external disclosures – only certain authorised members of staff should make them.
- Make sure individuals can still exercise their data protection rights – that’s also very important. Keep data protection records up-to-date and ensure any exports of personal information outside the UK are compliant.
- Before introducing employer-led testing like taking temperatures, thermal imaging or other potentially intrusive tests, work out if a data protection impact assessment (DPIA) is required. It will be if the intended processing is ‘high risk’. If it is, then carry out a full DPIA. It will help address the issues systematically and mitigate risks.
- All this demonstrates ‘accountability’ – it shows affected individuals and the ICO that the employer is complying with data protection requirements.
If you need further help, please visit the ICO’s data protection and coronavirus information hub or ask our data protection team.
** Please note that this link is to the ICO’s existing checklists and data sharing code of practice. We will update the link to the ICO’s new checklists after they are published.
Related FAQs
As discussed above, Covid-19 will inevitably deplete the workforce of housing providers in the foreseeable future. It would be prudent to consider making short-term policy changes to deal with this situation and manage the expectations of tenants going forward. A key policy change to consider is the extension of the standard lead-time for completing all non-urgent repairs and inform tenants of this change.
Such a change will also reduce pressure on landlords and front-facing staff.
As above, employers must protect the interests of their staff, particularly regarding health and safety. Extra care should be exercised when assessing the level of emergency of a repair on a case by case basis. All efforts should be made to reduce the number of attendances at properties by repair staff, whilst keeping all tenants safe.
As ever, communication is key – the pandemic cannot be used as a blanket excuse for abstaining from all duties and obligations. Housing providers must take a pragmatic approach in safeguarding customers whilst considering the interests of is workers. Maintaining lines of communication with all parties remains paramount.
Yes: The Cabinet Office has published a number of Procurement Policy Notes to provide instructions to Public Bodies to enable payments to continue to be made to at risk suppliers (and their supply chains) who have been affected by Covid-19. Copies of this guidance can be obtained from the Government website at: https://www.gov.uk/government/publications/procurement-policy-note-0220-supplier-relief-due-to-covid-19
Lenders implementing the Scheme can assist in a number of ways, including:
- Term loans
- Overdrafts
- Invoice finance
- Asset finance facilities
The maximum value available under the scheme is £5m, with repayment terms of up to six years for term loans and asset finance. Overdrafts and invoice finance facilities will be available for up to three years.
Parties are encouraged to review upcoming matters to assess the viability for there to be any agreement which can be reached in relation to the issues in dispute or to consider whether the case needs to proceed to a remote hearing. If directions or issues can be agreed between the parties, reducing the need for remote hearings, then that is the preferred option.
If you are eligible you will get a taxable grant of 80% of the average profits from the following tax years (where applicable):
2016-2017
2017-2018
2018-2019
HMRC will add the total profit in each of the three tax years (if applicable). This will then determine the monthly payment, subject to the cap of £2500.