Preparing for April 2021 – what do you need to do?

State aid rules are contained in the Treaty on the Functioning of the European Union (previously referred to as the Treaty of Rome). The State aid rules prohibit the use of state resources, or any public support with an economic value, which given selectively has the capacity to distort trade by favouring certain undertakings, or the production of certain goods, and which has the potential to affect trade between Member States. Where aid is present it must not be granted unless it has been specifically approved in advance by the European Commission or benefits from a general exemption to the rules.

In general, the rules apply to all State actions which might assist businesses including:

• Grants
• “Soft” loans
• Selling to business at an undervalue
• Buying from business at an overvalue

Employers will be collecting and sharing health information. Health information is sensitive and higher data protection standards apply. Here are a few key pointers.

• Update privacy notices to cover the new collection and sharing of employees’ information and provide these to the workforce. Be transparent and fair.
• Identify the legal basis and condition for use of this information and put any required paperwork in place. The ICO guidance will help. For some conditions such as the employment condition, an Appropriate Policy Document (APD) will be required. The ICO has an APD template.
• Only use the information for the purpose of managing the workforce during the pandemic.
• Only collect or share information if it’s necessary – if it’s a targeted and proportionate way of achieving your purpose.
• Make sure any health information collected and shared is accurate – there may be serious consequences if it’s not.
• Work out how long the information must be kept for. Keep a record of that period and act on it at the appropriate time.
• Security is very important – there may be malicious actors trying to trick employers and employees. Make sure employees know how to identify a genuine NHS Test and Trace contact. Keep the information secure. Use the ICO’s data sharing checklists** and keep a record of the disclosures made and why. Control external disclosures – only certain authorised members of staff should make them.
• Make sure individuals can still exercise their data protection rights – that’s also very important. Keep data protection records up-to-date and ensure any exports of personal information outside the UK are compliant.
• Before introducing employer-led testing like taking temperatures, thermal imaging or other potentially intrusive tests, work out if a data protection impact assessment (DPIA) is required. It will be if the intended processing is ‘high risk’. If it is, then carry out a full DPIA. It will help address the issues systematically and mitigate risks.
• All this demonstrates ‘accountability’ – it shows affected individuals and the ICO that the employer is complying with data protection requirements.

If you need further help, please visit the ICO’s data protection and coronavirus information hub or ask our data protection team.

** Please note that this link is to the ICO’s existing checklists and data sharing code of practice. We will update the link to the ICO’s new checklists after they are published.

CEST stands for Check Employment Status for Tax and, although this should do exactly what is says on the tin, there has been criticism of its accuracy and effectiveness. The CEST tool does not test whether there is ‘mutuality of obligation’ in the relationship which is a key factor in determining status.

You are not obliged to use CEST if you are happy with your own assessment process. If you do use CEST keep a record of the certificate given at the end of the assessment and keep this on the contractor’s file. HMRC will stand by the outcome of a CEST assessment provided the information has been honest and accurate. However, you must have entered information honestly to rely on it – you can’t just say what you want to get the right answer, as HMRC may test what you have said.  Also, many people are unhappy with the CEST tool and consider it leans too much towards employed status.

It is almost impossible to completely guard against the risks associated with contractor insolvency, but there are some steps which can assist in mitigating and managing the risks involved.   To be in the best possible position, it is worth considering the following at the outset of any project:

• Check the contractor’s financial position – particularly the specific company which will enter into the building contract, as the employer’s rights will be against this company rather than the business as a whole
• Take legal advice to ensure that the building contract is properly drafted with appropriate provisions to deal with an insolvency event
• Consider requiring a performance bond and/or parent company guarantee (each serve slightly different purposes)
• Obtain collateral warranties from the consultants and sub-contractors involved, so that there are contractual rights against other parties if the contractor is no longer able to meet claims
• Consider requiring retention bonds, advance payment bonds or vesting certificates if necessary
• Project bank accounts and escrow accounts can also provide some further assurances for the parties involved

Transparency is considered to be central to the philosophy of the COP. The guidance provides details on issues concerning transparency of proceedings and involvement/attendance of P. Whilst there will be some difficulties with ensuring that remote hearings are accessible to the public as an ‘open court’, provisions have been made for the continued presence of the press where the facilities can accommodate this.