Should I have a homeworking policy?
If organisations don’t have a formal home working policy, then they should set out, as soon as possible, in clear terms, what is expected of employees from a data protection perspective when working from home. These might include:
- If someone is using their own device for remote working, ensuring that any devices that hold work-related information have up-to-date anti-virus software and that broadband connections have properly configured firewalls
- Reminding staff to contact the organisation’s IT department if they encounter any issues with home working, and not to try and resolve any issues themselves
- Reminding staff that they should notify relevant individuals within the organisation if they consider that there might have been a personal data breach. A breach will still be notifiable even if it does occur at home during the pandemic. These should be logged by the organisation in their data breach log in the normal way
- Ensuring staff lock their devices whenever they are not using them
- Where possible, working in a separate part of the home to family members
- Ensuring confidentiality of information – advising staff not to have phone calls where others are likely to hear the conversation. This might mean moving to a different room, closing the door, or arranging a call for a more convenient time. If employees have smart speakers, you may want to consider advising them to either turn these off, if they are working in the same room as it, or work in a different room
- Wherever possible, avoid taking hard copy documents home, and, if papers are taken home, never placing those papers in a bin or using a home shredder – any such papers should be shredded back at the office in the usual way
- Locking any papers in a safe place
- Not using social media platforms (unless already used and permitted by the organisation) to discuss work matters
- Advising extra caution with incoming emails as at times such as this there may be an increased risk of fraud, email hacking, spear phishing etc.
- Avoiding information being sent to personal email accounts (for example, so it can then be printed at home)
- Reminding staff of your organisation’s Information Security policies, procedures and protocols. These could be emailed to all staff working from home or they could be directed to such documents on the organisation’s intranet, for example
Organisations should also ensure that their remote access systems can cope with increased demand.
Whilst the ICO appreciates the unprecedented nature of this pandemic, it does not mean that organisations can forget about their obligations as controllers of personal data. If a major data security breach were to happen, there is still the possibility of enforcement action where the organisation didn’t put in place good risk mitigation measures.
We have a specialist team of data protection lawyers here at Ward Hadaway, and would be happy to discuss any data protection concerns or issues that you might have.
Related FAQs
Your lawyers can take your instructions by telephone, Skype, Zoom or a similar tool. However, the formal requirement to make a valid Will requires two witnesses to be present with you when you sign the Will and they must then add their signatures. The witnesses or their spouse cannot be beneficiaries or they will forfeit their inheritance.
The main challenge is how to have your witnesses with you at a time when we are being advised to socially distance. One option would be for the witnesses to stand outside your window or at a safe distance from you where they have a clear line of sight. The witnesses can watch you sign and then you could post your Will through your letterbox or leave it on a surface for them to pick up so that they can then sign their names too. If the witnesses live together then they do not need to keep two meters apart from each other.
The Wills Act 1837 requires that your witnesses must be physically present when you sign your Will and therefore it is not possible to do this by Skype, Zoom or similar video conferencing means. You may however want to video record the process by which you and your witnesses signed your Will so that you have a record of what was done, particularly if you are worried that someone might challenge the validity of your Will in due course. You can of course re-execute your Will once social distancing has been relaxed if you are particularly concerned.
Be aware that the virus can remain on documents for more than 24 hours so it would be sensible for everyone to wear disposable gloves and in any event to wash hands thoroughly after handling the Will.
Emergency legislation may be passed regarding the requirement to make a valid Will but you must follow the current rules unless or until new legislation is passed.
An employee can refuse to attend work but their refusal to do so will have to be based on a reasonable belief that their health and safety is in danger. Whether or not their refusal is reasonable will take into consideration factors such as the employee’s own health and whether they are at a higher risk of becoming seriously ill if they contract Covid-19 and the steps their employer has out in place to mitigate the danger of contracting Covid-19 at work.
In such circumstances where the employee’s belief is deemed to be reasonable, they will be entitled to stay at home and receive full pay.
If an employee is subsequently dismissed for refusing to attend work in these circumstances, they may be able to bring a claim for unfair dismissal.
The Act was obviously subject to much debate and criticism as the Bill passed through Parliament. It is difficult to properly assess any gaps until after the necessary secondary legislation has been published and comes into force (along with the remainder of the Act), but some of the likely issues include:
- The impact on the insurance market, and the (lack of) availability and increased cost of insurance in light of the provisions of the Act
- How the introduction of retrospective claims will affect the market, both in relation to how parties might go about trying to prove matters which are 30 years old, but also the lack of certainty for those potentially on the receiving end of these claims which they previously had by virtue of the Limitation Act provisions
- Whether the definition of higher risk buildings is correct, or will require some refinement.
The Martlet v Mulalley case provides some useful observations and clarifications, for example that designers cannot necessarily rely on a ‘lemming’ defence that they were simply doing what others were doing at the time, that ‘waking watch’ costs are generally recoverable, and commentary on certain specific Building Regulations. The judgment however made clear that much of the case turned on its specific facts, so it is useful from the perspective of providing some insight as to how the Courts will deal with cladding disputes in future, rather than setting significant precedents to be followed.
Employers and employees can decide the split of the hours of work and the hours of furlough. There is no maximum or minimum requirements. You can change the arrangement, by agreement, from time to time.
When claiming for employees who are flexibly furloughed, you should not claim until you are sure of the exact hours they will work during the claim period.
Physical bundles may not be regarded as safe for public health and there are obvious difficulties in providing them with the current restrictions in place. Electronic bundles should be provided in PDF format, preferably paginated, indexed and bookmarked. The bundles should only contain documents and authorities that are essential to the issues required to be decided at the remote hearing and should be filed with the court by email.