Skip to content
Menu

Home FAQs Should I have a homeworking policy?

Should I have a homeworking policy?

If organisations don’t have a formal home working policy, then they should set out, as soon as possible, in clear terms, what is expected of employees from a data protection perspective when working from home. These might include:

  • If someone is using their own device for remote working, ensuring that any devices that hold work-related information have up-to-date anti-virus software and that broadband connections have properly configured firewalls
  • Reminding staff to contact the organisation’s IT department if they encounter any issues with home working, and not to try and resolve any issues themselves
  • Reminding staff that they should notify relevant individuals within the organisation if they consider that there might have been a personal data breach. A breach will still be notifiable even if it does occur at home during the pandemic. These should be logged by the organisation in their data breach log in the normal way
  • Ensuring staff lock their devices whenever they are not using them
  • Where possible, working in a separate part of the home to family members
  • Ensuring confidentiality of information – advising staff not to have phone calls where others are likely to hear the conversation. This might mean moving to a different room, closing the door, or arranging a call for a more convenient time. If employees have smart speakers, you may want to consider advising them to either turn these off, if they are working in the same room as it, or work in a different room
  • Wherever possible, avoid taking hard copy documents home, and, if papers are taken home, never placing those papers in a bin or using a home shredder – any such papers should be shredded back at the office in the usual way
  • Locking any papers in a safe place
  • Not using social media platforms (unless already used and permitted by the organisation) to discuss work matters
  • Advising extra caution with incoming emails as at times such as this there may be an increased risk of fraud, email hacking, spear phishing etc.
  • Avoiding information being sent to personal email accounts (for example, so it can then be printed at home)
  • Reminding staff of your organisation’s Information Security policies, procedures and protocols. These could be emailed to all staff working from home or they could be directed to such documents on the organisation’s intranet, for example

Organisations should also ensure that their remote access systems can cope with increased demand.

Whilst the ICO appreciates the unprecedented nature of this pandemic, it does not mean that organisations can forget about their obligations as controllers of personal data. If a major data security breach were to happen, there is still the possibility of enforcement action where the organisation didn’t put in place good risk mitigation measures.

We have a specialist team of data protection lawyers here at Ward Hadaway, and would be happy to discuss any data protection concerns or issues that you might have.

Related FAQs

If an employee refuses to wear a face mask at work, can I discipline or dismiss them?

In appropriate cases, disciplinary action and then dismissal may be fair if an employee refuses to wear a face covering in the workplace. For example, if this is in breach of the government guidance or if  employer has issued a reasonable management instruction to this effect due to an identified health and safety risk.

It is important that employers use a fair and reasonable procedure when deciding whether to discipline and/or dismiss an employee and that its actions does not unlawfully discriminate against employees who have legitimate reasons for not wearing masks, such as those individuals who have health conditions like asthma.

Last updated on 25th September, 2020

What do I do if I have been endorsed for a Global Talent, Start-up or Innovator visa but my endorsement is due to expire?

Endorsing bodies are still processing applications for these visa types and endorsements are still being issued. You usually have to apply for your visa within 3 months of receipt of your endorsement. In most cases you will still be able to submit your application online within this timeframe however it will not be completed as visa application centres across the world are closed. If you cannot apply because you haven’t been able to travel and your endorsement has expired, you may still be eligible for a visa. You should make your application as planned and UKVI will consider all applications on a case by case basis.

Last updated on 15th May, 2020

What are the special considerations for DB schemes?
  • Before any agreed reduction in wages, actual changes to earning patterns (loss of overtime, for example) may impact the pensionable salary as defined under the scheme rules, with knock-on effects to a number of benefit calculations, such as death in service benefits.
  • Contractual changes to member salaries may adversely impact accrued benefits as the final salary figure may be reduced to a greater or lesser extent depending on the duration of furlough and the severity of any reductions in wage, and hence reductions may be difficult to agree with staff.
  • Reducing employer contributions will be subject to a number of the same considerations applicable to a DC scheme listed above. There will also be a need to change the rules and interact with the trustees, although it may be possible to override the rules with a direct contractual agreement with members.
  • Reducing employee contributions will also depend on the scheme rules, particularly as to whether there are any discretionary powers to suspend contributions, or pensionable service.
  • The rules will need to be considered for any unexpected consequences of furlough: depending on the wording of the rules, furlough may or may not be considered a leave of absence and may or may not have the effect of terminating pensionable service. This could have far-reaching consequences.
  • In particular, if the workforce’s pensionable service is inadvertently terminated as opposed to suspended in accordance with any relevant rule, this could trigger a statutory employer debt on an employer participating in a multi-employer scheme, if pensionable service continues for employees of other employers. This sort of issue is unlikely to be spotted until after the event, and therefore difficult to untangle. However, an employer should be able to take advantage of the “period of grace” provisions by notifying the trustees of its intention to re-admit employees to pensionable service within the next 12 months.
  • Clearly the impact of the Coronavirus Job Retention Scheme on DB schemes is complex and legal advice should be sought before any changes are considered.

Last updated on 14th April, 2020

What is the guidance in relation to the Mental Capacity Act 2005 and Deprivation of Liberty Safeguards during the Covid-19 pandemic?

The Department of Health & Social Care has published guidance for hospitals, care homes and supervisory bodies on the Mental Capacity Act 2005 (MCA) and Deprivation of Liberty Safeguards (DoLS) during the coronavirus pandemic.

In many scenarios created or affected by the pandemic, decision makers in hospitals and care homes will need to decide:

  • if new arrangements constitute a ‘deprivation of liberty’ (most will not), and
  • if the new measures do amount to a deprivation of liberty, whether a new DoLS authorisation will be required (in most cases it will not be).

If a new authorisation is required, decision makers should follow their usual DoLS processes, including those for urgent authorisations.

A summary of the key points to be taken from the guidance is outlined below:

Use of the MCA and DoLS due to Covid-19

  • During the pandemic, the principles of the MCA and the safeguards provided by DoLS still apply.
  • It may be necessary to change the usual care and treatment arrangements, for example to provide treatment for people with Covid-19, to move them to a new hospital or care home to better utilise resources or to protect them from becoming infected.
  • All decision makers are responsible for implementing the emergency Government health advice  and any decision made under the MCA must be made in relation to a particular individual, it cannot be made in relation to groups of people.

Best interest decisions

  • In many cases, a best interests decision will be sufficient to provide the necessary care and treatment for a person who lacks the capacity to consent to the care and/or treatment arrangements during this emergency period.
  • If an individual has made a valid and applicable advance decision to refuse the treatment in question, then the relevant treatment, even for Covid-19, cannot be provided.

Delivering life-saving treatment

  • Where life-saving treatment is being provided in care homes or hospitals, including for the treatment of Covid-19, then the person will not be deprived of liberty as long as the treatment is the same as would normally be given to any person without a mental disorder.
  • The DoLS will therefore not apply to the vast majority of patients who need life-saving treatment who lack the mental capacity to consent to that treatment, including treatment to prevent the deterioration of a person with Covid-19.

The full guidance can be found here.

Last updated on 14th April, 2020

Do I have to leave the UK to switch visas?

“Switching” is where you can transfer from one visa category to another without leaving the UK. However, in many instances where an individual wants to change from one visa category to another, they have to leave the UK and apply from the country they normally reside in.

There are currently limited concessions in place due to the pandemic where you are able to switch visas from within the UK instead of applying from overseas.  These are regularly updated and so please contact us for further information.

Last updated on 15th May, 2020