Should we stop employees working from home?

As their employer, you have an overriding duty to provide a safe system of work. The Trust would not be able to run a defence to say that an employee “waived their rights” and chose to continue to work. Provided the decision around restricting duties has been carefully thought out, a full risk assessment undertaken and the employee has been truly consulted about the impact on them, then the decision taken will be a reasonable management instruction. Failing to follow that reasonable management instruction could amount to a disciplinary offence.

Employers will be collecting and sharing health information. Health information is sensitive and higher data protection standards apply. Here are a few key pointers.

• Update privacy notices to cover the new collection and sharing of employees’ information and provide these to the workforce. Be transparent and fair.
• Identify the legal basis and condition for use of this information and put any required paperwork in place. The ICO guidance will help. For some conditions such as the employment condition, an Appropriate Policy Document (APD) will be required. The ICO has an APD template.
• Only use the information for the purpose of managing the workforce during the pandemic.
• Only collect or share information if it’s necessary – if it’s a targeted and proportionate way of achieving your purpose.
• Make sure any health information collected and shared is accurate – there may be serious consequences if it’s not.
• Work out how long the information must be kept for. Keep a record of that period and act on it at the appropriate time.
• Security is very important – there may be malicious actors trying to trick employers and employees. Make sure employees know how to identify a genuine NHS Test and Trace contact. Keep the information secure. Use the ICO’s data sharing checklists** and keep a record of the disclosures made and why. Control external disclosures – only certain authorised members of staff should make them.
• Make sure individuals can still exercise their data protection rights – that’s also very important. Keep data protection records up-to-date and ensure any exports of personal information outside the UK are compliant.
• Before introducing employer-led testing like taking temperatures, thermal imaging or other potentially intrusive tests, work out if a data protection impact assessment (DPIA) is required. It will be if the intended processing is ‘high risk’. If it is, then carry out a full DPIA. It will help address the issues systematically and mitigate risks.
• All this demonstrates ‘accountability’ – it shows affected individuals and the ICO that the employer is complying with data protection requirements.

If you need further help, please visit the ICO’s data protection and coronavirus information hub or ask our data protection team.

** Please note that this link is to the ICO’s existing checklists and data sharing code of practice. We will update the link to the ICO’s new checklists after they are published.

The guidance states that people should aim to wear a face-covering in indoor spaces where social distancing is not always possible and they come into contact with others, for example on public transport or in some shops, and potentially in the workplace. Face coverings do not mean face masks such as clinical masks worn by certain key workers as PPE, which should be reserved for those people.

Staff working in areas that are open to the public must wear face coverings, this includes:

• shops
• supermarkets
• bars
• pubs
• restaurants
• cafes
• banks
• estate agents
• post offices
• public areas of hotels and hostels

If these businesses have taken steps in line with Health and Safety Executive guidance for COVID-19 secure workplaces to create a physical barrier between workers and members of the public then staff behind the barrier will not be required to wear a face covering.

For other indoor settings, employers should assess the use of face coverings on a case by case basis depending on the workplace environment, other appropriate mitigations they have put in place, and whether reasonable exemptions apply.

Yes. The system for Probate Applications has moved on-line and continues to be available as well as by post. However, if you need to complete an Inheritance Tax Return IHT400 you are likely to experience problems collating information due to delays in many organisations being able to provide you with current values while their offices are closed and staff working remotely. Property valuations will be particularly problematic where surveyors or valuers are unable to attend properties to undertake non-urgent work. If you cannot wait, you must use your best endeavours to be as accurate as possible as regards the information you provide in the IHT400 and follow up by providing HMRC with actual values as soon as you can do so. HM Courts and Tribunal Service is however warning that delays can be expected at this time.

In practice this means that any risk assessment will need to be reviewed constantly and adjusted as our understanding of the nature and level of the risk grows.

Some service-providers are instigating special Oversight Groups to keep this issue under review but engagement and consultation with those affected is critical and making sure they feel confident to raise concerns and refuse to work if they believe they are not safe.