What are the data protection implications of holding Covid-19 health data?
The ICO is providing new guidance to organisations regarding data protection and coronavirus, which can be accessed here: https://ico.org.uk/for-organisations/data-protection-and-coronavirus/
Information about the Covid-19 health status of individuals is special category data under the GDPR. This means it is high risk which has implications for how you use it, store it and keep it secure.
You will already hold health data about your employees as this is necessary to provide a safe, accessible place to work and to make reasonable adjustments to the workplace. You now need to make sure that the information you gather about your employees, visitors to your sites, customers and suppliers about Covid-19 is processed in accordance with data protection laws.
Related FAQs
Undeniably and understandably BAME staff, as well as those staff who are identified as being at a higher risk, are going to have high levels of stress and anxiety. For some, this may become of such severity that those staff should be considered to be disabled under the Equality Act 2010. The question as to whether someone is disabled is one that should be answered in conjunction with appropriate medical advice. But the question about how to support any staff suffering with stress and anxiety should not be left until that stage. Proactive steps need to be taken and expert advice obtained on what support measures should be put in place. We know that many NHS organisations are already giving the mental wellbeing of their staff the highest priority.
From our perspective, we would ask managers to be mindful that stress and anxiety is likely to feature in how an individual reacts to questions about the level of risk to their health and the impact on their duties. The conversations with some staff may not be easy to have and may be met with challenge.
For those staff who’s stress and anxiety is such that it would qualify as a disability, reasonable adjustments will need to be considered to the processes that you are applying.
An additional point to consider – it might be worth writing to all staff, asking them to come forward if they have any health conditions that they think you ought to be aware of, assuring them that such information is being given in the strictest confidence. You want to make sure that you are taking the appropriate measures to ensure their health and safety.
The Government’s Corporate Insolvency and Governance Act introduces amendments to the current rules for companies on holding meetings, to address the difficulties companies are facing due to the Covid-19 pandemic.
The new provisions apply to meetings held between 26 March 2020 and 30 September 2020 (referred to as the “Relevant Period”). Subsequent regulations by the Government can be used to shorten this period or extend by up to 3 months but not past 5 April 2021.
The provisions will have retrospective effect, so meetings that were held after 26 March 2020 that may not have met the usual legal requirements due to lockdown, will be validated under these new provisions. These provisions under the Act make amends to relevant legislation and override a company’s articles of association.
For general meetings and certain other meetings of companies, the Act states that:
- The meeting need not be held in any particular place;
- The meeting may be held, and any votes may be cast, by electronic means or other means;
- The meeting may be held without anyone being in the same place
- Persons attending the meeting no longer have the following rights: the right to attend in person, the right to participate in the meeting other than by voting, or the right to vote by particular means.
The aim of these changes is to facilitate virtual meetings, and remove the need for a physical venue.
Where a company was required to hold its AGM between 26 March and 30 September 2020, it can be held at any time before 30 September 2020. The Secretary of State has the power to make regulations to further extend the deadline.
Arrangements for end point assessments can be modified or rescheduled. End point assessment organisations should engage with External Quality Assurance Providers to agree arrangements for the end point assessments where face-to-face assessments are being modified. Where rescheduling is required due to Covid-19 issues and there is a specified time limit for the ESA post gateway, a further pause of 12 weeks is allowable. This should be recorded by the training provider in the ILR.
The only potential negatives are the potential for MHFAs to become overloaded, or for MHFAs to overstep the boundaries of their role. Both would be avoided if a suitable framework is in place around them, and if adequate ongoing support and training is provided.
The Government has introduced legislation to expand the list of those who can register deaths to include Funeral Directors who are dealing with the funeral arrangements and who has been authorised by a relative of the deceased to register the death. Also, the medical cause of death certificate can be emailed to the Registrar’s office and arrangements made to have a telephone appointment to provide the Registrar with information to register the death. The requirement to attend the Registrar in person to sign the Register has been relaxed so that this is not necessary. It will however still be necessary to register the death within 5 days.