What are the data protection implications of holding Covid-19 health data?
The ICO is providing new guidance to organisations regarding data protection and coronavirus, which can be accessed here: https://ico.org.uk/for-organisations/data-protection-and-coronavirus/
Information about the Covid-19 health status of individuals is special category data under the GDPR. This means it is high risk which has implications for how you use it, store it and keep it secure.
You will already hold health data about your employees as this is necessary to provide a safe, accessible place to work and to make reasonable adjustments to the workplace. You now need to make sure that the information you gather about your employees, visitors to your sites, customers and suppliers about Covid-19 is processed in accordance with data protection laws.
Related FAQs
Employers should ensure that apprentices are paid at least the Apprenticeship Minimum Wage, National Living Wage or National Minimum Wage (AMW/NLW//NMW) as appropriate (and taking into account the new rates which will take effect from 1 April 2021) for training carried out where their wage received through the Coronavirus Job Retention Scheme does not cover this.
On 7 May the Government published guidance on how contracting parties can act responsibly in order to assist the effort to deal with Covid-19. The guidance seeks to persuade contracting parties to act reasonably and recognise the impact of Covid-19 on contractual counterparties. This will continue to be relevant as business begins to emerge from lockdown.
Failure to comply with the individual consultation obligations could render the dismissal unfair and expose you to a financial penalty of the lower of up to 1 years gross pay or the maximum statutory limit (currently £88,519).
- Working with PFI providers to get contingency plans up to date
- If a PFI provider is struggling to achieve service delivery requirements due to Covid-19, then local arrangements should be put in place to:
- maintain unitary charge payments
- revise contract requirements/standards
moderating payment and performance regimes where appropriate.
- In any event, you may wish to review and adjust your requirements to reflect the current situation. It is possible that some requirements can be relaxed, whereas others need to be tightened. For example, there may be an increased need for cleaning and maintenance in certain areas of your PFI premises or the layout of the premises and/or room uses may have temporarily changed. With staff illness and shortage likely to be an issue, you may also wish to consider if the resource can be moved from one area to another to help maintain essential services.
- When putting local bespoke arrangements into place it is vital that:
- Contract requirements or performance standards are not relaxed to the point where health and safety are put at risk.
- It is made clear that the arrangements are temporary and that matters will return to normal as soon as the Covid-19 emergency is over. Indeed the guidance note makes clear that if assets temporarily close they should be kept in such condition that they can be immediately up and running when this emergency is over. In such instances, likely a basic level of maintenance and security will therefore be required as a minimum.
Some organisations are prioritising properties, known to be higher risk, such as properties with open flues, or near to the certificate expiry date.
Vulnerable staff and tenants need protection, safe working practices need to be established, and communicated. Organisations should bring forward servicing for people known to be vulnerable – but bearing in mind the guidance as to preserving the annual test date.