What are the data protection implications of holding Covid-19 health data?
The ICO is providing new guidance to organisations regarding data protection and coronavirus, which can be accessed here: https://ico.org.uk/for-organisations/data-protection-and-coronavirus/
Information about the Covid-19 health status of individuals is special category data under the GDPR. This means it is high risk which has implications for how you use it, store it and keep it secure.
You will already hold health data about your employees as this is necessary to provide a safe, accessible place to work and to make reasonable adjustments to the workplace. You now need to make sure that the information you gather about your employees, visitors to your sites, customers and suppliers about Covid-19 is processed in accordance with data protection laws.
Related FAQs
On 2 April 2020, the Government issued guidance relating to Private Finance Initiatives and PF2 Projects. The guidance, which is to be enforced with immediate effect (currently due to stay in place until 30 June 2020), is one of several guidance notes issued to date.
A link to the guidance is set out below:
Key messages to contracting authorities
- PFI contractors should very much consider themselves as being part of the public sector response to the current pandemic
- Covid-19 is not regarded as, and is not to be classified as a force majeure event
- PFI contractors must ensure that contingency plans are up to date and have been reviewed and discussed with contracting authorities to enable the continuity of full services to respond to the pandemic and maintain vital public services
- Contracting authorities should work closely with PFI contractors to use all available options to maintain public services during the emergency period
- Local arrangements should be made where PFI contractors can’t deliver the agreed requirements and performance standards
- “Best efforts” should be made by all parties for the continuation of service provision
No. The Home Office has confirmed that sponsors do not need to report sponsored workers as working from home, where this is directly related to the coronavirus outbreak.
However any UK employers who sponsor overseas workers, should also ensure that they remain compliant with their other sponsor licence duties, which includes reporting any change to an employee’s salary and duties.
- Start critical care treatment with a clear plan of how the treatment will address the diagnosis and lead to agreed outcomes.
- Review critical care treatment regularly and when the patient’s clinical condition changes.
- Stop critical care treatment when it is no longer considered able to achieve the desired outcomes. Record the decision and the discussion with family, carers and the patient (if possible).
Safeguarding issues are relatively uncommon, however, if they do occur, the normal safeguarding procedure of the organisation should be followed.
- Be alert to the fact that guidance on treating Covid-19 may change with emerging knowledge/scientific data and this may require subsequent modifications to treatment.
- Critical care staff should support healthcare professionals who do not routinely work in critical care but need to do so.