What are the data protection implications of holding Covid-19 health data?
The ICO is providing new guidance to organisations regarding data protection and coronavirus, which can be accessed here: https://ico.org.uk/for-organisations/data-protection-and-coronavirus/
Information about the Covid-19 health status of individuals is special category data under the GDPR. This means it is high risk which has implications for how you use it, store it and keep it secure.
You will already hold health data about your employees as this is necessary to provide a safe, accessible place to work and to make reasonable adjustments to the workplace. You now need to make sure that the information you gather about your employees, visitors to your sites, customers and suppliers about Covid-19 is processed in accordance with data protection laws.
Related FAQs
The guidance is non-statutory and is not binding on business. However, businesses should be aware that there might be reputational consequences if they do not follow the guidance; we have already seen in the context of taking advantage of furlough funding that not being in breach of the law is no protection against negative publicity. Further to the extent a contract expressly requires parties to act reasonably, it could be expected that this guidance is one of the factors a court would consider in determining what is reasonable.
IR35 is an anti-tax avoidance regime which is intended to tackle (in HMRC’s view) the long standing issue of individual contractors providing their services or labour via an intermediary – which is usually a personal service company (referred to as a PSC). We’ll talk about PSCs here, but there are other types of intermediaries that are caught.
HMRC’s view is that this arrangement is often considered to be disguised employment and therefore a tax-avoidance arrangement.
So IR35 is essentially a test of employment status – and if, once you apply the test, the contractor should be an employee, they should then be taxed as an employee.
Commercial partner Damien Charlton explains the basic principles of force majeure, and how they are relevant in the current extreme circumstances caused by the Covid-19 pandemic.
Employers have a statutory right to require employees to take annual leave at their direction, subject to providing staff with notice equal to at least double the length of the leave that you are directing them to take (e.g. 10 days’ notice for five days leave). However, this measure is not likely to achieve any urgent cost savings or alleviate immediate cash-flow pressure as holidays would need to be paid.
Clearly, annual leave can be taken on furlough so you could have staff on furlough and annual leave.
If you don’t want to make redundancies, or if you can’t reduce employee resource, either in a particular department or across the workforce as a whole, then you need to think about alternatives to redundancy.
Equally, you may want to flex the resource you have available to you – without making drastic changes. For example you may want to consider:
- unpaid leave and sabbaticals
- retraining and redeploying
- forcing annual leave
- flexible working
- capability issues
- lay off
- short time working
- reductions in salary
- reductions in working hours
- changing to shift working