What do we need to do?
Privacy policy – You must make sure the relevant privacy policies deal with how you will process Covid-19 data. You should have an employee privacy policy and this may already deal with health data (if it doesn’t, it should). You might also need to look at privacy policies for customers, visitors and suppliers. This ensures that processing is lawful, fair and transparent.
Lawful processing conditions – You will need to consider which processing conditions you are relying on (remembering that you need both an Article 6 condition and an Article 9 condition – this is the part of the GDPR which deals with special category data). As a lot of the data you collect will be about employees, you can’t use consent so you will have to find another lawful reason under GDPR which allows you to process the data.
Appropriate policy document – When you are considering your Article 9 processing conditions, remember you must also have an “appropriate policy document” in place.
Processing record – Finally make sure your processing record is up to date with information on what data you collect and use.
Related FAQs
The FCA’s test case in the Supreme Court ruled overwhelmingly in favour of policyholders. However, business interruption cover generally has the prerequisite of physical damage or loss to the property (or in some circumstances, the presence of a notifiable disease at the property or within a certain radius of it), to recover losses caused by the interruption to your business. The onus is on insurers to re-assess those claims which are impacted by the Supreme Court’s judgment and to make contact with the policyholders regarding next steps. If you have not already made a claim, in the first instance the terms of any policy should be checked carefully to see whether business interruption cover is provided.
Companies House guidance on the impact of coronavirus on their services can be found at: https://www.gov.uk/guidance/coronavirus-guidance-for-companies-house-customers-employees-and-suppliers
This flexibility offered by Companies House could be a useful short-term help to businesses that are struggling to deal with the impact of the Covid-19 outbreak, but be sure to take action in advance of your filing deadline.
Yes. For further guidance, please see our FAQs section on Furlough.
If you do not have a justifiable reason for insisting that your employees have the vaccine (see FAQ above) your employee could resign and bring a claim of constructive unfair dismissal if they have more than 2 years’ continuous employment. This would be on the basis that you have breached trust and confidence.
If the vaccine includes pig gelatine (as many do), and the employee refuses on religious or because they are vegan, you may face a claim for discrimination under the Equality Act 2010.
Failure to comply with the individual consultation obligations could render the dismissal unfair and expose you to a financial penalty of the lower of up to 1 years gross pay or the maximum statutory limit (currently £88,519).