What do we need to do?
Privacy policy – You must make sure the relevant privacy policies deal with how you will process Covid-19 data. You should have an employee privacy policy and this may already deal with health data (if it doesn’t, it should). You might also need to look at privacy policies for customers, visitors and suppliers. This ensures that processing is lawful, fair and transparent.
Lawful processing conditions – You will need to consider which processing conditions you are relying on (remembering that you need both an Article 6 condition and an Article 9 condition – this is the part of the GDPR which deals with special category data). As a lot of the data you collect will be about employees, you can’t use consent so you will have to find another lawful reason under GDPR which allows you to process the data.
Appropriate policy document – When you are considering your Article 9 processing conditions, remember you must also have an “appropriate policy document” in place.
Processing record – Finally make sure your processing record is up to date with information on what data you collect and use.
Related FAQs
Yes, this is very likely to amount to a reasonable management instruction which is put in place for public health reasons. Employers should make it clear to their employees that this is something they are required to do and that if they fail to do so this may lead to disciplinary action.
The reaction from NCVO is that this is an important first step. However, it will not stop well run charities from closing and others will look very different in a few months’ time.
We have teamed up with Scaleup North East to help companies impacted by the coronavirus outbreak plan how to get back to business.
Our specialist lawyers will provide a free “diagnostic” call with eligible businesses across the NE, exploring challenges they are facing in the aftermath of the lockdown, and identify specific steps to survive, and then thrive, in these challenging times and beyond.
Through the collaboration with Scaleup North East, eligible North East-based SMEs are then able to apply for up to 40% funding towards up to £4,000 of legal advice.
These might include:
- Employment issues, such as dealing with a phased return to work
- Measures to support cash-flow, such as amendment to terms of trading and debt collection procedures
- Renegotiations and amendments to contracts, and other advice about contracts with suppliers and customers to deal with consequences of Covid-19
- Managing property costs – review of leases, advice on break clauses and formalisation of any revised arrangements recently put in place with landlords/tenants
- Health and safety implications of return to work and social distancing
Find out more on our website or contact partner Damien Charlton. If you are not eligible because of location but are interested in the free “diagnostic”, please contact us.
Ordinarily, no but during the pandemic, yes.
You can start employing a Tier 2 or 5 worker who is in the UK before their visa application has been decided if the following conditions have been met.
- You have assigned the worker a Certificate of Sponsorship
- They have made an in time visa application (i.e. they made their new visa application before their current leave expired) and they have provided you with evidence of this
- The job you employ them in is the same as the one stated on their Certificate of Sponsorship.
Sponsors should be aware that they should carry out right to work checks before the individual starts undertaking work for them and if their visa application is eventually rejected, they must stop employing them.
Although sponsors will not be able to record migrant activity on the SMS about these workers, the Home Office has confirmed that any necessary reports should still be made on the sponsor’s internal systems.
If the worker is outside the UK, they may be able to start work for you remotely subject to the relevant employment, tax and immigration requirements in that country.
This may be a good idea – whatever name they are given, it is essential that MHFAs are empowered to take a proactive approach to organisational mental health and that they have the bandwidth to be able to discharge their responsibilities. The name should reflect the culture of the organisation, the key aspect is awareness and accessibility – identifying a name for your company that supports this is key.