Are there steps to ensure they will have access to an open register (BSR) & building safety assessments etc?

To qualify for a grant under the scheme you must pay your furloughed staff the wages you are claiming for. Failure to do so may result in a HMRC investigation and/or claims from furloughed staff for unlawful deductions from wages and possibly constructive dismissal claims.

Normal benefits including non-monetary benefits should continue during furlough unless the individual has agreed in writing to reduce or remove a benefit during this time.

Employers are expected to apply for one or more of the financial support schemes available to be able to continue to pay staff.

It is envisaged that employees of organisations falling into the first two categories set out above and won’t be eligible for the job retention scheme in relation to the majority of their employees. It is envisaged that NHS Trusts for example are going to require their staff to be working at full capacity where possible. However, the guidance doesn’t definitely exclude public sector organisations from furloughing employees and notably the government expects such organisations to use public money to continue to pay staff and not furlough them, rather than say requires. In reality, it is difficult to see how such an organisation will be able to rely on the scheme, but the guidance doesn’t completely rule it out.

With the loss of face-to-face meetings in the current situation, video conferencing has taken centre stage. But how do you do that in a compliant way? Here are some of the main high-level data protection issues to consider when selecting and implementing a new third party provider’s video conferencing system.

1. Make sure you do your due diligence on the security measures offered by the provider. Clearly you can’t visit them, so look at the information offered publicly by the provider and read good quality, reliable, third party sources and ask the provider questions directly. Also ask any other organisations you know that use the provider. Document all this.
2. If personal information is being sent outside of the UK/European Economic Area, make sure that transfer complies with GDPR. If it’s a US provider, is it registered in the EU-US Privacy Shield list or does it offer a model clause contract (you’re likely to need the 2010 version)? Or is the service provided from a country whose data protection laws offer equivalent protection to those in Europe? Look at the support service as well as the hosting. Document this.
3. Make sure you put a compliant processor agreement in place. The provider should offer one as part of the contract terms. Check it meets GDPR requirements.
4. You’re likely to need to update your privacy notice, particularly if you’re going to record calls. Provide participants with a short message and link to the privacy notice in the meeting invite and on any registration page.
5. Create or update other GDPR-mandated documentation – for example, depending on your use, you may need a legitimate interests assessment and to update your record of processing.
6. Finally, configure and use the system in a secure and compliant way. Look at the settings/options carefully and think through the security and compliance implications of each. That could include deciding who in the meeting can share their screen; whether or not you use passwords for participants; whether or not to record, and if you’re going to record, where to store the recording. Document your decisions and the reasons for them.

The ICO has said it understands that resources, whether they are finances or people, might be diverted away from usual compliance work during the pandemic. However the last thing you need at the moment is to create a bigger problem than the one you are trying to solve. So do the best you can, ask for help from one of our specialists if you need it, and keep the whole thing under review.

On 16 April 2020, Ian Hulme, the ICO’s Director of Assurance, posted a blog for business owners, employers and managers about how to safely roll out the latest video conferencing technology.

On 21 April 2020, the NCSC published security guidance for organisations on choosing, configuring and deploying video conferencing services.

It is absolutely critical to creating a safe workplace and to making workers feel secure.

This could include floor markings every 2m (as we’ve seen in grocery stores), stopping or limiting/staggering access to communal or common areas such as toilets and kitchens, rearranging workstations to maintain a 2 metre distance or, where this is not possible (for example in manufacturing facilities or production lines), erecting physical barriers and avoiding face to face working, encouraging the use of stairs and discouraging lift-use, designing a one-way system for entry and exit and looking at aircon/heating systems to see if any modifications are possible to prevent the spread of airborne particles. If you can increase ventilation in your workplace, it will help reduce risk.

The government has published detailed social distancing guidance for workplaces across sectors including manufacturing, retail, offices, construction and transport; it has also promised to continue to add to this.

The GMC recognises the challenges the doctors may face as the situation continues to develop. This includes concerns about the risks to the health of the doctors when treating patients with coronavirus. Doctors should follow the current public health advice including self-isolating if they know or suspect that they are infected or are at a higher risk of infection.

Finally, all necessary steps should be taken to ensure that doctors have access to protective equipment and minimise the risk of transmission when treating patients. It is imperative that a record is kept of all decisions made and how any safety or health concerns have been handled.

The GMC continues to work with NHS England and UK’s Chief Medical Officers to provide updates and advice to all doctors as the situation develops. Click here for more information.