Can the apprentice take a break or pause in learning due to coronavirus?

With the loss of face-to-face meetings in the current situation, video conferencing has taken centre stage. But how do you do that in a compliant way? Here are some of the main high-level data protection issues to consider when selecting and implementing a new third party provider’s video conferencing system.

1. Make sure you do your due diligence on the security measures offered by the provider. Clearly you can’t visit them, so look at the information offered publicly by the provider and read good quality, reliable, third party sources and ask the provider questions directly. Also ask any other organisations you know that use the provider. Document all this.
2. If personal information is being sent outside of the UK/European Economic Area, make sure that transfer complies with GDPR. If it’s a US provider, is it registered in the EU-US Privacy Shield list or does it offer a model clause contract (you’re likely to need the 2010 version)? Or is the service provided from a country whose data protection laws offer equivalent protection to those in Europe? Look at the support service as well as the hosting. Document this.
3. Make sure you put a compliant processor agreement in place. The provider should offer one as part of the contract terms. Check it meets GDPR requirements.
4. You’re likely to need to update your privacy notice, particularly if you’re going to record calls. Provide participants with a short message and link to the privacy notice in the meeting invite and on any registration page.
5. Create or update other GDPR-mandated documentation – for example, depending on your use, you may need a legitimate interests assessment and to update your record of processing.
6. Finally, configure and use the system in a secure and compliant way. Look at the settings/options carefully and think through the security and compliance implications of each. That could include deciding who in the meeting can share their screen; whether or not you use passwords for participants; whether or not to record, and if you’re going to record, where to store the recording. Document your decisions and the reasons for them.

The ICO has said it understands that resources, whether they are finances or people, might be diverted away from usual compliance work during the pandemic. However the last thing you need at the moment is to create a bigger problem than the one you are trying to solve. So do the best you can, ask for help from one of our specialists if you need it, and keep the whole thing under review.

On 16 April 2020, Ian Hulme, the ICO’s Director of Assurance, posted a blog for business owners, employers and managers about how to safely roll out the latest video conferencing technology.

On 21 April 2020, the NCSC published security guidance for organisations on choosing, configuring and deploying video conferencing services.

The courts are seeking to adapt to our new circumstances and have urgently been looking to introduce new ways of working. The courts have been testing out different ways of holding court hearings. The advice is changing almost daily and some courts have been developing local practices. Going forward the court, the parties and their representatives will need to be more proactive about all forthcoming hearings.

Everyone involved in the case is to consider as far ahead as possible how future hearings should best be undertaken and work collaboratively. It will normally be possible for all short, interlocutory, or non-witness, applications to be heard remotely. Some witness cases will also be suitable for remote hearings. The parties just need to ensure that everyone involved can use the technology suggested.

The courts have been looking at and held remote hearings using, non-exhaustively, BT conference call, Skype for Business, court video link, BT MeetMe, Zoom and ordinary telephone call. Bundles for the hearing will be prepared and circulated electronically.

If the hearing cannot be held remotely because the parties do not have the requisite technology or the length of the hearing combined with the number of parties or overseas parties, representatives and/or witnesses make it undesirable to go ahead with a hearing in court at the current time, then it may be that the case will need to be adjourned. We are hearing of trials being adjourned and that they will not be re-listed before at least September.

HMCTS has advised that several priority courts will remain open during the coronavirus pandemic to make sure the justice system continues to operate effectively. It publishes a daily operational update from the courts and they aim to update it by 9am. The link is https://www.gov.uk/guidance/hmcts-daily-operational-summary-on-courts-and-tribunals-during-coronavirus-covid-19-outbreak.

Also, the courts have circulated a civil listing priority list with Priority 1 listing work which must be done and which includes injunctions, any applications in cases listed for trial in the next three months, any applications where there is a substantial hearing listed in the next month and all Multi Track hearings where parties agree that it is urgent.

In the Priority 2 list, which consists of hearings which could be done, are enforcement of trading contracts, trial involving the survival of a business or the insolvency of an individual, small and fast track trials where the parties say they are urgent, and appeal in these kinds of cases.

Similarly, in arbitration proceedings, the parties and arbitrators are being encouraged to utilise technology to make sure that hearings take place. We have heard of Zoom being used very successfully for multi-party proceedings.

Although these measures fall short of the level of assurance given to employees both in terms of eligibility for an immediacy of access to payments, they are a vast improvement on the support for self-employed workers that has been put in place until now. Current support includes:

• Access to business interruption loans
• Self-assessment tax payments that were due in July 2020 have been deferred until January 2021
• VAT is deferred until the next quarter
• The introduction of Time to Pay arrangements under which deferrals for HMRC payments can be agreed
• The minimum income floor for universal credit has been suspended which will allow self-employed workers to access the equivalent of Statutory Sick Pay (SSP)
• Universal credit and tax credit payments to increase by £1000 per year

Data on properties, and people, has never been more important.

Given that compliance is at risk here, such a decision must be made by the Board to ensure good governance. Board approval should be sought and recorded for the approach the organisation is taking.

It is essential that you continue to record your data on compliance and report to your board at all times, and that there is a clear audit trail for issues with access, and if appropriate to the Regulator. Access issues as a result of self-isolation should be readily identifiable.

Operatives need to be provided with the tools to operate in as safe a way as possible:

• Checklist of questions to ascertain occupant’s current health
• Protective equipment (masks, gloves, over clothing)

The Gas Safe website is a useful resource for updates: https://www.gassaferegister.co.uk/help-and-advice/covid-19-advice-and-guidance/

The obvious option to reduce the cost of your workforce is redundancy. However, that also reduces the number of employees and therefore your capacity.