Skip to content
Menu

Home FAQs How much data can I gather?

How much data can I gather?

You also need to consider other aspects of data protection.

Be proportionate – only gather and use Covid-19 data where you need to.

Keep data to a minimum – you shouldn’t gather more data than you need. You need to know someone has Covid-19 but you don’t need to know all their symptoms. Data minimisation also applies to who gets access to the data. It’s unlikely that a spreadsheet, accessible to everyone updating them on the health status of all employees, would be appropriate. Data should be shared on a need to know basis. You need to balance the privacy of individuals against your duty of care to be responsible with regards to the data of your employees, visitors, customers and suppliers.

Keep it up to date – make sure you update data. People’s health status will change and if you keep a record of this, you need to  make sure it is accurate and up to date (although this doesn’t mean you should batter individuals with constant requests for updates on health status. Again, be proportionate).

Identify individuals only when you need to – although you will need to know who has Covid-19, that doesn’t mean you need to tell everyone in the organisation. As soon as you can, you should remove personal data from any information you gather. For example, you might want to update employees on the health status of their fellow employees but you probably don’t need to name individuals and even if you feel it is necessary, you should keep the information you provide to a minimum. Removing personal identifiers in a document is also a good data security technique.

Keep the Covid-19 health data secure – Covid-19 data will be special category data and deemed high risk. This means that if you have a breach of this data you will need to notify it to the ICO. A breach could happen by someone losing a print-out of the names of Covid-19 employees, customers or visitors. It could also happen if you set access rights to lists of Covid-19 sufferers open to more people than need to know the information. The risk of ICO enforcement action increases with the potential harm the disclosure could cause. Although the ICO has indicated that it will be understanding about the impact of Covid-19 on normal operations, this doesn’t mean that they will not prosecute you if the breach is sufficiently serious.

Destroy the data once you don’t need it – Finally, of course, make sure that you delete data at the end of your needs. This might last longer than the pandemic, for example if you have an insurance claim or ongoing litigation. If you do need to keep it, consider whether or not you can delete some of the data to minimise what you hold.

Related FAQs

What are the contractual issues that businesses need to think about as they get back to business following lockdown?

It is clear that we are emerging from a completely unprecedented period of disruption for many businesses, and this may have had a huge impact on their contractual arrangements both with suppliers and customers.

As the lockdown eases, and we get back to business, it’s important that businesses take stock of what has happened, and ensure they review and address the legal and contractual consequences of what has been happening since the start of the global pandemic.

Last updated on 27th April, 2021

What amount do you claim under the Flexible Furlough Scheme?

You will claim a pro rata’d amount of 80% of salary, based on the proportion of hours not worked out of the employee’s normal working hours (their “usual” hours).

There are 2 ways to calculate an employee’s usual hours, depending on whether they have fixed or variable hours/pay:

  • For those with fixed hours/pay, you take the number of hours worked in the pay period before 19 March 2020.
  • For those with variable hours/pay, you take the higher of:
  1. the average number of hours worked in the tax year 2019 to 2020 or
  2. the corresponding calendar period in the tax year 2019 to 2020.

If employees are paid per task or piece of work done, you should work out the usual hours for these employees in the same way as for other employees who work variable hours, if possible.

When you calculate the usual hours, you should include any hours of leave for which they were paid their full contracted rate (such as annual leave) and any hours worked as overtime (but only if the pay for those hours was not discretionary).

Last updated on 16th June, 2020

How do you protect MHFAs from the potential stresses of the role?

There should be some data collected as to the type and number of interactions MHFA are having, to ensure no one individual or individuals are overloaded. MHFAs should be encouraged to maintain regular self-care practice, to lean in to all support provisions available in their organisation, to engage in peer support, and to take a break from their role as a  MHFA to prioritise their own wellbeing as needed. It is also important that those who volunteer to be MHFAs have the support of their managers.  So they have the time to do both their core role and their MHFA duties without feeling pressurised to cram work into spare time to make up for time spent on MHFA duties.

Last updated on 8th April, 2022

Can an employee on family related leave be furloughed?

Yes, but your claim will be limited to any enhanced contractual payments you make to employees who qualify for the relevant family related pay.

All maternity and parental rights remain in force for anyone in this category who is furloughed. However you may need to calculate average weekly pay differently if the employee was furloughed and then started family related leave on or after 25 April 2020.

Furlough pay cannot be claimed for the period that an employee is receiving Maternity Allowance. An employee can agree to accept furlough pay but they must contact Jobcentre Plus to stop their Maternity Allowance payments for this period.

Last updated on 28th March, 2020

How do I guard against contractor insolvency in the construction industry?

It is almost impossible to completely guard against the risks associated with contractor insolvency, but there are some steps which can assist in mitigating and managing the risks involved.   To be in the best possible position, it is worth considering the following at the outset of any project:

  • Check the contractor’s financial position – particularly the specific company which will enter into the building contract, as the employer’s rights will be against this company rather than the business as a whole
  • Take legal advice to ensure that the building contract is properly drafted with appropriate provisions to deal with an insolvency event
  • Consider requiring a performance bond and/or parent company guarantee (each serve slightly different purposes)
  • Obtain collateral warranties from the consultants and sub-contractors involved, so that there are contractual rights against other parties if the contractor is no longer able to meet claims
  • Consider requiring retention bonds, advance payment bonds or vesting certificates if necessary
  • Project bank accounts and escrow accounts can also provide some further assurances for the parties involved

Last updated on 28th March, 2020