How much data can I gather?
You also need to consider other aspects of data protection.
Be proportionate – only gather and use Covid-19 data where you need to.
Keep data to a minimum – you shouldn’t gather more data than you need. You need to know someone has Covid-19 but you don’t need to know all their symptoms. Data minimisation also applies to who gets access to the data. It’s unlikely that a spreadsheet, accessible to everyone updating them on the health status of all employees, would be appropriate. Data should be shared on a need to know basis. You need to balance the privacy of individuals against your duty of care to be responsible with regards to the data of your employees, visitors, customers and suppliers.
Keep it up to date – make sure you update data. People’s health status will change and if you keep a record of this, you need to make sure it is accurate and up to date (although this doesn’t mean you should batter individuals with constant requests for updates on health status. Again, be proportionate).
Identify individuals only when you need to – although you will need to know who has Covid-19, that doesn’t mean you need to tell everyone in the organisation. As soon as you can, you should remove personal data from any information you gather. For example, you might want to update employees on the health status of their fellow employees but you probably don’t need to name individuals and even if you feel it is necessary, you should keep the information you provide to a minimum. Removing personal identifiers in a document is also a good data security technique.
Keep the Covid-19 health data secure – Covid-19 data will be special category data and deemed high risk. This means that if you have a breach of this data you will need to notify it to the ICO. A breach could happen by someone losing a print-out of the names of Covid-19 employees, customers or visitors. It could also happen if you set access rights to lists of Covid-19 sufferers open to more people than need to know the information. The risk of ICO enforcement action increases with the potential harm the disclosure could cause. Although the ICO has indicated that it will be understanding about the impact of Covid-19 on normal operations, this doesn’t mean that they will not prosecute you if the breach is sufficiently serious.
Destroy the data once you don’t need it – Finally, of course, make sure that you delete data at the end of your needs. This might last longer than the pandemic, for example if you have an insurance claim or ongoing litigation. If you do need to keep it, consider whether or not you can delete some of the data to minimise what you hold.
Related FAQs
Payments of the Community Infrastructure Levy (“CIL”) are tied to commencement of development, and where an instalment policy is in place, the instalments are usually tied to periods of time following commencement rather than build out rates. Therefore where a development has commenced, payments of CIL are likely to fall due in respect of a site notwithstanding that the site may have temporarily closed or build out rates have slowed.
New regulations now in force, provide some additional relief for those developers with an annual turnover of £45 million or less. Such relief will allow the Council to defer payments, disapply late interest charges, and refund late interest charges that have already been levied since 21 March 2020.
For those developers that cannot benefit from the new provisions, unless a Council has adopted an exceptional circumstances relief policy the regulations do not provide for any relief to be provided in instances where payment of CIL will create viability issues. Most Councils have not adopted such a policy, and in those circumstances the CIL liability will remain due in accordance with the payment schedule on the demand notice.
Councils are at liberty to amend their instalment policies in accordance with their own internal procedures, and the Government is encouraging Councils to explore this option to provide some relief to developers. However this will only assist in respect of any prospective instalments where the development commences after the new instalment policy has been adopted.
For those developers whose annual turnover exceeds £45 million, the Government seems to be taking the view that such developers can afford their CIL liabilities regardless of the current climate. The only concession the Government has proposed is to encourage Councils to make use of the existing discretion they have in respect of the imposition of surcharges for late payments.
Yes. With respect to employees you have an obligation to protect their health so you can gather information to do that. You might gather information from your employees on who has the virus, who has had it and recovered and also who has tested negative. You might also want to know if individuals have been in contact with someone who has it or if they are in a vulnerable group. It is reasonable to want to know where individuals have travelled. In the future it may also be reasonable to know if they are planning to travel to a virus hot spot, as the impact of the virus around the world is likely to continue for some time even after the outbreak has been contained in the UK.
It is reasonable to gather some information about visitors to your site, be they customers or suppliers, as this information will also help protect your staff. However, you should keep what you gather to a minimum. For visitors, it’s unlikely that you need to know anything more than they have Covid-19, are displaying symptoms or have recently been in contact with someone who has the virus.
Potentially. The first question is why the person is not able to return, as their individual circumstances will be very relevant in terms of whether they can be safely dismissed.
Employers should ask themselves 2 questions in this situation:
- Have I done everything I am required to do in order to make the workplace safe for the individual to return; and
- Is what the employee saying reasonable?
If the answer to question 1. is no then a dismissal is unlikely to be fair. However, even if the answer to question 1. is yes, then there is still question 2. to address. If the employee has reasonable grounds as to why they are unable to return to work, e.g. due to health issues, childcare responsibilities etc then the dismissal is unlikely to be fair. It is only if you can answer yes to question 1. and no to question 2. that you can have some confidence in the potential safety of the dismissal.
Dismissals based on objections to returning to work on health and safety grounds will very often be risky and are highly fact specific, therefore please contact one of the employment team for further advice prior to dismissal.
In appropriate cases, disciplinary action and then dismissal may be fair if an employee refuses to wear a face covering in the workplace. For example, if this is in breach of the government guidance or if employer has issued a reasonable management instruction to this effect due to an identified health and safety risk.
It is important that employers use a fair and reasonable procedure when deciding whether to discipline and/or dismiss an employee and that its actions does not unlawfully discriminate against employees who have legitimate reasons for not wearing masks, such as those individuals who have health conditions like asthma.
The Government has introduced new regulations, which took effect on 14 May 2020, to relax the publicity requirements in respect of planning applications.
Planning applications are usually required to be publicised by way of site notices and local newspaper notices and applications are to be made available for public inspection. The Government has recognised that these actions may not always be possible in accordance with social distancing guidelines and in order that Councils do not delay applications as a result of an inability to comply with the publicity requirements, the Government has relaxed the requirements.
A Local Planning Authority is now required to “take reasonable steps” to publicise a planning application, which may be through use of online newspapers, social media, or other electronic measures. What is considered reasonable will depend upon the circumstances of an individual application and will be proportionate to the scale and impact of the development. A large development that has previously generated significant interest will require more steps to bring the application to the attention of all of those with an interest than a householder application. The guidance emphasises the role of the publicity requirements, namely to enable those with an interest to make representations and to effectively participate in the decision making process and therefore community engagement remains key. It is recommended that the officer’s report refers to the steps taken where a Council has relied upon the temporary publicity arrangements.
The requirement to make planning applications available for public inspection has also been temporarily suspended providing that the applications are available for online inspection. In reality most LPAs already provide such an online facility. Where individuals are unable to access an application online LPAs should make alternative arrangements, for example providing information over the phone or providing a hard copy set of documents by post.
The regulations however only amend the statutory publicity requirements. In addition to these, all LPAs are required to have a Statement of Community Involvement which may provide for additional publicity requirements and the LPA will be bound by these regardless of the temporary relaxation of any statutory requirements. Where a Statement of Community Involvement does go beyond the statutory requirements, the Government guidance suggests that LPAs update these to ensure that local communities can continue to be consulted in the current climate.
The regulations are currently due to expire on 31 December 2020.