I work in construction. Can I still travel to work?

With the loss of face-to-face meetings in the current situation, video conferencing has taken centre stage. But how do you do that in a compliant way? Here are some of the main high-level data protection issues to consider when selecting and implementing a new third party provider’s video conferencing system.

1. Make sure you do your due diligence on the security measures offered by the provider. Clearly you can’t visit them, so look at the information offered publicly by the provider and read good quality, reliable, third party sources and ask the provider questions directly. Also ask any other organisations you know that use the provider. Document all this.
2. If personal information is being sent outside of the UK/European Economic Area, make sure that transfer complies with GDPR. If it’s a US provider, is it registered in the EU-US Privacy Shield list or does it offer a model clause contract (you’re likely to need the 2010 version)? Or is the service provided from a country whose data protection laws offer equivalent protection to those in Europe? Look at the support service as well as the hosting. Document this.
3. Make sure you put a compliant processor agreement in place. The provider should offer one as part of the contract terms. Check it meets GDPR requirements.
4. You’re likely to need to update your privacy notice, particularly if you’re going to record calls. Provide participants with a short message and link to the privacy notice in the meeting invite and on any registration page.
5. Create or update other GDPR-mandated documentation – for example, depending on your use, you may need a legitimate interests assessment and to update your record of processing.
6. Finally, configure and use the system in a secure and compliant way. Look at the settings/options carefully and think through the security and compliance implications of each. That could include deciding who in the meeting can share their screen; whether or not you use passwords for participants; whether or not to record, and if you’re going to record, where to store the recording. Document your decisions and the reasons for them.

The ICO has said it understands that resources, whether they are finances or people, might be diverted away from usual compliance work during the pandemic. However the last thing you need at the moment is to create a bigger problem than the one you are trying to solve. So do the best you can, ask for help from one of our specialists if you need it, and keep the whole thing under review.

On 16 April 2020, Ian Hulme, the ICO’s Director of Assurance, posted a blog for business owners, employers and managers about how to safely roll out the latest video conferencing technology.

On 21 April 2020, the NCSC published security guidance for organisations on choosing, configuring and deploying video conferencing services.

Solicitors can be authorised to sign contracts for their clients – a signed letter of authority should be scanned and sent to avoid posting potentially contaminated documents.

Solicitors should exchange supplemental agreements on behalf of their clients to agree to postpone exchange and completion dates if it has been agreed to push these back.

The Law Society advises that electronic signatures be used as much as possible for contracts, to avoid possible contamination. However, the Land Registry confirms that the legal transfer document cannot be validly executed with an electronic signature. Solicitors should agree a completion undertaking that the original transfer document will be sent when received and after the restrictions have been lifted.

The Land Registry’s latest guidance https://www.gov.uk/guidance/coronavirus-covid-19-impact-on-hm-land-registrys-services published on 14 May states:

We accept deeds that have been signed using the ‘Mercury signing approach’.

For land registration purposes, a signature page will need to be signed in pen and witnessed in person (not by a video call). The signature will then need to be captured, with a scanner or a camera, to produce a PDF, JPEG or other suitable copy of the signed signature page. Each party sends a single email to their conveyancer to which is attached the final agreed copy of the document and the copy of the signed signature page.

Solicitors should be willing to adopt this procedure for completing transactions to enable them to be registered by the Land Registry.

The execution of a transfer is a deed and must be witnessed. Members of the family can witness signatures so long as they are not also a party to the document. A witness will be more credible if they are 18 or over, but this is not a legal requirement. The legal requirement is for the witness “to be present” when the document is signed. It would be possible for a witness to be on the other side of the room or the other side of a window, and validly witness the execution of a deed. The witness does need to take precautions to avoid possible contamination from the document.

A statutory declaration does not need to be witnessed but must be administered by a solicitor or commissioner for oaths. There is no legally prescribed process for this, and there is nothing to suggest that this could not be validly done via a video telephone call if the signature on the declaration can clearly be seen by the person commissioning the oath when the oath is made.

It is unlikely that an employer can place such a requirement on staff without infringing the employee’s privacy. If the employee is acting in accordance with the rules, limiting their activity would likely be considered unreasonable.

It is almost impossible to completely guard against the risks associated with contractor insolvency, but there are some steps which can assist in mitigating and managing the risks involved.   To be in the best possible position, it is worth considering the following at the outset of any project:

• Check the contractor’s financial position – particularly the specific company which will enter into the building contract, as the employer’s rights will be against this company rather than the business as a whole
• Take legal advice to ensure that the building contract is properly drafted with appropriate provisions to deal with an insolvency event
• Consider requiring a performance bond and/or parent company guarantee (each serve slightly different purposes)
• Obtain collateral warranties from the consultants and sub-contractors involved, so that there are contractual rights against other parties if the contractor is no longer able to meet claims
• Consider requiring retention bonds, advance payment bonds or vesting certificates if necessary
• Project bank accounts and escrow accounts can also provide some further assurances for the parties involved

• Start critical care treatment with a clear plan of how the treatment will address the diagnosis and lead to agreed outcomes.
• Review critical care treatment regularly and when the patient’s clinical condition changes.
• Stop critical care treatment when it is no longer considered able to achieve the desired outcomes. Record the decision and the discussion with family, carers and the patient (if possible).