What are the data protection implications of holding Covid-19 health data?
The ICO is providing new guidance to organisations regarding data protection and coronavirus, which can be accessed here: https://ico.org.uk/for-organisations/data-protection-and-coronavirus/
Information about the Covid-19 health status of individuals is special category data under the GDPR. This means it is high risk which has implications for how you use it, store it and keep it secure.
You will already hold health data about your employees as this is necessary to provide a safe, accessible place to work and to make reasonable adjustments to the workplace. You now need to make sure that the information you gather about your employees, visitors to your sites, customers and suppliers about Covid-19 is processed in accordance with data protection laws.
Related FAQs
The CMA is particularly concerned about certain activities, its guidance highlights:
- Exchange of commercially sensitive information where this is not necessary in response to the crisis
- Collaboration which unfairly excludes third parties
- Abuse of a dominant position (including a dominant position held as a result of the crisis) – particularly to charge excessive prices
- Seeking to maintain prices or prevent reductions in prices
- Cooperation going beyond what is necessary to respond to the crisis in the interests of consumers
The duty is to inform and consult appropriate representatives of the “affected employees”.
Note that the term “affected employees” means those who may be “affected by the proposed dismissals or who may be affected by measures taken in connection with those dismissals”. The term extends beyond those immediately at risk of dismissal to include those affected by measures associated with the redundancies.
“Appropriate representatives” can be:
- The Trade Union (if recognised)
- (For any roles not covered by collective recognition) any existing standing body of elected or appointed employee representatives (if already in place)
- Employee representatives, who are elected specifically for redundancy consultation
Employers will need to be flexible with employees who are unable to return to work at present due to childcare difficulties. While schools have reopened, a period of isolation may result in employees having to keep children off school/nursery and therefore have childcare issues. Some employees will be able to manage this with their partner and extended family, whereas others will not. Where an employee simply cannot make any other arrangements to care for their children in the short term then they will be unable to return to work until that situation changes. Any dismissals on the basis that someone is unable to return to work as a result of lack of childcare are likely to be unfair, at least in the short term where such employees may well be able to demonstrate that they had no options available to them.
- Do not require them to work
- Continue to communicate with and support them
- Allow them to work from home, is there alternative work for them to do if they can’t do their work from home
- Offer SSP or allow them to take holiday if they want to.
On 4 May 2020, the Government launched the Bounce Back Loan Scheme (BBLS), which is intended to cut red tape to enable smaller businesses to access finance quickly during the coronavirus outbreak.
The scheme helps small and medium-sized businesses to borrow between £2,000 and up to 25% of their turnover. The maximum loan available is £50,000.
The government guarantees 100% of the loan and there are no any fees or interest to pay for the first 12 months. After 12 months the interest rate will be 2.5% a year.
The length of the loan is 6 years, but it can be repaid early without penalty. No repayments will be due during the first 12 months.
Under the scheme, lenders are not permitted to take any form of personal guarantee or take recovery action over a borrower’s personal assets (such as their main home or personal vehicle).
Businesses can apply for a BBLS loan if it:
- is based in the UK
- was established before 1 March 2020, and
- has been adversely impacted by the coronavirus.
Any business regarded as being a business in difficulty on 31 December 2019 will need to confirm that it is complying with additional state aid restrictions.
Businesses from any sector can apply, except the following:
- banks, insurers and reinsurers (but not insurance brokers)
- public-sector bodies, and
- state-funded primary and secondary schools.
Businesses already claiming under the following schemes cannot apply although it is possible to convert an existing loan under such schemes into BBLS:
- Coronavirus Business Interruption Loan Scheme (CBILS)
- Coronavirus Large Business Interruption Loan Scheme (CLBILS)
- COVID-19 Corporate Financing Facility.
There are 11 lenders participating in the scheme including many of the main retail banks, which are listed on the British Business Bank’s website (www.british-business-bank.co.uk/ourpartners/coronavirus-business-interruption-loan-schemes/bounce-back-loans/for-businesses-and-advisors/). Applicants are directed to approach a suitable lender via the lender’s website. If an applicant is declined by a lender, they can apply to other lenders in the scheme.
The lender will ask applicants to fill in a short online application form and self-declare that they are eligible. All lending decisions remain fully delegated to the accredited lenders.