What are the data protection implications of holding Covid-19 health data?
The ICO is providing new guidance to organisations regarding data protection and coronavirus, which can be accessed here: https://ico.org.uk/for-organisations/data-protection-and-coronavirus/
Information about the Covid-19 health status of individuals is special category data under the GDPR. This means it is high risk which has implications for how you use it, store it and keep it secure.
You will already hold health data about your employees as this is necessary to provide a safe, accessible place to work and to make reasonable adjustments to the workplace. You now need to make sure that the information you gather about your employees, visitors to your sites, customers and suppliers about Covid-19 is processed in accordance with data protection laws.
Related FAQs
Interestingly, there is currently no ‘single’ technology to be used by the judiciary within the protocol. The court and parties must choose from a selection of possible IT platforms or audio/telephone hearing (further details available in the guidance e.g. Skype for Business, Microsoft Teams, Zoom etc.) The particular platform must be agreed at the outset of each case and then specified in the case management order. The guidance issued also sets out the basic principles which apply when conducting remote hearings.
The Home Office has provided useful guidance on how to carry out a compliant Right to Work check using the temporary adjustments in place for Covid-19. In summary:
- You will need to ask the job applicant to send you digital copies of their original documents, for example by scan, photo or mobile app.
- Hold a video call with the job applicant and ask them to show their original documents on camera so you can check them against the digital copies you have already received.
- On the date you made the check, record that you have done this by using the following wording “adjusted check undertaken on [insert date] due to Covid-19”. Evidence of right to work checks still need to be held securely either in paper or electronic format.
- You can use the online RTW checking service where the job applicant has Biometric Residence Permit or pre-settled or settled status under the EU Settlement Scheme. You should do this whilst on the video call with the applicant/employee, and you must first obtain their permission to view their details on this scheme.
There is not a magic number. It depends on the nature of the organisation, the work carried out, the organisational structure, the geographical spread, working patterns and conditions. We would give specific advice personalised to the organisation and taking all these and other factors in to consideration. There is no such things as too many MHFAs!
The best advice is that parties should proceed as they would have done before the crisis began.
The General Medical Council (GMC) have published guidance online for doctors during this time of uncertainty.
Alongside this, their website displays guidance for temporary registration to approximately 15,000 doctors, who left the register or gave up their licence to practise in the last three years.
These clinicians have been contacted to assist with the growing pandemic, outlining the process they would follow and informing them of their right to opt-out. The Secretary of State for Health can ask the GMC to grant such registration under Section 18a of the Medical Act 1983, in an emergency.