Skip to content
Menu

Home FAQs What are the data protection implications of holding Covid-19 health data?

What are the data protection implications of holding Covid-19 health data?

The ICO is providing new guidance to organisations regarding data protection and coronavirus, which can be accessed here: https://ico.org.uk/for-organisations/data-protection-and-coronavirus/

Information about the Covid-19 health status of individuals is special category data under the GDPR. This means it is high risk which has implications for how you use it, store it and keep it secure.

You will already hold health data about your employees as this is necessary to provide a safe, accessible place to work and to make reasonable adjustments to the workplace. You now need to make sure that the information you gather about your employees, visitors to your sites, customers and suppliers about Covid-19 is processed in accordance with data protection laws.

Related FAQs

What if I have missed the January deadline for submitting my 2018/2019 tax return?

You had until 23 April 2020 to submit your return in order to be considered for eligibility.

Last updated on 31st March, 2020

What is the penalty for failing to comply with the individual consultation obligations?

Failure to comply with the individual consultation obligations could render the dismissal unfair and expose you to a financial penalty of the lower of up to 1 years gross pay or the maximum statutory limit (currently £88,519).

Last updated on 7th May, 2020

What are the new rules about wearing face masks in the workplace?

The new rules for wearing face masks/face coverings in the workplace introduced on 23 September 2020 are as follows:

  • Staff in retail, including shops, supermarkets and shopping centres, will now have to wear a face covering
  • Staff in hospitality will now have to wear a face covering
  • Guidance stating that face coverings and visors should be worn in close contact services, such as hairdressers and beauticians, will now become law
  • Staff working on public transport and taxi drivers will continue to be advised to wear face coverings

You can take off your mask if:

  • You who need to eat, drink, or take medication
  • A police officer or other official asks you to

Last updated on 25th September, 2020

How is the Pensions Regulator reacting to the crisis?
  • The Pensions Regulator has published regularly-updated guidance for employers.
  • It will take “a proportionate and risk-based approach towards enforcement decisions … with the aim of supporting both employers and savers”. In other words, the law remains the same, but the Regulator will show restraint in enforcement against breaches.

Last updated on 14th April, 2020

If an employer identifies that higher PPE spec is required for BAME employees undertaking a particular task, is it necessary to increase the spec for all employees working in that area?

It is. If you assess a risk and identify a control measure then fail to deploy it, then you are breaching your legal duties under HASWA and potentially committing a criminal offence. So if you decide for example that N95 respirators have to be used by everyone, you have a duty to provide them.

So the short answer is yes.

Last updated on 19th May, 2020