What does the guidance suggest?

The Commission has provided guidance as to measures which Member States can introduce without notification. These include:

• Measures which apply to all businesses within a Member State (for example the furloughing measures introduced by the UK Government)
• Measures providing support direct to consumers
• Measures which are already exempt from the notification requirement (discussed further below).

To respond to the crisis the European Commission has also issued a temporary framework to provide a basis for emergency aid to be notified for approval. The framework is initially in place until 31 December 2020. The Commission continues to keep this under review and has twice widened its scope to allow more types of aid to be notified. The type of measures covered include:

• The provision of guarantees (including guarantees for 100% of loans)
• The provision of loans at low interest rates, at zero interest rates or subordinated to senior debt
• Measures to support liquidity needs or to alleviate difficulties caused by the current crisis
• Measures to recapitalise businesses
• Measures to assist sectors hit particularly hard by the current crisis (eg transport)
• Measures targeted at COVID-19 such as research and development or production of products related to tackling the virus

The Commission has approved a UK Government “umbrella” notification to allow UK public authorities to adopt the measures permitted by the Commission framework. Therefore public authorities in the UK can use the Framework without notifying individual measures or schemes to the Commission.

The Flexible Furlough Scheme was introduced from 1 July 2020 and is due to come to an end on 30 September 2021.

Funding audits are being paused and no new audits will be commenced during the lockdown period.

Mortuaries are a sui generis use, unless ancillary to some other use of land, a hospital for example.

Sui generis uses are not within any Use Class. Consequently planning permission is required for the:

• Change in the use to a sui generis use
• Subsequently for the change in the use to an alternative use, whether that be another sui generis use or a use within a Use Class

Acknowledging the above, if the scale of the use is above de minimis, planning permission is likely to be required to change the use of a warehouse or factory unit into a temporary mortuary.

Should planning control be breached, a local planning authority must decide whether to take enforcement action or not. That enforcement is discretionary was recently reiterated in a Ministerial Statement issued on 13 March 2020 a link to which is below.

https://www.parliament.uk/business/publications/written-questions-answers-statements/written-statement/Commons/2020-03-13/HCWS159/

Depending on the form of the enforcement action, there could be a right of appeal.

Employers will be collecting and sharing health information. Health information is sensitive and higher data protection standards apply. Here are a few key pointers.

• Update privacy notices to cover the new collection and sharing of employees’ information and provide these to the workforce. Be transparent and fair.
• Identify the legal basis and condition for use of this information and put any required paperwork in place. The ICO guidance will help. For some conditions such as the employment condition, an Appropriate Policy Document (APD) will be required. The ICO has an APD template.
• Only use the information for the purpose of managing the workforce during the pandemic.
• Only collect or share information if it’s necessary – if it’s a targeted and proportionate way of achieving your purpose.
• Make sure any health information collected and shared is accurate – there may be serious consequences if it’s not.
• Work out how long the information must be kept for. Keep a record of that period and act on it at the appropriate time.
• Security is very important – there may be malicious actors trying to trick employers and employees. Make sure employees know how to identify a genuine NHS Test and Trace contact. Keep the information secure. Use the ICO’s data sharing checklists** and keep a record of the disclosures made and why. Control external disclosures – only certain authorised members of staff should make them.
• Make sure individuals can still exercise their data protection rights – that’s also very important. Keep data protection records up-to-date and ensure any exports of personal information outside the UK are compliant.
• Before introducing employer-led testing like taking temperatures, thermal imaging or other potentially intrusive tests, work out if a data protection impact assessment (DPIA) is required. It will be if the intended processing is ‘high risk’. If it is, then carry out a full DPIA. It will help address the issues systematically and mitigate risks.
• All this demonstrates ‘accountability’ – it shows affected individuals and the ICO that the employer is complying with data protection requirements.

If you need further help, please visit the ICO’s data protection and coronavirus information hub or ask our data protection team.

** Please note that this link is to the ICO’s existing checklists and data sharing code of practice. We will update the link to the ICO’s new checklists after they are published.