What is the NICE guidance around Service organisation?

In recognition of the problems that the current situation is causing, the UK IPO classed the 24th March and all subsequent days as “interrupted days” which means that deadlines that fall within this period will be extended until the UK IPO declares that the interrupted days have ceased. As lockdown has begun to be eased, the IPO has now reviewed its position and has confirmed that the “interrupted days” period will come to an end on the 29 July 2020. This means that Thursday 30 July 2020 will be the first normal day of operation, therefore all “interrupted days” deadlines will expire on this day. Similarly, if your deadline falls after the period of interruption ends, this deadline will not be automatically extended.

The IPO is conscious that many businesses may still be in challenging positions when the period of “interrupted days” end. They will endeavour to continue to provide flexibility and support to assist businesses with their applications. They hope to temporarily remove fees for requests for extensions of deadlines, and will give further updates when this fee exemption is in place.

The IPO continues to encourage applicants to meet original deadlines where they are able.  As their offices are closed, the UK IPO is not currently processing paper forms (i.e. hard copy) and faxes. However, they are processing forms which have been submitted electronically, or via email and have made a new email address available for the submission of forms.

Intellectual Property Offices covering other territories have made their own announcements about the extension of deadlines. The EUIPO’s period of extension of deadlines came to an end on the 18th May. However, they have published a Guidance Note and accompanying webinar on the EUIPO website, detailing options for parties who may struggle to meet deadlines and remedies for those who may have missed deadlines.

The Home Office has provided useful guidance on how to carry out a compliant Right to Work check using the temporary adjustments in place for Covid-19. In summary:

• You will need to ask the job applicant to send you digital copies of their original documents, for example by scan, photo or mobile app.
• Hold a video call with the job applicant and ask them to show their original documents on camera so you can check them against the digital copies you have already received.
• On the date you made the check, record that you have done this by using the following wording “adjusted check undertaken on [insert date] due to Covid-19”. Evidence of right to work checks still need to be held securely either in paper or electronic format.
• You can use the online RTW checking service where the job applicant has Biometric Residence Permit or pre-settled or settled status under the EU Settlement Scheme. You should do this whilst on the video call with the applicant/employee, and you must first obtain their permission to view their details on this scheme.

The scheme is being administered by HMRC under a new online portal that has been set up. It applies to businesses, charities, recruitment agencies, individuals who employ a nanny, administrators (where there is a reasonable likelihood of re-hiring the workers) and public authorities.

All employers with a UK payroll can apply as long as you have:

• Created and started a PAYE payroll scheme on or before 28 February 2020
• Enrolled for PAYE online (which can take up to 10 days)
• A UK bank account.

To make a claim you will need:

• The number of employees being furloughed
• The start and end date of the claim
• The name and National Insurance Numbers for each furloughed employee
• Your employer PAYE reference number
• To be registered for PAYE online
• The Self-Assessment Unique Taxpayer Reference, Corporation Tax Unique Taxpayer Reference or Company Registration Number as appropriate for your entity
• Your UK bank account details and sort code
• Your name and contact number
• Your organisation’s registered name
• Your organisation’s billing address
• The full amounts you are claiming for including:
  • Employee wages
  • Employer national insurance contributions
  • Employer minimum pension contributions

For claims for those who are flexibly furloughed you will also need:

• the number of usual hours the employee would work during the claim period
• the hours the employee has worked or will work during this period
• you will also need to keep a record of the number of furloughed hours that the employee has or will be furloughed for.

You will need the above information ready before you access the system to make a claim. You will also need to have calculated the amounts claimed in advance as the application needs to be completed in one session. You can currently save one draft of the application and it must be completed within 7 days of starting it.

The Government has issued a step-by-step guide for employers who wish to make a claim under the scheme which can be found using the link below. It contains useful information about calculating the payments claimed. You will need to register for a Government Gateway ID and password if you do not yet have one in order to access the portal.

https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/880099/Coronavirus_Job_Retention_Scheme_step_by_step_guide_for_employers.pdf

If you use an agent who is authorised to act for you for PAYE purposes, they will be able to make a claim on your behalf. If you use a file only agent (who files your RTI return but doesn’t act for you on any other matters) they won’t be authorised to make a claim for you and you will need to make the claim yourself. A file only agent can assist you in obtaining the information required to make a claim (listed above). If an agent makes a claim on your behalf you will need to tell them which bank account you would like the grant to be paid into.

For claims for fewer than 100 employees you will need to input the details separately for each employee. If claiming for more than 100 employees you can upload a file with the information instead. The file should include the following information for each furloughed employee: name, National Insurance number, claim period and claim amount, payroll/employee number (optional). You will also need to include details of hours normally worked, actual hours worked and hours furloughed for those who are flexibly furloughed.

The need to demonstrate the impact of coronavirus on your business is not one of the criteria listed above about who can make a claim, so the government does not appear to intend to set a specific test to determine if a business is “severely impacted by coronavirus”. You are not required to explain the impact of Coronavirus on your business when submitting your claim.

HMRC will retain the right to audit any claim retrospectively. You must keep records for 6 years including:

• the amount claimed and claim period for each employee
• the claim reference number
• you calculations for each claim
• details of hours usually worked and hours actually worked for flexibly furloughed employees.

You must tell your employees that you have made a claim under the scheme, and you must continue to pay their wages during this time.

The Cabinet Office has published a useful Procurement Policy Note (“PPN”) on relief available to suppliers due to Covid-19 (available here). In brief, you should not be penalised by a public sector body, if, in the current circumstances, you are unable to comply (fully or partly) with your contractual obligations. Public sector bodies are expected to work with suppliers and, if appropriate, provide relief against current contractual terms. This is in order to maintain business and service continuity and avoid claims being accepted for other forms of contractual relief, such as the occurrence of a force majeure event.

The types of relief that may be available to suppliers to the public sector will depend on the existing contracts in place. Some contracts may have a payments by result mechanism, whereas others may be based on certain key performance indicators (KPIs) being met. Other contracts may not include any such mechanisms and therefore it will be a matter for discussion between suppliers and the public sector body.

The PPN provides that, rather than a supplier seeking to invoke a clause that would permit the supplier to suspend performance of its obligations (such as a force majeure clause), public sector bodies should first work with the supplier to amend or vary the contract. Any changes should be limited to the particular circumstances and considered on a case-by-case basis. Changes could include:

• Amending the contract requirements
• Varying timings of deliveries
• Relaxing KPIs or service levels
• Extending time for performance (e.g. revising a contract delivery plan), and/or
• Preventing the public sector from exercising any rights or remedies against the supplier for non-performance (e.g. liquidated damages or termination rights).

These should only be temporary variations and the contract should return to the original terms once the impact of the Covid-19 outbreak on the contract has ended. Discussions with the public sector body about any changes that are agreed should be documented, in a variation signed by both parties.

A public sector may also need to take account of regulation 72 of the Public Contract Regulations 2015, to ensure that any changes to a contract (even of a temporary nature) do not trigger a requirement to conduct a new tender process. Whilst this may be unlikely to be the case with temporary variations, suppliers should still bear this in mind when discussing any changes to a contract with a public sector body.

If you are a supplier to a public sector body and you are currently struggling to meet your contractual obligations, we recommend that you take legal advice as to whether it might be possible to take advantage of the flexible approach that the PPN requires public sector bodies to adopt – it could be that you can avoid service credits or other financial deductions, or the need to serve formal notices such as “force majeure” or other relief notices.

With the loss of face-to-face meetings in the current situation, video conferencing has taken centre stage. But how do you do that in a compliant way? Here are some of the main high-level data protection issues to consider when selecting and implementing a new third party provider’s video conferencing system.

1. Make sure you do your due diligence on the security measures offered by the provider. Clearly you can’t visit them, so look at the information offered publicly by the provider and read good quality, reliable, third party sources and ask the provider questions directly. Also ask any other organisations you know that use the provider. Document all this.
2. If personal information is being sent outside of the UK/European Economic Area, make sure that transfer complies with GDPR. If it’s a US provider, is it registered in the EU-US Privacy Shield list or does it offer a model clause contract (you’re likely to need the 2010 version)? Or is the service provided from a country whose data protection laws offer equivalent protection to those in Europe? Look at the support service as well as the hosting. Document this.
3. Make sure you put a compliant processor agreement in place. The provider should offer one as part of the contract terms. Check it meets GDPR requirements.
4. You’re likely to need to update your privacy notice, particularly if you’re going to record calls. Provide participants with a short message and link to the privacy notice in the meeting invite and on any registration page.
5. Create or update other GDPR-mandated documentation – for example, depending on your use, you may need a legitimate interests assessment and to update your record of processing.
6. Finally, configure and use the system in a secure and compliant way. Look at the settings/options carefully and think through the security and compliance implications of each. That could include deciding who in the meeting can share their screen; whether or not you use passwords for participants; whether or not to record, and if you’re going to record, where to store the recording. Document your decisions and the reasons for them.

The ICO has said it understands that resources, whether they are finances or people, might be diverted away from usual compliance work during the pandemic. However the last thing you need at the moment is to create a bigger problem than the one you are trying to solve. So do the best you can, ask for help from one of our specialists if you need it, and keep the whole thing under review.

On 16 April 2020, Ian Hulme, the ICO’s Director of Assurance, posted a blog for business owners, employers and managers about how to safely roll out the latest video conferencing technology.

On 21 April 2020, the NCSC published security guidance for organisations on choosing, configuring and deploying video conferencing services.