What is the over-riding statutory duty for employers to ensure the health and safety of employees?

The obvious option to reduce the cost of your workforce is redundancy. However, that also reduces the number of employees and therefore your capacity.

Employers will be collecting and sharing health information. Health information is sensitive and higher data protection standards apply. Here are a few key pointers.

• Update privacy notices to cover the new collection and sharing of employees’ information and provide these to the workforce. Be transparent and fair.
• Identify the legal basis and condition for use of this information and put any required paperwork in place. The ICO guidance will help. For some conditions such as the employment condition, an Appropriate Policy Document (APD) will be required. The ICO has an APD template.
• Only use the information for the purpose of managing the workforce during the pandemic.
• Only collect or share information if it’s necessary – if it’s a targeted and proportionate way of achieving your purpose.
• Make sure any health information collected and shared is accurate – there may be serious consequences if it’s not.
• Work out how long the information must be kept for. Keep a record of that period and act on it at the appropriate time.
• Security is very important – there may be malicious actors trying to trick employers and employees. Make sure employees know how to identify a genuine NHS Test and Trace contact. Keep the information secure. Use the ICO’s data sharing checklists** and keep a record of the disclosures made and why. Control external disclosures – only certain authorised members of staff should make them.
• Make sure individuals can still exercise their data protection rights – that’s also very important. Keep data protection records up-to-date and ensure any exports of personal information outside the UK are compliant.
• Before introducing employer-led testing like taking temperatures, thermal imaging or other potentially intrusive tests, work out if a data protection impact assessment (DPIA) is required. It will be if the intended processing is ‘high risk’. If it is, then carry out a full DPIA. It will help address the issues systematically and mitigate risks.
• All this demonstrates ‘accountability’ – it shows affected individuals and the ICO that the employer is complying with data protection requirements.

If you need further help, please visit the ICO’s data protection and coronavirus information hub or ask our data protection team.

** Please note that this link is to the ICO’s existing checklists and data sharing code of practice. We will update the link to the ICO’s new checklists after they are published.

In our latest “in conversation” webinar we discussed the outlook for the corporate transaction market. Whilst it would be a brave person to predict the future of anything at the moment given current circumstances, we were joined by two organisations who are very well placed to provide their views.

John Laud, Head of Corporate Banking for North and West Yorkshire for Barclays, his colleague Stephen Loureda from their Credit Analysis Team, and Jill Williams, Investment Director of Mercia Asset Management’s Growth Fund, were in conversation with Ward Hadaway corporate partners Adrian Ballam and Jonathan Pollard to share their thoughts about how the ‘new normal’ for the transactions market may look:

• With supply chain and forecast prediction challenges, how will banks and investors determine what represents a sound opportunity?
• How will distressed and opportunistic acquisition opportunities be funded, and what is investor appetite for such opportunities?
• How have seller and buyer pricing expectations been impacted as a result of the pandemic?
• How are funders reacting, and how should ambitious businesses respond to the very low, or even negative, interest rates?

We expect this video to be of real value to those businesses whose plans of buying, selling or investment may have been impacted by the current economic crisis, but who are looking at opportunities to determine how they may shape their futures – #gettingbacktobusiness.

Employers had until 31 July 2020 to make any claims for claim periods up to 30 June 2020. That was the end of the old scheme.

From 1 July 2020, claim periods must start and end within the same calendar month and must be for at least 7 days unless you are claiming for the first few days or the last few days in a month.

You can only claim for a period of fewer than 7 days if the period you are claiming for includes either the first or last day of the calendar month, and you have already claimed for the period ending immediately before it.

For example, if an employee is furloughed for 7 days spanning a month. You can claim the last 3 in one month, and 4 from the next.

The crucial point is that you cannot make claims that cross calendar months.

The first time that you could make a claim for days in July 2020 was 1 July 2020. You could not claim for periods in July 2020 before this point.

The ICO is providing new guidance to organisations regarding data protection and coronavirus, which can be accessed here: https://ico.org.uk/for-organisations/data-protection-and-coronavirus/

Information about the Covid-19 health status of individuals is special category data under the GDPR. This means it is high risk which has implications for how you use it, store it and keep it secure.

You will already hold health data about your employees as this is necessary to provide a safe, accessible place to work and to make reasonable adjustments to the workplace. You now need to make sure that the information you gather about your employees, visitors to your sites, customers and suppliers about Covid-19 is processed in accordance with data protection laws.