Section A – Introduction
The Government has said that its “Test and Trace” programme underpins the relaxation of COVID-19 restrictions in England including the reopening of places of worship. Details of the programme, now referred to as “NHS Test and Trace”, are available in the Government’s guidance NHS Test and Trace: how it works. Details of how Managing Trustees are expected to help Test and Trace by keeping a temporary record of visitors and assist the service should they contact Managing Trustees with a request for that information, are available in the Government’s guidance Maintaining Records of Staff, Customers and Visitors to Support NHS Test and Trace.
The Government’s guidance on reopening places of worship (Government COVID-19 Guidance on the safe use of places of worship) advises:
“The opening up of public places following the COVID-19 outbreak is being supported by the NHS Test and Trace service. In line with other government guidance for other venues including in the retail and hospitality sector, you should assist this service by keeping an accurate temporary record of visitors for 21 days, in a way that is manageable for your place of worship, and assist NHS Test and Trace with requests for that data if needed for contact tracing and the investigation of local outbreaks.”
This request by the Government for the Church to collect personal information about visitors to our premises in England, and to share this with the NHS Test and Trace service (in the event that they notify you about possible infection), raises immediate concerns about data protection. This Focus Note looks at what steps you need to take to comply with this request and how to ensure compliance with data protection legislation in accordance with the additional guidance that has been provided by the ICO and the Ministry of Housing, Communities & Local Government up to and including 4 August 2020.
|Full guidance on the reopening of Methodist places of worship from 4th July 2020 is available on the Methodist Church website. Places of worship are allowed to reopen in accordance with Government and Connexional Team guidance including the Government’s (Government COVID-19 Guidance on the safe use of places of worship) and the Connexional Team’s (Reopening our Church Buildings for Worship).|
Section B – Data Protection Implications
As controller (data controller), TMCP is the legal entity responsible for ensuring compliance with the relevant data protection legislation for the type of personal information collected in relation to NHS Test and Trace. TMCP has prepared a five step plan (Test and Trace Five Step Plan) to highlight what Managing Trustees need to do to comply with the Government’s request and ensure compliance with data protection legislation.
As always and as highlighted in the Newshub article COVID-19 Update – Data Protection and Data Processing, Managing Trustees need to remember the six principles of GDPR and data protection legislation. If we hold (1) lawfulness, fairness and transparency; (2) purpose limitation; (3) data minimisation; (4) accuracy; (5) storage limitation and (6) security at the heart of our efforts to assist NHS Test and Trace, Managing Trustees should be able to demonstrate compliance with data protection requirements. Please read COVID-19 Update – Data Protection and Data Processing for details of the six principles.
Please also refer to the ICO’s Coronavirus Hub for links to their most up-to-date guidance including:
What do Managing Trustees need to do to assist the NHS Test and Trace service while complying with the requirements placed on them under data protection legislation? In essence, a record needs to be kept of who visits the church building and when, with sufficient details logged to allow you – if a request is made to you by NHS Test and Trace – to pass contact details on to the service so that they can contact individuals who may have been exposed to infection. To do this, Managing Trustees should follow the The Test and Trace Five Step Plan below:
Step 1: Be transparent – inform individuals why you need to collect their information and what you are going to do with it.
How? Ensure those who are asked to provide their details know exactly why their information is being taken and what you are going to do with it. A notice has been placed on the Template Methodist Church Test and Trace Record setting out this information. Please ensure that those completing the record read the notice or explain it to them. You could print a copy of the notice and place it on the wall next to the record to avoid people needing to handle it. A poster version has been created in Word or pdf for your ease of use:
- Template Methodist Church Test and Trace Record Privacy Information Poster (.docx)
- Template Methodist Church Test and Trace Record Privacy Information Poster (.pdf)
This notice states:
“The Government has requested that Churches in England assist the NHS Test and Trace service by keeping an accurate temporary record of visitors for 21 days. Please assist the Church in fulfilling this request by completing the record as indicated.
The Methodist Church cares about your privacy and your trust is important to us. Our Privacy Notice explains how Local Churches, Circuits and Districts within the Methodist Church in Great Britain collect, use and protect your personal information. It also provides information about your rights (paragraph 9 of the Privacy Notice) and who to contact (paragraph 1 of the Privacy Notice) if you have any questions about how we use your information. You can find our Privacy Notice online (www.tmcp.org.uk/about/data-protection/managing-trustees-privacy-notice) or displayed at the Building. Please ask us for a copy of the Privacy Notice if this would be of assistance.
In addition to the information in our Privacy Notice we confirm that the information we are asking for on this record is collected for the purpose of assisting the NHS Test and Trace service with contact tracing. If the NHS Test and Trace service request details of our visitors for the purpose of contact tracing, we will share relevant information from this record with them and contact details e.g. telephone number and/or email addresses. These will either be contact details that we already hold for you or details that you provide when you complete this record using the ballot box. This record will be destroyed after 21 days in accordance with Government guidelines.”
The Privacy Notice for Managing Trustees provides the information that data protection legislation dictates must be provided to individuals whose information we collect and use. Section 4 of the Privacy Notice for Managing Trustees provides information about how personal information is used with the purposes detailed in the Annex. The Annex comprises a table set out in rows. The row of the table labelled “lists” includes information about members and those attending church events and the third “administration” row for those attending third party groups. Section 5 deals with disclosures of information to third parties including authorities based in the United Kingdom who require reporting of processing activities in certain circumstances and where necessary to protect to protect our rights, property or safety of our members, ministers, volunteers or staff.
Step 2: Keep it brief – minimise the personal information that you collect for the purposes of test and trace to the bare essentials.
How? Use the Template Methodist Church Test and Trace Record and ensure that you limit the information collected to only that which is required by the record. Please refer to Section D for details of how to use the record.
The Government’s guidance Maintaining Records of Staff, Customers and Visitors to Support NHS Test and Trace confirms that the only information that is required is the name of the visitor to the premises (or a lead name and record of the number of people in the group), a contact phone number for each visitor (or lead member), date of visit, arrival time and departure time if possible. No additional information should be collected.
Step 3: Keep it safe – keep and store the information relating to individuals visiting church buildings (your Test and Trace Record) safely.
How? When not in use, keep your Test and Trace Record in a safe place, ideally in a locked drawer, filing cabinet or room when not in use. Please refer to the Data Security Policy for details of steps to take.
When in use, and despite the limited information contained in the Test and Trace Record, please try not to leave the record open so that previous entries can be seen by other users of the property. If the measures you intend to put in place to keep your church building safe in accordance with your COVID-19 Risk Assessment and checks, require somebody to be on the premises when in use to monitor the use of the buildings etc., they could help keep the register out of sight/remove pages of the record and store these in a more secure location after each group has entered the building. This person could even collect the information/complete the record themselves and either show visitors the fair processing information from the front page of the Test and Trace Record or explain this to them.
Step 4: Only share the personal information on your Test and Trace Record with the official NHS Test and Trace Service – continue to keep the information safe.
How? The Government has now provided guidance to help those assisting the NHS Track and Trace service to verify whether somebody claiming to be from “NHS Test and Trace” is bona fide and not a third party on a phishing exercise. The Government’s guidance Maintaining Records of Staff, Customers and Visitors to Support NHS Test and Trace confirms (see section headed “When information should be shared with NHS Test and Trace”):
“Contact tracers will:
- call you from 0300 013 5000
- send you text messages from ‘NHStracing’
- ask you to sign into the NHS Test and Trace contact-tracing website
Contact tracers will never:
- ask you to dial a premium rate number to speak to them (for example, those starting 09 or 087)
- ask you to make any form of payment or purchase a product or any kind
- ask for any details about your bank account
- ask for your social media identities or login details, or those of your contacts
- ask you for any passwords or PINs, or ask you to set up any passwords or PINs over the phone
- disclose any of your personal or medical information to your contacts
- ask about protected characteristics that are irrelevant to the needs of test and trace
- provide medical advice on the treatment of any potential coronavirus symptoms
- ask you to download any software to your PC or ask you to hand over control of your PC, smartphone or tablet to anyone else
- ask you to access any website that does not belong to the government or NHS”
If you are asked to share contact information about visitors to the church building, please ensure you do not provide any more information than you are asked to provide (if you are asked for information from a certain date or time of day – only give details relating to the date/time). If you are uncertain whether the body is bona fide, contact TMCP Data Protection and we can try and assist; whether this means getting in touch with the NHS Test and Trace service ourselves or the ICO.
Step 5: Limit the length of time you keep entries on your Test and Trace Record - safely destroy the entries on the record as soon as they are 21 days old. By this time, the purpose for which you held the information will have been fulfilled.
How? Please refer to the Data Security Policy for details of steps to take to safely destroy the information. The physical record could for example be shredded or disposed of in confidential waste if you have access to such a system.
Note that 21 days after first writing entries in your record you should destroy entries from the first day and continue thereafter so that at any time, the oldest entries on your record date back no more than 21 days previously. Nominate somebody to be responsible for this task.
How to use
|The Test and Trace Record (the Record) was reviewed and updated in early August 2020 to include details of a departure time in accordance with more detailed guidance provided by the Government and the ICO. We will continue to keep the Record under review and develop the Record over time as necessary to take account of additional Government guidance. In the meantime, please let us have your comments and suggestions so that we can also take these on board in developing a record and process that is as helpful as possible for Managing Trustees and takes account of the responsibilities under data protection legislation. Please contact TMCP Data Protection.|
To help you use the template Record, please bear in mind the following tips:
- The information to be completed on the Record is limited as much as possible to try and reduce the amount of personal information (personal data) that Managing Trustees are collecting and sharing for contact tracking purposes. The only personal information required is the initial and surname of the individual completing the Record. Please see “providing contact details” for details of how to collect contact details if these are not already held by the Managing Trustees or a third party.
- The Record can be downloaded in Word or PDF:
Test and Trace Template (.docx) v1.2 6/8/20
Test and Trace Template (.pdf) v1.2 6/8/20
In most cases the form will be printed out to enable visitors or a designated Managing Trustee to complete the information. You will need to print multiple copies of page 3.
If you have equipment to enable the record to be completed electronically; somebody in attendance at your building, as discussed above, who can complete and save the information electronically or an electronic record for visitors to complete, this is possible but please contact TMCP Data Protection to ensure this can be done in accordance with data protection legislation.
- The front page of the Record contains the fair processing information discussed in Section C, Step 1 of this Focus Note. Those completing the Record need to be aware of this information. Please either ensure the information/ a copy of the page is displayed close to the Record or explain this information to the visitor. A poster version can be downloaded as a PDF or Word document
- The information on the Record (and any further information contained in a “ballot box” – see “providing contact details” below) is intended to enable the Managing Trustees to deal with a request from the NHS Test and Trace service (see Section E).
- Contact information should not be provided on the Record. In most cases this will be an open record and there is a need to reduce the risk of visitors being able to obtain contact details from the Record to use for their own purposes. See “Providing contact details” below.
Finding your way around the Record
- Column 1 simply allows the entries on the Record to be numbered. Managing Trustees will need to complete the numbering from page 3 of the Record onwards.
- Column 2 requires the date of the visit to be inserted – you may prefer to have a separate dated record for each date the premises are used and simply state this at the beginning of each day’s entries. The information does not need completing by each visitor if it is clear what date the entries relate to.
- Column 3 asks for the visitor’s name. Please ask them to insert their initial and surname only to reduce the information held on the Record/available to others completing the Record.
Where several people from the same household are visiting the church building, only one entry needs to be completed on the Record. Include all members of the household’s initials and surname(s) in column headed “Name”.
- Column 4 asks for details of the purpose of the visit and rooms visited to help establish who may have come into contact with whom/whose details NHS Test and Trace may require. It also helps clarify who would hold the contact details if they are not provided in the secure ballot box. See “Providing contact details” below.
- Column 5, “contact details” requires the visitor to tick the appropriate box to indicate that their details are either already held by the Managing Trustees/the third party group they are attending (such group should be clear from column 4) OR that they have provided their details. See “Providing contact details” below.
- Column 6 asks for the “time in”. This has been amended so that a “departure time” can be provided if possible. Although the Government has indicated that this is desirable, it will not always be possible so please do not worry if you are not able to complete this.
Providing contact details
- Where the visitor is already known to the Managing Trustees, the Managing Trustees will already have their contact information and can pass these on if required. The visitor should tick the Record to indicate that their details are already held. No further action is required.
The fair processing information on the front of the Record advises individuals that contact details already held by the Managing Trustees may be shared with the NHS Test and Trace service for the purpose of contact tracing.
If the volume of requests from the NHS Test and Trace service is such that this becomes unworkable, the position and techniques to keep the Record secure will be reviewed. Some Managing Trustees have already decided to ask all visitors to complete a piece of paper with their name, contact number, purpose of visit, time of arrival and date and post it in a “ballot box”.
- Where the visitor is at the church building for the purpose of attending a third party group (e.g. a group run by a licensee or one-off hirer), and their contact details are already held by the third party responsible for that group/event, the visitor should tick the Record to indicate that their details are already held. No further action is required.
- If the visitor is not known to the Managing Trustees or the third party responsible for the group they are attending, they will need to provide contact details. They should tick the Record to indicate this. It has been suggested that Managing Trustees will enable this information to be provided securely by positioning a box next to the Record where such a visitor can post a slip of paper or business card with their name, contact number, purpose of visit, time of arrival and date of attending the premises. Current guidance suggests that a mobile telephone number is ideal but a landline number or an email address could be provided if this is not available.
This box has been described by some Managing Trustees as a “ballot box” and we suggest you speak to your Circuit and District to see what is being suggested in your area. The box should be designed so as to prevent third parties from being able to access the contact information. Please follow the guidance on keeping the information secure in Section C Step 3.
The Government’s guidance Maintaining Records of Staff, Customers and Visitors to Support NHS Test and Trace provides detailed guidance on the process followed by NHS Test and Trace and how you are expected to help them.
It is understood that NHS Test and Trace will contact you if an individual who has tested positive confirms to them that they have recently visited your premises, or if they believe your premises could be the location of a potential local outbreak. It is recommended that you nominate somebody from your local Managing Trustee body to be the point of contact and that you refer the tracer to them.
If a tracer from NHS Test and Trace contacts the Local Church, the Local Church point of contact should please take the following steps:
- Act as soon as possible in relation to a request.
- Ensure that it is a bona fide request from NHS Test and Trace before sharing any contact details with them. Please refer to Step 4 above and the Government’s guidance Maintaining Records of Staff, Customers and Visitors to Support NHS Test and Trace in the section headed “When information should be shared with NHS Test and Trace”. If you have any concerns please contact TMCP Data Protection.
- Once satisfied that the request is genuine, please follow the specific instructions provided to you by NHS Test and Trace. It is anticipated that details of specific groups of visitors to your premises will be requested.
- Only share the information NHS Test and Trace ask you to share with them – do not provide more information than the tracer is asking you to share with them.
- Follow the tracer’s instructions to ensure that any information is shared as safely and securely as possible.
|Please bear in mind that Managing Trustees must not get in touch with potential contacts themselves or get involved with the tracing exercise. Please leave it to NHS Test and Trace, the agency that has been created and trained to fulfil this task. The ICO has provided clear instructions on this point in their FAQs which can be seen in their Further detailed guidance.|
In addition to sharing contact information, it could be that NHS Test and Trace ask you to take certain steps to hep them to minimise transmission. While the Government guidance makes it clear that a positive result does not automatically mean that you need to close your premises, they may need you to take other steps e.g. arranging for further testing or additional measures to keep people safe.
Please let TMCP know if you are contacted by NHS Test and Trace so that we can update our guidance as appropriate.
If Managing Trustees have any queries then please contact TMCP (firstname.lastname@example.org) for further assistance regarding this Record or general data protection matters and the Conference Office for queries specifically relating to safeguarding or complaints and discipline matters (email@example.com).