29 March 2021
HMRC has updated the list of employers who have claimed through the Coronavirus Job Retention Scheme (CJRS).
The spreadsheet, which previously listed the names of all employers who had submitted claims through the CJRS in relation to the period of December 2020 has been amended to include an additional column relating to claims submitted for the period of January 2021. Employers who did not submit claims for December 2020 but did for January 2021 are also now included.
Again, an indication of the amount claimed for each month is provided, within a banded range.
Information regarding claims for the period of February 2021 will be published on 6 May 2021. Additionally, on the same date, the December 2020 and January 2021 claim information will be amended where necessary to reflect any changes or repayments made. Employers can request that HMRC refrains from publishing their CJRS claim details but need to be able to demonstrate how the publication of their name would result in serious risk of violence or intimidation to them, or anyone living with them, or to any individual associated with their business or someone in their household. Further guidance is available here.
Back to Contents
Data protection
H&M Group fined £32.1 million for GDPR breach 8 October 2020
Clothing company, H&M Group, has been fined €35.3 million, equivalent to £32.1 million, in relation to employment- related privacy breaches. The fine was issued by an information commissioner in Germany, and is the largest of its kind that has been issued, since the General Data Protection Regulation (GDPR) was implemented in the European Union (EU) back in 2018. It was found that, since 2014, team leaders were holding back-to-work style interviews or informal chats after employees had a period of sickness-related absence or if they had been on holiday, even in scenarios where the period of leave was only for a short amount of time. Information from these conversations would be recorded, and would include details relating employee illnesses, activities they had undertaken on holiday, family issues and also the religious beliefs of members of staff. The company was fined due to the fact that it showed a serious disregard for employee data protection. The personal information collected from employees during this time was regularly updated and digitally stored, in a location where it could be accessed by up to 50 other managers within the company. This was in addition to the fact that managers were acquiring information about the private lives of staff. The personal data was stored alongside performance evaluations in order to create “profiles” of staff, which it was hoped would steer any employment decisions that needed to be made.
The practices taking place within the company were highlighted when an IT error resulted in the records of employees becoming accessible to the whole company for a period of a few hours in October 2019.
Personnel Today reported that the Hamburg commissioner for data protection and freedom of information, Professor Johannes Caspar, said:
“This case documents a serious disregard for employee data protection at the H&M site in Nuremberg. The fine imposed is appropriate and will deter companies from violating their employees’ privacy.”
Companies who are found to be in breach of GDPR can be issued with fines potentially reaching €20 million or 4% of their annual global turnover. The fine imposed will equate to the higher of the two amounts.
The Chartered Institute of Payroll Professionals
Payroll: need to know
cipp.org.uk
Page 271 of 590
Made with FlippingBook - Online magazine maker