We use cookies to improve our site and your experience.

By continuing to browse on this website you accept the use of cookies.

Privacy Notice

Significant HR updates to IR35 and GDPR in the UK

Significant HR updates to IR35 and GDPR in the UK

By Dan Pipe and Darren Isaacs - 18 March 2020

There have been two significant HR updates overnight from the UK, dealing with tax changes and GDPR compliance. Below is a short summary of each.

Tax: “IR35” changes to the taxation of off-payroll working delayed until next year

The Government announced on Tuesday evening (17 March) that the changes to IR35 due to take effect from 6 April 2020 will now be delayed until next April. The deferral is in response to the spread of Covid-19, and had been suggested by the House of Lords finance bill sub-committee earlier this week. 

The deferral will be welcomed by clients who were due to implement the changes in less than three weeks’ time in an unusually challenging business environment, and by contractors who were likely to be affected by the changes at a time of economic uncertainty. It is unfortunate that the Government was, as late as the Budget last week (11 March), insisting that the reforms would go ahead as planned.  

As well as providing some space for businesses to focus on the challenges of Covid-19 in priority to a tax change, the deferral also means that businesses have an extra year to assess the position of their contractor population and make appropriate changes. One of the lessons from the last few months has been that many businesses were not well prepared for the changes and did not start their planning soon enough to comfortably and confidently meet the deadline. In that respect, this is a great opportunity to make sure suitable preparations are in place for April 2021. We have great depth of experience in this area, and would be pleased to assist with your implementation of the changes in due course.

GDPR: UK’s regulator issues Covid-19 guidance

The UK’s GDPR regulator, the Information Commissioner, has issued some common-sense advice on how to deal with health-related data concerns arising in response to Covid-19.

The short summary is that the UK regulator is taking the view that data controllers need to do the best they can, but we are in unknown territory with Covid-19 so the regulator is not going to come down hard on anyone provided they use common-sense in what they are doing.

The regulator has also said that it will understand if businesses need to temporarily divert resources away from answering data subject requests, and cannot answer such requests within the strict statutory timeframes (within reason).

The guidance is very short and worth reading in its entirety. For more details, please see the guidance note here.