We’re here with practical legal information for your business. Learn about employment law, company law and more.

Setting up a business involves complying with a range of legal requirements. Find out which ones apply to you and your new enterprise.

While poor governance can bring serious legal consequences, the law can also protect business owners and managers and help to prevent conflict.

Whether you want to raise finance, join forces with someone else, buy or sell a business, it pays to be aware of the legal implications.

From pay, hours and time off to discipline, grievance and hiring and firing employees, find out about your legal responsibilities as an employer.

Marketing matters. Marketing drives sales for businesses of all sizes by ensuring that customers think of their brand when they want to buy.

Commercial disputes can prove time-consuming, stressful and expensive, but having robust legal agreements can help to prevent them from occurring.

Whether your business owns or rents premises, your legal liabilities can be substantial. Commercial property law is complex, but you can avoid common pitfalls.

With information and sound advice, living up to your legal responsibilities to safeguard your employees, customers and visitors need not be difficult or costly.

As information technology continues to evolve, legislation must also change. It affects everything from data protection and online selling to internet policies for employees.

Intellectual property (IP) isn't solely relevant to larger businesses or those involved in developing innovative new products: all products have IP.

Knowing how and when you plan to sell or relinquish control of your business can help you to make better decisions and achieve the best possible outcome.

From bereavement, wills, inheritance, separation and divorce to selling a house, personal injury and traffic offences, learn more about your personal legal rights.

Workers' health information and data protection law

The Data Protection Act sets out specific principles for the collection and use of workers' health information. So what health information can you collect and what can you use it for while still respecting their right to privacy?

It seems straightforward enough to ask job candidates to fill in a health questionnaire. However, under the Equality Act 2010 the circumstances under which you can ask health-related questions before offering a job are limited. Any information you collect legitimately, for example to decide whether an applicant can carry out a function that is essential to the job, is regarded as sensitive information under the Data Protection Act (DPA), which means that certain rules apply, limiting the circumstances in which you can process health information.

Needs must

The Information Commissioner's latest guidance, the DPA Employment Practices Code, covers the thorny issue of workers' health details in depth. The Employment Practices Code and a special small business guide are available to download on the Information Commissioner's Office website.

The words of warning are:

  • Collect and hold workers' health details only if it brings real business benefits - and be absolutely clear what they are (see below).
  • Gather only the information you need, eg information in a medical report on a sick employee should be limited to information required to establish fitness to work.
  • Make it clear to the person why you want these details.
  • Ask for the person's consent, which must be freely given - a blanket consent given by a worker at the beginning of employment is not always sufficient. If applying for a report from a worker's GP, get the worker's specific consent to your application.
  • Use the data only for the purpose given to the person.
  • Make the person aware that they have right of access to their details which you hold.
  • Ensure the data is transmitted and stored securely, usually separately from other personnel records. If you don't the workers concerned may have the right to compensation.
  • Ensure personnel authorising collection of, or handling, the data are authorised to do so by the business, and aware of Data Protection rules, including the fact that interpretation of medical information should only be carried out by a suitably qualified health professional.
  • Make sure managers only have access to the extent of health information necessary to carry out their management responsibilities, and the information given to them should be limited to those details necessary to establish fitness to work.
  • Keep the details only for as long as you need them.

There are special rules for workers in occupational health schemes. In particular, workers giving information to health professionals under the scheme are entitled to confidentiality. This means that, for example, if you monitor workers' email or telephone conversations, it should be made clear that they should not use your work email or telephone system to contact your occupational health scheme. You may wish to give them access to an alternative, unmonitored email system or telephone line. Take advice.

Solid reasons

Employers must have good reason to ask for health details and the details requested should relate to the worker's job and the work environment. Main reasons would be health and safety at work, to satisfy other legal obligations (eg suitability to join an occupational pension or health insurance scheme), and for the employer to avoid liability for unfair dismissal under discrimination law. For example, under the Equality Act, the employer can fall foul of discrimination claims if they do not know that a job applicant is disabled and therefore fails to consider 'reasonable adjustments' that ensure the disabled applicant is on an equal balance with other applicants.

Be discreet

The means of gathering the information should be as non-intrusive as possible. For example, information should only be collected at the stage when there is a good chance of an applicant being offered a job; and a health questionnaire is less intrusive than a medical test.

Information and testing

Unless you are collecting information as part of an occupational health and safety programme that the workers have volunteered for, information asked for, or any medical test, should be limited to that required to:

  • Establish the worker is fit to carry out the job.
  • Avoid significant risks to the health and safety of other workers.
  • Decide whether a worker is fit to return to work after being off sick, or entitled to sick pay (or other health-related benefits).
  • Stop discrimination or decide whether there is a need to make 'reasonable adjustments'.

Only a very physically demanding job or a particular work situation should require a medical test. Alcohol or drug testing would have to be warranted by extreme circumstances.  And you would also need to consider following up with a disciplinary process.

Information collected for one purpose cannot be used for another purpose without the worker's consent.

Keeping records

Whatever the information you collect, or testing you carry out, keep a record of the business purpose justifying the testing, and write down:

  • Who will be tested.
  • What they will be tested for.
  • How often.
  • What will happen as a result of the testing, whether results are positive or negative.

Any information that is obtained that is not relevant to the purpose for which information is being gathered, or testing carried out, must be permanently deleted, whether it is irrelevant at the time, or becomes irrelevant subsequently. Health information should therefore be periodically reviewed.

If in doubt, take legal advice.