Legal

Insurance

The CII's insurance provision automatically include local institutes' property damage including regalia, public and products liability, business interruption and Directors & Officers.

Details of the full cover are circulated to all institutes after renewal each year, and there is a charge to each institute based on membership size and whether they have any paid for employees.

Updated insurance verification letters for the forthcoming insurance period can be downloaded below.

All local institutes are covered for civil liability under the Professional Indemnity policy; Directors and Officers liability under the Directors and Officers Liability Policy and Employment Practices liability under the Directors and Officers Liability Policy.

The following is covered:

Professional Indemnity: The loss that the policyholder is personally and legally liable to pay on a claim – includes defence/investigation costs, damages, judgments, interest, claimant’s costs and settlement sums – subject to policy limit of £5m. Exclusions include fines and penalties; punitive; exemplary or aggravated damages, contributions (excess) of £50,000 or £5,000 (claim specific).

Directors and Officers Liability: The loss of an Insured Person- subject to policy limit of £5m. Exclusions include fines/penalties and losses uninsurable under English Law.

Employment Practices Liability: The loss of an Insured Person - subject to policy limit of £2m. Exclusions include fines/penalties; matters uninsurable under English Law and future salary following reinstatement; and deductible (excess) of £5,000.

Whilst it should be noted that there exists a potential safety net of insurance cover for discrimination claims brought against local institutes, that is not to say that significant efforts should not be made to improve the education and offering of a local institute council members in discrimination matters in order to fully minimise the risk of potential issues or claims arising.

GDPR

GDPR has replaced previous data protection rules across Europe that were almost two decades old – with some of them first being drafted in the 1990s. Since then our data-heavy lifestyles have emerged, with people routinely sharing their personal information freely online.

GDPR can be considered as the world's strongest set of data protection rules, which enhance how people can access information about them and places limits on what organisations can do with personal data.

At the heart of GDPR is personal data. Broadly this is information that allows a living person to be directly, or indirectly, identified from data that's available. This can be something obvious, such as a person's name, location data, or a clear online username, or it can be something that may be less instantly apparent: IP addresses and cookie identifiers can be considered as personal data.

Under GDPR there's also a few special categories of sensitive personal data that are given greater protections. This personal data includes information about racial or ethic origin, political opinions, religious beliefs, membership of trade unions, genetic and biometric data, health information and data around a person's sex life or orientation.

The crucial thing about what constitutes personal data is that it allows a person to be identified – pseudonymised data can still fall under the definition of personal data. Personal data is so important under GDPR because individuals, organisations, and companies that are either 'controllers' or 'processors' of it are covered by the law.

"Controllers are the main decision-makers – they exercise overall control over the purposes and means of the processing of personal data," the UK's data protection regulator, the Information Commissioner's Office (ICO) says. It's also possible that there are joint controllers of personal data, where two or more groups determine how data is handled. "Processors act on behalf of, and only on the instructions of, the relevant controller," the ICO says. Controllers have stricter obligations under GDPR than processors.

We have developed a number of FAQs in relation to local institutes, member data and GDPR; these can be downloaded below.

Copyright Act 1988

The Copyright, Designs and Patents Act 1988, is the current UK copyright law. It gives the creators of literary, dramatic, musical and artistic works the right to control the ways in which their material may be used.

Local institutes will need to obtain permission from copyright holders before using copyright materials.

More information can be obtained from the www.gov.uk website.

For information on Licensing Bodies click Licensing bodies for an overview copywriting your institutes work click GOV - Copyright

Health Act 2009

The Act is best known for having introduced provisions for the creation of a ban on smoking in enclosed public places. This ban focuses on smoking:

In places of work.
In places that the public access to obtain goods and services, including private clubs.
In other places designated by Statutory Instrument.

The sections of the Act allowing a ban extend to England and Wales although the provisions implementing the ban came into effect separately in England and Wales. In England the ban took effect on 1 July 2007. The ban in Wales came into effect on 2 April 2007.

Smoking was banned separately in Northern Ireland and Scotland — in Northern Ireland by the Smoking (Northern Ireland) Order 2006 which took effect on 30 April 2007, and in Scotland (taking effect 26 March 2006) by the Smoking, Health and Social Care (Scotland) Act 2005.

All local institutes are required to conform to provisions of the Health Act, in particular those relating to the prohibition of smoking in certain premises, places and vehicles.

For more information on this visit Smokefree England

Rehabilitation of Offender Act 1974

The Rehabilitation of Offenders Act 1974 (c.53) of the UK Parliament enables some criminal convictions to be ignored after a rehabilitation period. Its purpose is that people do not have a lifelong blot on their records because of a relatively minor offence in their past.

Local institute officers are sometimes faced with queries from students, members and / or prospective members relating to various convictions.

Any such queries should be discussed with the CII Secretariat Department.

Visit GOV.UK for further information.

CII Policies

The CII has a number of policies which set out how key risks are managed and its expectations of ways of working.

A number of these policies are relevant for our network of local institutes and all Council members and officers are expected to comply with their requirements where applicable. Key policies of relevance to local institutes are highlighted below.

For more information on any of these policies or to obtain copies please contact your RMM.

Conflicts of interest
Council and committee members must always take decisions in the best interest of the Institute, and any personal or business interests must not influence these – or be perceived to influence these. The policy sets out the need to put in place arrangements for identifying and managing actual and potential conflicts of interest, such as maintaining a register of Council members’ interests and ensuring that members aren’t involved in any decision where they may or may be perceived to benefit from the decision.

Anti-bribery and corruption
The CII and all Council members and officers are bound by the UK’s Bribery Act 2010. The policy sets out the CII’s commitment to conducting all of its business in an honest and ethical manner and its zero-tolerance approach to bribery and corruption. The policy details responsibilities as well as providing information and guidance on how to recognise and deal with bribery and corruption issues.

All Institute Council members and officers, along with CII staff and officers are expected to act professionally, fairly and with integrity in all business dealings and relationships, and the prevention, detection and reporting of bribery and other forms of corruption is everybody’s responsibility.

Anti-fraud
The policy sets out the CII’s stance on fraud, the responsibilities for prevention and detection, what to do if you suspect or discover fraud and how the CII will investigate any suspected fraud. The CII does not tolerate fraud in any form, regardless of the mitigating circumstances. Institute Council members and officers as well as CII staff must always act honestly, with integrity and safeguard resources and assets from the impacts of fraud. The CII will investigate all instances of actual, attempted, and suspected fraud committed.

Information security
The policy sets out the CII’s approach to information security, including key principles and how information must be protected. It details responsibilities which apply to Institute Council members and officers, including the duty of confidentiality and to safeguard information.

Data retention policy
The policy sets out principles and processes for the management data to ensure that the CII and Institutes operate in line with regulation, including the General Data Protection Regulation 2016/679 (GDPR) and the Data Protection Act 2018. The key principles to note are that records should not be held unnecessarily and should be destroyed when they are no longer needed.