Assisting NHS Test and Protect Strategy

Information for churches on the NHS Test and Protect system to help suppress the spread of COVID-19.

  • Published: 29 Jan 2021
  • Last Updated: 10 September 2021

See all updates

What is Test & Protect?

The NHS has introduced a system intended to act as a reporting tool to help supress the spread of COVID-19. The idea is that if records are kept concerning where people have been and who else they have been in contact with, that will help identify potential virus transmission points. The UK and Scottish Governments are asking community facing organisations, including churches, to help do their part in keeping records about visitors to their premises.

What do we need to do?

Collect details of people who attend our churches in support of the NHS Scotland Test & Protect strategy. Any hospitality setting must legally collect contact details. This would include serving teas and coffees after worship. It is important that the Church plays its part in helping the NHS contact close contacts of those who test positive and as a result all congregations are urged strongly to play their part in the programme even where legal regulations do not mandate participation. All we need to collect is the name of each individual, together with a means of contacting them, usually a telephone number.

Is this compulsory?

Participation in the Test & Protect strategy is important, both for our Church and for those attending Church but it is not compulsory for individuals to give their details, however it is legally required of all congregations to participate whenever they engage in hospitality. In taking part we are joining the national effort to suppress COVID-19 and we will be acting in the best interests of our congregations. However, if people don't want to register their attendance, we cannot force them or deny entry. In this regard, congregations can exercise their own best judgement about the collection of personal data from individuals and remind people that if they choose not to take part it means the NHS cannot contact them and help them to take protective measures.

What data do we need to collect?

  1. The name of any visitors taking part in congregational activities such as worship, friendship groups or Guild or congregational meetings
  2. Contact telephone number or email address
  3. The location of attendance
  4. The time of attendance
  5. (If possible) the time of departure or duration of attendance.

Whose data do we need to collect?

All congregations are strongly urged to collect details of those who attend worship and other events but are required to collect the data for those who attend an event with hospitality. Only the personal data of those attending church services or other congregational events on church premises, broad categories as follows:

  • Congregation members (names and contact telephone number)
  • Visitors (names and contact telephone number or email address)
  • Ministers (names only).

Where church halls are used by third parties it will be the responsibility of those hiring the hall to produce Test & Protect records for their event or gathering. Like congregations, all groups using church premises are strongly urged to play their part in the Test and Protect system and keep a register of attendees.

Do we need to collect data for everyone attending our church?

Although the legal regulation to keep a register of those attending worship has been removed by the Government, when a congregation offers hospitality (tea and coffee after the service for example) the legal duty to maintain a register is applicable. It is recommended therefore that congregations continue to ask people to check-in to a church building for any reason which can be done via a QR code or a paper register.

The following information should be collected, where possible:


  • The names of individuals who work or volunteer at the place of worship
  • A contact phone number for each member of staff/volunteer
  • The dates and times that individuals are at work/volunteering


  • The name of each worshipper
  • A contact phone number for each worshipper
  • Date of visit and arrival and, wherever possible, departure time

If data is shared with NHS Scotland on the basis of individuals being identified as at risk of being close contacts by the Test and Protect service, NHS Scotland may need to retain the data for longer than the 21 day period and will hold the data in line with NHS information governance processes.

How will we collect and record the information?

We have developed two methods of recording attendance at congregations:

  1. The primary method is to use an A4 notebook. This low-tech approach is recommended for all congregations. Full instructions for using the notebooks are included in the appendices for Test & Protect.
  2. The second is the use of a smartphone application (“app”) combined with printed QR codes displayed at your church premises. The Church of Scotland was, until 30 August 2021, using a proprietary app called “Tap My Data” that has now been discontinued by the provider. As an alternative, if congregations wish to use a smartphone app, the recommended app is “Check In Scotland”. The Check In Scotland app has been developed on behalf of the Scottish Government and is widely used for NHS Test and Protect services. Once installed and set up on a smartphone, all the individual needs to do is point their smartphone camera at the QR code displayed in your church and click; the app will do the rest. Using the app is optional but adds elements of flexibility and ease of use for congregations which choose to use it. Instructions for use of the Check In Scotland smartphone app accompany this document.

We may have more than one activity happening in different parts of our premises, how do we record attendance in these circumstances?

Use a separate notebook for each activity on your premises. For example, Sunday worship, including all related activities such as Sunday School and after service coffee (as and when it is possible to start this up again) can be recorded in one notebook. A separate notebook can be used for other congregational activities such as Board/Session meetings or other gatherings. Ideally these notebooks will be stored securely in the church but accessible for the purposes of the activity.

The Check In Scotland smartphone app makes use of QR codes which can be printed out and displayed throughout your premises. This provides a more flexible approach to multiple locations which is not reliant on the presence of a member of the congregation holding a notebook.

Where church premises are used by third parties, each organisation using the premises should have its own register but it is possible that attendees might use a QR code operated on behalf of the church. If a congregation is contacted by Test and Trace in respect of third-party attendees, the congregational contact will need to refer that on to the organisation in question.

If a third-party organisation has a positive Covid case they should advise the congregation so that appropriate cleaning can be carried out. Test and Protect will determine whether or not it is appropriate to alert others who might have been in contact with the individual who tested positive and the congregational contact should not undertake that function.

How long should we keep the information we collect?

The Government guidance is 21 days. In practice, certainly for the registers using the notebook method, this may be up to 28 days but no longer.

Data is retained on the smartphone app system for 21 days and then securely deleted.

How should we keep and store the information?

The notebooks used to contain the attendance register should be stored in a lockable filing cabinet, drawer or safe. Access should be restricted to specific members of the Kirk Session or Elders tasked with the responsibility to maintain the registers.

When the notebooks are removed from storage, they should remain in the possession of the person responsible for them until they are returned to storage. The register notebooks must not be left unattended at any time as they contain personal data.

Information stored in the smartphone app system is secured separately, which means congregations do not need to worry about the storage, security, retention or management of the personal data processed using the app.

How should we destroy the information?

Pages in the notebooks containing the register of attendance information which is older than 21 days should be removed and securely shredded.

Register of attendance data held in the smartphone app system is automatically deleted.

What are our responsibilities under data privacy regulations?

The ICO has issued guidance to the effect that we should:

  • Only ask for what is needed
  • Be transparent with parishioners and visitors
  • Store the data carefully
  • Not use the data for other purposes
  • Erase the data in line with government guidance.

The notebook and Check In Scotland smartphone app systems observe the requirements of the Data Protection Act 2018/GDPR.

How do we find out if a positive case is linked to our church?

Firstly, and most importantly the congregation should encourage everyone who attends worship or an activity in the church building to alert a key contact or group leader should they test positive on either a Lateral Flow Test or a confirmatory PCR test.

Secondly, and perhaps more rarely, the NHS will get in touch with the congregation to inform you.

What happens if we have a positive case linked to our church?

Should you have a positive case notified to the congregation it is important that you email for further advice.

You should, in no circumstances identify the individual in any communication with others in the congregation. When the congregation email to alert them to a positive case you will be supplied with suggested wording to use in order to pass on to the congregation that a positive case has been linked to the church building.

What happens if Test and Protect contact the church?

Should NHS Test and Protect contact the congregation, they should be directed to the individual(s) who are able to access the attendance registers. That person should then make every effort to determine that the caller is from the NHS prior to releasing any personal data. Should the request come via email it is important to try and recognise valid NHS email addresses (normally or a Scottish government email address ( before sending any data.

How do we create the contact list for NHS Test & Protect to use?

How each congregation official creates the list will depend on how congregation contact information lists are administered, so each Kirk session can decide for themselves how to construct the list required. The list should be headed with location, date and time and contain only the names and contact telephone numbers of those in attendance. If a contact telephone number is not available, an address or email address can be used.

How does the smartphone app work?

The Check In Scotland smartphone app uses QR codes to identify each location where the app is used.

Congregations who want to use the smartphone app should create QR codes that can be displayed in the church. People can use the QR code to download the app and then register their attendance. If the app is already installed on their smartphone, people simply need to point their smartphone camera at the QR code and “click”.

QR codes can be created by visiting the Scottish Government website.

It's free to create your Check In Scotland QR code poster, and to download the other things you'll need to display, such as the Check In Scotland privacy policy. Creating your poster should only take around 5 minutes.

What your visitors need to do

Any visitors over the age of 12 can use the Check In Scotland service.

To use Check In Scotland, your visitors need to use their mobile phones to scan a Check In Scotland QR code, displayed on a poster inside your church together with the Check In Scotland privacy notice available from Check In Scotland.

Once a visitor has scanned the QR code, their phone will take them either to the Check In Scotland app or the Check In Scotland web page. They can use either of these to check in at your venue.

When they leave, they can use the app or web page to check out.

If a visitor to your venue does not want to use the Check In Scotland app or web service, or are not able to use the Check In Scotland service on their phone, you must take their contact details using a pen and paper. You must keep these details for 21 days, destroying them as soon as the 21 days have passed.

If someone tests positive for COVID-19 after visiting your venue, Check In Scotland works with NHS Scotland's Test and Protect to alert anyone who may have been a close contact of the person.

Where to display your Check In Scotland QR code poster

You should display your Check In Scotland QR code poster and privacy notice at your church and/or halls and request any visitors scan the QR code as soon as they arrive. This includes anyone who visits your venue.

The data collected by the app will not be accessible by any congregation and access and deletion will be handled by Check In Scotland.

You can register your attendance at the church by simply scanning the QR code with a smartphone on which the Check In Scotland app has been installed. If the app is not yet installed, scanning a relevant QR code displayed in your church will start the app installation process.

Using the smartphone app with QR codes at entrance points in your church gives additional flexibility when it comes to registering attendance of those who visit the church outside regular services.

If you have any questions concerning this guidance, please send an email to the Church of Scotland Law Department inbox:


Information on Privacy Policies, using the smartphone app and collecting data using a notebook can all be found in our appendix.

First published: 29 Jan 2021

Updated: 10 September 2021

See All Updates

10 September 2021

Updated information on what to do if a positive COVID case is linked to the church.

19 July 2021

Updated to reflect move from TapMyData to Check In Scotland as official electronic check-in process, along with updated appendices with new privacy policies and information on data collection