How Can We Help Staff Adhere To Data Protection Principles When Working From Home?Posted in : First Tuesday Q&A NI on 7 April 2020
The European Data Protection Board and ICO have acknowledged that we are in an unprecedented and difficult situation meaning that normal working practices had to be modified very quickly. Despite this, organisations should ensure that security measures are in place for home-working, similar to those that would ordinarily be in place.
For example, employers may wish to ensure that staff:
- are familiar with data protection policies and procedures;
- have up-to-date anti-virus software;
- understand that they need to lock their devices when they are away from their work station;
- have access to IT support (where possible);
- know the process for reporting any data protection concerns (e.g. accidental disclosure); and
- have received clear guidance on working from home practices.
Ultimately, data protection laws will still apply even though working practices have changed. While the ICO appears to be sympathetic to the situation and the other challenges that organisations are facing, it is still important for organisations to be able to demonstrate that they have taken steps to ensure continued compliance with their data protection obligations.
With most organisations suddenly having remote working thrust upon them, what are you doing to protect your employees, customers and reputation? Compliance around data and data protection for remote workers is very important. This is why we created a 30-minute course to protect you and your organisation.
More on Data Protection & Freedom of Information
- Can an employer refuse a request from an unsuccessful job applicant to delete any of their data in its possession as it may be necessary for the defence of legal claims?
- If employees willingly provide personal email addresses at the start of their employment and their personal email addresses were used to contact them while they worked from home during the Coronavirus Lockdown, is this a breach of data protection?
- Can we ask staff to let us know if they have been vaccinated, and can we keep a record of this?
- Does the chief executive have the right to view sensitive personal data without an employee’s consent?
- Data Protection Implications of Selling From the UK into the EU after Brexit
The information in this article is provided as part of Legal-Island's Employment Law Hub. We regret we are not able to respond to requests for specific legal or HR queries and recommend that professional advice is obtained before relying on information supplied anywhere within this article.