Protecting personal data when working remotely because of Coronavirus

working from home

Share This Post

Following on from our post from last week regarding contingency planning for Coronavirus, we thought it would be useful to set out what you should be reminding your staff if they end up working from home. So, whilst the last post was about organisation’s considerations if their workforce has to work remotely because of self isolation or a general requirement to close businesses and organisations down, during the Coronavirus pandemic, this post is specifically about what you should be reminding your employees about their responsibilities.

Six points for employees to consider

  1. REMEMBER: Data protection doesn’t take sick leave, so GDPR continues to apply to all personal data regardless of where it is being processed, whether at work in the office or when working remotely. If necessary, employees should re-familiarise themselves with GDPR and your organisation’s policies as well as being sure they know who to contact in an emergency
  2. THINK: Employees should think carefully about where they are when processing personal data away from the office. They should check their surroundings and make sure no one could accidentally see what they’re doing (if they have them, they should make use of privacy screens for their devices). They should also think about who else could access their devices, for example, people they live with or who may use their computer, phone or tablet
  3. PROTECT: Make sure your employees know how to protect the personal data they are processing. Consider how they can prevent unauthorised access to personal data or systems. They should make sure they lock their device after use and avoid storing passwords on their own devices (e.g. in browsers) or sharing devices with the people they live with
  4. AVOID: Employees should try and avoid accessing data in public places or using public wi-fi access unless they can trust the connection is secure. They shouldn’t download data from systems to process on local devices (whether a work device or their own) – if they have to, they should make sure they delete it from the device, as soon as they’ve finished with it
  5. SECURE: You should ensure employees keep personal data secure at all times, following your existing security protocols and policies. Make sure they understand not to leave devices or paperwork lying around at home; they should lock them away. They also need to be careful where they’re storing data when it’s not in use, avoiding leaving devices or any personal data in their cars overnight, in unattended in public spaces as well as limiting who can access any of their devices or files
  6. REPORT: It’s important that employees remember you will be under GDPR obligations to consider whether a data breach is reportable, within 72 hours of becoming aware of it. So make sure they know to report any issues to the appropriate person internally

Compliance poster

To help you spread the word around your organisation we have produced a simple information poster you can share with your employees. You can view it below and download it here.

Protect Personal Data when Working Remotely for employees

More To Explore

Eat. Sleep. GDPR. Repeat.

We live and breathe GDPR and ePrivacy compliance, so you don’t have too. Our GDPR UNLIMITED helpline is all about offering you help and support, whenever you need it most. As well as the unlimited helpline, you get up to 4 hours “hands-on” help each month, which we can configure to help you in anyway you need such as a GDPR review, or acting as your DPO.

As well as the unlimited helpline and hands-on help you get GDPR and privacy updates, access to our GDPR knowledge centre and webinars.

Unlimited email & phone support

Unlimited email and phone support. Email or organise a voice call as often as you need each month.​

Up to 4 hours "hands-on" help per month

We use these "hands-on" hours to do the GDPR work for you, such as reviews, acting as your DPO, checking DPIA, dealing with breaches, training your staff, etc. (Additional hours: £100+VAT per hour)

Online resources

Our Knowledge Centre gives you access to information, guidance, topic related guides and other tools to support your GDPR and PECR compliance

Updates, alerts & briefings

We provide updates and alerts and a monthly compliance briefing. You can either sign into the Knowledge Centre or sign up via email to receive an email every time we add a new update or alert

DPO services

Whether mandated or not we can act as your Data Protection Officer (DPO) and manage your day to day compliance

Webinars, workshops & training

Whether updates on the latest issue, workshops or team training, it's all included in your monthly retainer.

LIKE WHAT YOU'RE READING? join our email list

Sign up for monthly briefings and the occasional emails about our webinars and services

Want to know more about how we use your data? Check out our privacy policy