Blog and News

'Return to Work' Considerations: Covid-19 and the GDPR

Hugh Jones - 16 June 2020

June Blog post

The Government’s recently-issued ‘Return to Work’ protocol marks the beginning of a new phase of dealing with the Covid-19 crisis, as we attempt to return to some form of ‘normality’ while acknowledging that the danger has not gone away and that new procedures are needed to keep our colleagues, our clients and ourselves safe.

In addition to the understandable desire to provide a safe working environment for all those returning to the office or workplace, we must also ensure that the measures we put in place (technical, organisational or procedural) are appropriate, proportional and compliant.

The key messages in the document are (in nor order of priority):

  • The GDPR has not gone away, nor has it been decommissioned, despite these extra-ordinary circumstances;
  • The GDPR does not pose a barrier to adoption of new processes or new technology;
  • Even as the world ‘opens back up’ and we try to return to normal, working from home should remain an option for those who can continue to work in that way;
  • Minimisation has become the watchword – what is the least amount of personal data we need to gather in order to achieve our objective?;
  • The Data Privacy Impact Assessment (DPIA) – you can read more about our DPIA here, remains the ideal mechanism for considering whether a procedural or technological change is appropriate;

We are slowly realising that this will not be a 3- or even 6-month phenomenon – the changes we introduce in the coming weeks are likely to last through to the end of 2021 at the earliest. So it is worth our while giving them time and consideration, and getting it right first time. The middle of a global pandemic is not a good time to be second-guessing or indecisive.

Sytorus has developed a RTW eBook and templates - you can download your free copy of both here, in order to help employers consider the GDPR perspective as they prepare to welcome their colleagues back to the workplace. We hope it offers clear, practical recommendations in terms of what is possible and where to ‘draw the line’!

Stay well, stay safe, stay compliant, stay in touch with us!”

Download Ebook

Previous Post

GDPR 2nd Anniversary  - ‘much done, more to be done….’

Next Post

From ‘Privacy is Dead’ to ‘Privacy is Paramount’

0 Comments