In order to delay the spread of the COVID-19 virus, it has been possible for certain employers and employees to work remotely. And while a number of those businesses have pre-existing policies in place to manage remote working, given the widespread scale and uncertain duration of remote working in the circumstances, businesses should ensure that measures are taken to maintain data protection compliance when working outside of the four walls of the office.

Security risks posed to organisations when working from home

Given the unprecedented number of employees working from home, organisations will need to adapt to these changes in order to continue to demonstrate compliance with data protection principles. In particular, this applies to processing personal data in a secure manner by:

Repercussions for non-compliance

Failure by an organisation to demonstrate compliance with data security can result in:

Tips for employers

An organisations culture toward data privacy will play a crucial role in determining its success in overcoming any challenges presented when staff are working from home. As data controller, the employer is responsible for ensuring that its employees, as agents of the organisation, are in a position to demonstrate compliance with its data protection policies, whether they are working within or outside of the office.

Accordingly, we would strongly advise that organisations implement the following measures:

Our Employment & Corporate Immigration Department regularly assist and advise organisations in drafting and updating policies and has extensive experience advising on a range of data protection related issues/disputes within the employment context. For further information, please contact Bláthnaid Evans or Sheila Spokes, +353 1 639 3000 or visit www.leman.ie

[1] The Data Protection Commission, Protecting Personal Data When Working Remotelydated 12 March 2020.