Contact us
|
0113 207 0000
Contact us |
Sign up to our newsletter |
0113 207 0000 |
Home / Employment Law / GDPR Compliance: Implications of working from home for employers

GDPR Compliance: Implications of working from home for employers

Following the Prime Minister’s announcement this week, many employers have followed government advice to allow employees to work from home to reduce the spread of Covid-19. However, employers should be aware that despite this advice, they still have a responsibility to comply with General Data Protection Regulation (GDPR).

We have listed below some points for employers to consider.

A policy for working from home

Employers should consider implementing a ‘working from home’ policy to ensure that when employees work from home they can still maintain continued compliance with GDPR.

Employers should check whether their employees’ contracts of employment or handbooks contain provisions relating to working from home.

An appropriate policy could include:

  • steps to restrict access to designated company equipment;
  • discouraging employees from taking confidential information out of the office, save where absolutely necessary, combined with an obligation to notify a manager if confidential information is to be taken home;
  • taking steps to maintain client confidentiality and the security of documents and information;
  • instructions regarding the storage and disposal of confidential information; and
  • restrictions on the use of personal email addresses.

Security

With the continued threat of cybercrime, employers should ensure that home working prompted by Covid-19 does not jeopardise the security of data.

To minimise the threat of a data breach and comply with GDPR, employers should ensure that:

  • equipment is protected by up-to-date cyber-security software and that the employees are working through a secure link;
  • home-based devices are protected through encryption and strong passwords;
  • company equipment/information is not left where it could easily be seen by a family member or a guest to their home; and
  • computer equipment and confidential documents are kept in a secure location when not in use.

Breaches

Employers should be made aware by their employees if any data breaches take place. Failing to report a data protection breach could lead to serious repercussions for the employer.

If you have any questions regarding GDPR compliance while working from home, please contact a member of our Employment Law team.

 

Share this

Paul Kelly

Partner and Head of Employment
Employment Law
PKelly@LawBlacks.com
0113 227 9249
@PaulLawBlacks
View profile

Paul Kelly Blacks Solicitors LLP

Blacks Solicitors LLP
Leeds Head Office
City Point, 29 King Street
Leeds, LS1 2HL

0113 207 0000
Hello@LawBlacks.com

Blacks Solicitors LLP
London Office – By Appointment Only
14 Tileyard Studios, Tileyard Road, Kings Cross, London, N7 9AH

0203 146 8409
Hello@LawBlacks.com

Sign up for our newsletter

Register to receive relevant updates and news from Blacks.

Sign up
Skip to content