The United Kingdom’s Information Commissioner’s Office released its guidance on COVID-19 and the requirements of data privacy under these circumstances. The UK Prime Minister has declared a health emergency and announced a stay-at-home order. The ICO guidelines help put the unprecedented need for employees to work from home and data privacy needs in perspective.
According to the new ICO guidelines, in the case of the COVID-19 Pandemic, any public health messages will not be considered as direct marketing. Organisations will still only be allowed to collect absolutely necessary data. The data will be processed in an amount proportionate to the purpose and minimum requirement as well.
ICO also suggested that they will be considering the current health emergency and compelling public interest into account during this time. All issues will be considered under the light of these events.
Furthermore, ICO during this time will understand all delays in responses regarding data subject access rights and other requests during this time. However, this must not be used as an excuse to defy. Although resources may be diverted towards effective management of COVID-19 and that is understandable.
The ICO has also recommended in their guidelines to keep your staff in the loop. Keeping them informed about cases in your organization is necessary. Although doing this is essential without revealing their name.
Employers also reserve the right to ask their employees if they have travelled to any specific country during this time or if they are experiencing COVID-19 symptoms. This also extends to your data subjects who may be asked about their travel history and or medical practices.
Employers also may advise their staff to contact emergency services if they experience symptoms or have visited infected countries. However, employers must avoid the collection of any health data that may not be relevant to curtailing the spread of the virus.
There has been a surge in the COVID-19 cases and the emergence of a second wave of the virus has brought the UK to another national lockdown. This is why we are urging businesses to take it slow. Letting employees work from home allows the business to go on as per usual without causing health and viral risks to spread around threatening lives.
In order to eliminate any risks associated with the work from home environment, you can use your privacy and legal compliance partner. We are here to simplify the process of legal compliance at any time for you. Sure, it is a complicated process. But, it doesn’t have to be hard to follow. Outsource a DPO, create a work from home policy and Train your staff to be ready for the work demands during this lockdown without fear.
If you wish to announce or devise your COVID-19 strategy on allowing employees to work from home or maintain data subject access rights then you must look into our toolkit for further information and quick help.
For further information please visit here