BULLYING & HARASSMENT
DATA PROTECTION
DISABILITY
DISCIPLINE & GRIEVANCE
DISMISSAL
EMPLOYMENT TRIBUNALS
E M P L OY M E N T L AW U P DAT E
HYBRID WORKING: WHY IS DATA PROTECTION RELEVANT? By Sean Morris Legal Manager, Navigator Employment Law
Many businesses first allowed staff to work from home as the country went into its first Covid-19 pandemic lockdown back in early 2020. At the time, management and HR were mainly focused on the practicalities, such as supplying essential equipment for remote working and facilitating team communication. Initially the security of personal data used by staff who were no longer working from a business’s premises, was an issue given little attention.
B
to, personal data”. The ICO Guidance on working from home now contains a security checklist for employers to apply, and explains how completing a Data Protection Impact Assessment (DPIA) may be a requirement, and is always best practice, if staff work remotely and use personal data on behalf of the business. A number of practical issues businesses should consider are examined - for example, the secure use of cloud storage for accessing personal data, arrangements for remote access, and whether to allow staff to use a personal device for work, looking at the pros and cons of alternative options.
ut things have changed considerably since then. The Information Commissioner’s Office (ICO) online guidance on this issue has been updated on several occasions, and it sets out a number of key issues for HR to consider when staff are working remotely.
Data security for home working Data protection is relevant because UK legislation requires businesses to use personal data securely, taking “appropriate technical and organisational measures against unauthorised or unlawful processing, and against accidental loss or destruction of, or damage
14
