Insights

Home / Insights / News / Keep data in lockdown while tackling the virus crisis
Decorative Rectangle

Keep data in lockdown while tackling the virus crisis

Keep data in lockdown while tackling the virus crisis

Businesses processing personal data need to keep protection of customer and employee data at the front of continuity planning as they tackle the coronavirus threat.

Staff are likely to be working remotely or in different circumstances which could make customer information more vulnerable to>

Businesses are implementing contingency planning, with staff working from home and using domestic internet and possibly personal devices to access cloud-based software and systems, making it more important than ever to keep>

The General Data Protection Regulation (GDPR) provides strict operating boundaries for businesses processing personally identifiable information about individuals with a statutory obligation to notify the regulator of any breach which places an individual's personally identifiable information at risk. It also gives wide ranging power to the UK's>

"Tackling the threat of coronavirus is taking us into unchartered territory," explained GDPR legal expert Jon Wilby of solicitors Band Hatton Button in Coventry, "And while data protection law doesn't stand in the way of homeworking, or the use of personal devices, it demands even greater attention to security measures, as the ones that you use in the office will need to be tailored to suit these new circumstances.

"The human element is often the reason for> Certainly, there are reports of a steep rise in attempted cyber fraud, with many more phishing emails, malware and social engineering, where fraudsters dupe staff into revealing information or making money transfers."

The other major threat to> This is personal>

Such information should be collected and used only as absolutely necessary in managing risk and should not be retained unless essential, such as for an insurance claim.

He added: "Ideally the management and sharing of information is set out in a policy so you know who to tell and what information is shared with whom. So, for example, the ICO has said that it is ok to inform other staff if someone tests positive, or is suspected of having contracted the virus, so as to protect the health and safety of all, but to avoid naming those individuals."

The ICO has published advice to help organisations in facing up to the>

"Organisations will be struggling to keep pace in this fast-changing environment," added Jon. "It's important to make sure you don't drop the ball when it comes to> If you end up with a breach and compromised data when you come out the other end it will be a serious issue. The ICO has the power to impose fines of up to €20m or 4% of total worldwide turnover and the damage to corporate reputation can be immense."

Web site content note:

This is not legal advice; it is intended to provide information of general interest about current legal issues.

    Get in touch