Posted on Jul 28, 2020 in Data Protection by Loretta Maxfield
Following the announcement on the 24th March that the UK was going into ‘lock-down’, most businesses had to flip their operating environment to a ‘working from home’ environment almost overnight. Now four months later, many businesses are still operating from home and plan to continue to do this for some time yet.
While there are many benefits to working from home, a predictable downside is that staff members become disconnected from each other and the team spirit culture starts to slip. It is well established that a good culture at the workplace brings higher employee engagement, productivity and retention. Also, by having little time to prepare for working for home, many businesses were not able to carefully consider and plan for the risks of home-working.
Thankfully technology has supported many businesses to stay connected to staff and clients and continue operating on some level as a business. However, while technology may have allowed businesses to stay connected, have the risks been considered? This article sets out some key tips for businesses to consider where they are to continue to operate from home.
Use of video conferencing and chat applications
When deciding which video-conferencing or chat software to use, choose a supplier you can trust as well as considering cost and ease of use. Conduct a due diligence exercise on new suppliers and complete an impact assessment to ensure that you have considered any data protection risks e.g. whether your personal data will be transferred outside the EEA? Lastly, ensure you sign up to Terms and Conditions with appropriate assurances in relation to information security and data protection.
Keeping devices and accounts secure
It’s important to make sure that access to your employees’ devices and accounts is secure, even when home working under lockdown conditions. Ensure that software and antivirus updates (including ios/android updates) are installed on electronic devices used for work. Avoid allowing staff to use personal phone numbers and email accounts for work purposes. If this is unavoidable, inform employees that should they must use a personal email account for work purposes, to do so with caution, particularly if used to share personal data. Remind staff to lock their screens when devices are unattended.
Issue clear home-working guidelines to staff
Once you have chosen your supplier(s) and have identified appropriate standards you wish your staff to comply with to ensure the security of your data, communicate these expectations to your workforce in the form of a Working from Home Policy. Ensure any expectations are reasonable taking into consideration sensitivity of the data and also the resources employees will have at home e.g. not everyone will have a shredder to dispose of information.
Protecting physical copies of personal data/customer files
It may be necessary for your staff to take copies of personal data or customer files home. This should be limited wherever possible. However, if this is necessary, we recommend that your business keeps a record of the documents to track all data and ensure nothing is misplaced.
Receive the latest news, legal updates and event information straight to your inboxStay Updated