2020-03-20
Legal Articles

Data protection in light of coronavirus

Home / Knowledge base / Data protection in light of coronavirus

Posted by Claire Halle-Smith on 20 March 2020

A statement recently published by the ICO confirms its understanding that the processing of personal data may be affected by the needs of an organisation when addressing the impact, and attempting to limit the spread, of the coronavirus (Covid-19) pandemic.

This will give some comfort to organisations who may need to share information quickly, where, for example, employers need to share information with healthcare authorities or to enable remote working, or within the healthcare sector where the timely sharing of information is required to administer treatment and to maintain open communications during this challenging time. 

Public health messages can be sent using electronic means without them constituting direct marketing, and other technologies can be used to facilitate consultations and diagnoses. It is also reasonable for organisations to request information as to a country a person has visited, or if a person is displaying any Covid-19 symptoms.

Keep staff informed

Health and safety obligations enable an employer to keep staff informed about cases or potential cases of Covid-19 within its organisation provided it does not disclose employee names or provide more information than is necessary.

Security measures

In all cases, organisations must be mindful of collecting more information than required and ensuring appropriate security measures are implemented with respect to such processing.

Proportionality, therefore, continues to be the prevalent consideration in any processing activity, the message from the ICO being that ‘if something feels excessive from the public’s point of view, then it probably is’.

As to other processing activity, a delay in complying with, say, responding to an individual’s rights request, is unlikely to attract any penalties where there is a need for the organisation to prioritise other areas, although statutory timescales will not be relaxed.

Conclusion

The concluding message is that data protection legislation will not prevent an organisation managing the impact of Covid-19 on its business, but it should continue to bear in mind the principles under the legislation and pay particular attention to the security of the data concerned.

About the author

Claire Halle-Smith

Senior Associate

Claire’s experience in-house coupled with her ten plus years’ advising on data privacy matters enables her to identify those key issues facing an organisation and to provide practical, solutions-based advice.

Claire Halle-Smith

Claire’s experience in-house coupled with her ten plus years’ advising on data privacy matters enables her to identify those key issues facing an organisation and to provide practical, solutions-based advice.

Recent articles

29 October 2020 Wright Hassall lands royal recognition

A Midlands law firm has landed royal recognition for its support to the wider community throughout the Coronavirus pandemic.

Read article
29 October 2020 A new way of approaching biodiversity offsetting

A Warwick-based property development company is supporting a project aimed at boosting wild-life levels in Warwickshire.

Read article
28 October 2020 The new model shared ownership lease

Government plans to introduce a new form of shared ownership lease from April 2021 will apply to all schemes funded by the 2021-26 Affordable Homes Programme. The intention is that it will be more consumer friendly, easier to access and allow shared owners to increase the stake in their home in a more manageable and affordable way.

Read article
Contact
How can we help?
01926 732512
CALL BACK