May 26, 2024

What do you need to know about handling personal data?

COVID-19 continues to have significant impacts on businesses and the economy. From the extension of the furlough scheme, to mass redundancies and remote working, every aspect of business has been affected. 

For many organisations the uninterrupted continuation of work has been crucial, and with ongoing lockdown regulations remaining strict, remote working has never been so important. 

This has however, led to employers experiencing new challenges when it comes to the handling of personal data.

Phil Parkinson, Head of Commercial Law at Blacks Solicitors, discusses the rise in new issues being experienced by businesses in terms of handling personal data, and what employers need to be aware of. 

What do employers need to know?

It’s crucial that businesses preserve the trust of their clients, suppliers and customers in order to maintain cash flow. GDPR and the handling of personal data must continue to be a key focus for employers and employees to ensure that the sensitive information held by a company is kept secure. 

A breach in GDPR during this difficult time could be catastrophic for a significant number of organisations with the potential for fines of up to £10m or 2% of annual global turnover1. This could leave many organisations crippled, particularly in a time of recession which we’re currently facing.

The impact of COVID-19

Overall, businesses appear to have dealt with COVID and data effectively with information continuing to circulate.

Business owners and employers should regularly review procedures and the security systems in place to enable employees to continue working from home successfully. This will also ensure GDPR policies that were put in place are still followed.

Staff should be trained in cybersecurity, including protecting documents (both physical and virtual), at home and in the office. Employees should also be made aware of potential scams as these are prevalent and criminals look for security weaknesses.

Businesses should invest in a Virtual Private Network (VPN) to keep connections and personal data secure.

What can we expect from Brexit?

In terms of data, the Brexit deal has ensured that personal data can continue to be transferred between the UK and EU. Current practices will continue for up to six months, with the transfer of data between the EU to UK being confirmed by June 2021. 

This is the best possible outcome that could have been achieved for UK organisations  which process personal data from the EU. Business owners can remain confident in the continued free flow of personal data without having to make any changes to data protection practices. 

Employers should continue to monitor for any updates to policies, with a particular focus on the review in June this year and what this could mean for GDPR and data protection. 

The societal and economic changes currently taking place in the UK are having far reaching and significant consequences for the majority of businesses. However, if business owners and employers monitor for important updates and methods of protecting data, the day-to-day running of most organisations, including the ability to comply with GDPR regulations, shouldn’t be impacted.