The final provision of New York’s Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”), 2019 N.Y. Ch. 117, took effect on March 21, 2020. For more information on the SHIELD Act, visit our previous blog post, New York Cybersecurity Upgrades: Are you Ready?, which provides an overview of the most-recent provision that
COVID-19
Webinar – COVID-19 and EU Data Protection: Advice for Businesses Operating in the EU
On Thursday, 26 March 2020, we will host a webinar – COVID-19 and EU Data Protection: Advice for Businesses Operating in the EU.
Continue Reading Webinar – COVID-19 and EU Data Protection: Advice for Businesses Operating in the EU
Further Update from ICO on COVID-19 and Individuals
The ICO has updated its own blog with more helpful information, this time for individuals who may be worried about the increased processing of their own personal data and sensitive information, in light of the ongoing COVID-19 crisis.
Of interest to businesses and employers, is the recognition that whilst employees might think requests for information…
Recommendations by the CNIL in the Context of COVID-19
On March 6, 2020, the CNIL published recommendations on the collection of personal data in the context of COVID-19. Health data is particularly protected within the framework of a series of regulations (notably GDPR, French Data Protection Act and French Public Health Code).
Restrictions
The CNIL insists that employers cannot take measures likely to impair the privacy of the data subjects, in particular, by collecting health data that would go beyond the management of suspected exposure to the virus.
For example, employers must refrain from collecting in a systematic and generalized manner, or through individual inquiries and requests, information relating to the search for possible symptoms presented by an employee/agent and their relatives. It is, therefore, not possible to implement, for example:
Continue Reading Recommendations by the CNIL in the Context of COVID-19
Update – ICO Issues Guidance on Data Protection and Coronavirus (COVID-19)
Further to our earlier blog on the data protection aspects of responding to COVID-19, we note that the ICO have now issued guidance on the matter, answering some of the key questions for organisations, businesses and employers.
This is helpful guidance, issued under a statement aimed at public bodies and health practitioners, (so could easily…
Data Protection Issues Raised by Guidance and Efforts to Prevent the Spread of COVID-19
As government agencies and businesses attempt to deal with the ramifications of Covid-19, the potential impact on privacy rights should not be overlooked. Certain measures that are under consideration to help combat the threat of the Covid-19 virus raise a number of questions about the practical impact of current guidance and efforts to prevent the spread of infection. Clearly, in light of the serious global threat posed by this virus, application of the data protection must be proportionate. We examine the two questions frequently asked questions from our clients:
- Can you ask employees about their travel plans (either before or after a holiday abroad)?
- Can you require employees to undergo a medical examination or submit to tests to check their temperature?