In our latest infographic we analyse the data protection challenges and pitfalls, and provide you with a checklist to help decision making.
CONSIDER
Introducing new technology to facilitate and enhance team productivity.
- Training provided and understanding checked?
- Easy for staff to access? (So they don’t shortcut!)
- Controls and training for anyone else using the system?
- Lines of reporting and monitoring?
CONSIDER
Staff and others Accessing Multiple Digital Platforms.
- Who owns the device?
- Which apps and software are being used?
- Anyone else using the device or Internet connection?
- Robust password controls?
- Is the data being processed in the UK/EU?
CONSIDER
Processing data between the home-office and office, and using co-working space(s).
- Who can see the device/paper/system in use?
- Who see it when not in use?
- Private space for confidential conversations or work?
- Are USB sticks/drives or DVDs being used?
- Where is the personal data is being processed?
- What format is the personal data?
Tips and Solutions
- Remember GDPR also applies to paper files, not just digital ones.
- Conduct a GDPR Audit to identify areas of risk.
- Review and update your register of processing activities (your ‘data map’).
- Keep your asset register (hardware, software) up to date.
- Consider a Data Protection Impact Assessment for new or changing technology or processing activities.
- Review and update policies to ensure they reflect the hybrid working model you are adopting.
- Establish robust lines of communication for reporting, monitoring and managing the processing of personal data.
- Provide updated data protection and security training to your staff who are affected by hybrid working and check their understanding.
- Provide regular data protection training to people who are affected by hybrid working… and check their understanding.