5 Data Protection Steps for Organisations Planning to Return to Work

Businesses are beginning to reopen as lockdown restrictions ease but there are a few things your organisation must consider when it comes to data protection and returning to the office.

Transparent and fair.

Employers are responsible for keeping their team safe and data protection does not stop you from asking the question “Are you experiencing COVID-19 symptoms?” as long as you are transparent and fair with your employees.

If you plan to collect personal data, be sure to consider the below 5 steps.

Only collect what you need

Before collecting any information regarding your team’s health, you should consider the following:

  • Is there a benefit to collecting extra personal data?
  • Will this data contribute to keeping your workplace safe?
  • If you didn’t have this data, could you accomplish the same result?

As long as you can illustrate that your reasoning for collecting the data is valid and you are collecting the data in a fair way, it is unlikely to raise data protection concerns.

Less is more 

When it comes to collecting data, less is more and you should only be collecting data you absolutely need. Information including COVID-19 symptoms and testing should only be collected with the aim to help implement back to work measures in the most appropriate way.

Some of the data you collect will not need to stay on permanent records and therefore will need to be deleted. Only collect the data if it fits the purpose and is relevant to the solution.

Keep it safe

Security of data is very important, only give access to those who need it and it is recommended that you set out when and how personal information needs to be reviewed, changed and deleted in your retention policy.

Make sure you are storing your data in a secure, protected area and restrict access to only those who require it, otherwise GDPR and Cyber Security risks will arise. It is also highly recommended that you use Two-Factor Authentication for a much needed extra layer of security.

Is your data safe?

Be kind and considerate

You must be mindful of the possible affects the measures will have on your employees, always let your team know why and how you will be using their personal information and what the implications for them will be. Being transparent and honest is important and always provide a privacy notice as people have the right to know why you need their data.

Never discriminate and consider any problems that your staff may suffer as a repercussion of your policy.

Keep your team informed

Staff should be kept informed at all times and have the right to access, when collecting data about them.

When it comes to symptom checking or testing you must follow a set of requirements including:

If you would like further information, the ICO will help guide you to ensure peoples information rights are not disregarded.


Share this entry
Get In Touch
close slider

New Enquiry

Contact Us


Get In Touch

If you are an existing client to get support call us on:

0117 923 1133 (Bristol)
01628 552861 (High Wycombe)
0207 993 0010 (London)
01865 593011 (Oxford)
01733 306633 (Peterborough)
01793 688595 (Swindon)
0161 823 3613 (Manchester)
0121 461 2667 (Birmingham)

Login to the portal

Login Here