GDPR

Body temperature readings

Some organizations are taking into consideration installing temperature scanners or other means of verifying the body temperature of staff and visitors, in their effort to protect the workplace against the spread of COVID-19. This is a sensitive topic which needs careful analysis by each company, especially with regard to the effectiveness of the devices used for this purpose, setting up…

Collecting health data through questionnaires

The issue of implementing questionnaires which gather health data and other information about the existence of risk factors, to both employees, collaborators and visitors, does not have a unified approach by the European Data Protection Authorities. While some authorities expressly prohibit such methods of systematic and general data collection, others allow organizations to make their own assessment and to decide…

Disclosing COVID-19 diagnosis

Companies explore whether they can disclose that someone has been diagnosed with COVID-19, in their efforts to protect staff and the general public. This article describes recent opinions published by EU Data Protection Authorities on the issue. Statement of the European Data Protection Board The EDPB, in its Statement on the processing of personal data in the context of the…

Legal basis for processing health data

Because health data represents a special category of data, the GDPR allows processing only in exceptional situations indicated in Art. 9(2). In the context of measures aimed at containing the spread of COVID-19, organizations are asking which is the correct basis (the exemption) which would allow them to collect data about the health situation of employees. This article sums up…

Data Protection Newsletter – no.2/2020 February

This month in data protection news: ● See guidance from EU data protection authorities on how to process personal data in the context of COVID-19 ● Read about recent GDPR sanctions, including in the filed of telecoms ● Find out the recent guidelines from data protection authorities ● More GDPR news and further readings.

Data Protection News: January 2020

Data Protection News: December 2019

The end of December is usually a time for recollection, for looking back on the accomplishments and challenges of the year almost ending and setting the vision for the following revolution around the Sun. So, we’ve compiled a small list of documents offering an overview of data protection themes in the past year, to help you immerse in this reflective…

Guidance from Data Protection Authorities in 2019

Data Protection News: November 2019

November's data protection news: ● In a demoralising turn of events, the development of the ePrivacy Regulation proposal has come to a standstill ● Guidelines and reports from EU data protection authorities ● Cases and decisions from EU Member States ● Enforcement actions taken by National Data Protection Authorities ● Recommended articles.

Data Protection News: October 2019

It seems like time is rushing us, but take a moment to think about the importance of last month's events for European data privacy: ● Data controllers in Romania start to feel the pressure of GDPR and ePrivacy enforcement, after a list of 55 corrective measures was published by the Data Protection Authority (ANSPDCP). ● Many useful guidelines were published…