Covid-19 & GDPR: Managing Employee Data Conference
Time: 14:00 - 17:30 (if you can't attend live, register to watch the recording)
Cost per attendee: £195 + VAT
Please note: Event summary and agenda will be updated soon. If you have a topic to suggest or might like to speak at, endorse, or sponsor the event, please see how to get involved here.
Which functions will benefit from attending
- HR, Pay roll, HR Operations and Admin, Security and Compliance, HR Information Services Management
Welcome and introduction
Conducting an effective Data Protection Impact Assessment (DPIA) to reduce risks
- Categorising, storing, and documenting: working within the law
- Carrying out a DPIA: scope and depth
- Managing a rise in SARS with reduced staff
- On-site surveillance: temperature tests and thermal cameras: the legal implications
- Staff communications: what must you inform them about?
- What about data when staff have arranged their own tests?
- Ensuring transparency
- Mitigating risk: key questions to ask
Returning to work
- Staff information rights
- Testing returning staff: clarifying grey areas
- Mandatory testing scenarios
- Sharing info with other employees
- Monitoring staff with symptoms
- Whistleblowing and other risks
- Outsourcing the testing process: working lawfully
- Changes to policy and communication: a blueprint
- Holding test data: the new ICO guidance
- GDPR and DPA Act 2017: defining “lawfully, respectfully, and transparently” and “legitimate interest”
- Understanding testing options
- Keeping the information current
- Who should you test?: avoiding discrimination claims
- What data are you allowed to collect?
- “Special category data”: a simple definition
- Safety added value or invasion of privacy?: should you test employees?
Collecting data from contact tracing
- Collecting personal customer data:
- What are you allowed to ask?
- How long can you keep it?
- Consent issues and challenges
- Communication policy and content
- Ensuring collection methods are lawful
- Ensuring the data is accurate
- Sharing and transparency issues
- Duty of confidence: when and how can it be overridden
- Using a contact tracing scheme: the mechanics
- Collecting data from young or vulnerable customers
- Using the data for other purposes
Working from home challenges
- Employee devices: the risks and solutions
- Breaches of confidentiality
- A security checklist for employers
- Physically securing data in transit
- Business continuity concerns
- Key messages for training: raising employee security awareness
- Use of internet and social media platforms
- Revisiting and updating guidelines and policy on processing, storing and sending information
- Video conferences: working safely and securely
Managing a data breach in remote working situations
- Key technical and organisational measures you must show
- What to report and to whom?
- Hacking and power outages
- Risk assessment considerations
- Notifying data subjects