Covid-19: Managing Employee Data Conference
Time: 14:00 - 17:30 (if you can't attend live, register to watch the recording)
Cost per attendee: £195 + VAT
Platform: Zoom - An encrypted zoom platform with password access. Click here for further information and to test access
“Remote employees are not concerned about data security. According to Imation Corp survey, one-third of remote employees admitted they had lost devices in a public place and 44% of respondents said that data was never encrypted when taken out of the office. 40% of remote employees said they did not have the right tools nor policies to work remotely, whilst 76% of remote workers said that they had accessed work files with non-protected devices” – HR ZONE
Remote working under Covid has presented many challenges to organisations, including how to protect sensitive data. The lack of common workplace security protections has left employees vulnerable to an array of security risks. It is therefore vital for organisations to develop a simple and successful strategy to integrate, manage, and monitor data protection requirements to minimise organisational vulnerability. Failure to do this can lead to a full-scale investigation and punitive fines from the ICO if companies are found to be in breach of GDPR guidelines.
With sensitive information needing to be collected in track and trace scenarios, employers must be up to date with the legal requirements that they must adhere to. In the case of both customers and staff, a sound understanding of how to handle personal data is needed to ensure organisations can continue operating smoothly, without facing legal ramifications.
Conference attendees will understand necessary actions to manage and protect data in accordance with COVID-19 track and trace, and remote working information, with focus on:
- Conducting an effective Data Protection Impact Assessment (DPIA)
- Returning to work
- Collecting data from contact tracing
- Working from home challenges
- Managing a data breach in remote working situations
For over 20 years BFI has run both data protection and pandemic planning conferences to help organisations keep their data safe and create effective strategies in the event of a situation that we are now facing. Over recent months, we have been providing the latest developments and information to help employers manage data of both remote and on-site businesses in compliance with the law.
If you have a topic to suggest or might like to speak at, endorse, or sponsor the event, please see how to get involved here
Which functions will benefit from attending
- HR, Payroll, HR Operations and Admin, HR Information Services Management, Recruitment & Resourcing, Security and Compliance, Privacy, IT, Finance, Legal, Training & Development, Policy & strategy, Line Management
Welcome and introduction
Conducting an effective Data Protection Impact Assessment (DPIA) to reduce risks
GDPR, Employment Law & Health and Safety Barrister , Ilisi
- Categorising, storing, and documenting: working within the law
- Carrying out a DPIA: scope and depth
- Managing a rise in SARS with reduced staff
- On-site surveillance: temperature tests and thermal cameras: the legal implications
- Staff communications: what must you inform them about?
- What about data when staff have arranged their own tests?
- Ensuring transparency
- Mitigating risk: key questions to ask
ICO considerations when returning staff to work
Legal Director , DLA Piper UK LLP
Katherine is an employment practitioner in DLA Piper's London office. She advises employers across all sectors, including Banking, Transport and Life Sciences. Katherine worked in-house for a number of years before returning to private practice. She advises employers across both domestic and international employment matters and data privacy issues. She is experienced across all types of employment work, including litigation, transactional support and business protection. In addition, Katherine regularly advises clients on the data protection aspects of employment, including employee monitoring and cross-border data transfers. Katherine provides strategic and commercially aligned advice, assisting clients to achieve their objectives and manage risk.
- Staff information rights
- Mandatory testing scenarios
- Sharing info with other employees
- Monitoring staff with symptoms
- Whistleblowing and other risks
- Outsourcing the testing process: working lawfully
- Changes to policy and communication: a blueprint
Senior Data Protection Advisor , Bird and Bird
Experienced and IAPP-certified data protection & privacy professional with a demonstrated history of establishing and leading operationally effective privacy programs in multinational companies. Expert knowledge of the GDPR and ePrivacy Directive and strong knowledge of global privacy laws. Excellent experience in advising on international data transfers (Binding Corporate Rules) and employee privacy issues.
- GDPR and Data Protection Act 2018: lawful basis for employers to process employee health data
- What is the ICO’s current guidance for employers during the pandemic?
- What data can employers collect from their employees related to COVID-19?
- What tests can employers lawfully carry out on the workforce?
- How are COVID-19 records kept up to date?
Working from home: audit, policy and practice guidelines
Infosec, IT Risk Analysis and Management and GDPR Expert
- Employee devices: the risks and solutions
- Breaches of confidentiality
- A security checklist for employers
- Physically securing data in transit
- Business continuity concerns
- Key messages for training: raising employee security awareness
- Use of internet and social media platforms
- Revisiting and updating guidelines and policy on processing, storing and sending information
- Video conferences: working safely and securely
Challenges of remote working situations
- Key technical and organisational measures you must show
- What to report and to whom?
- Hacking and power outages
- Risk assessment considerations
- Notifying data subjects