Call to book: 01983 861133

Covid-19 & GDPR: Managing Employee Data Conference

Time: 14:00 - 17:30 (if you can't attend live, register to watch the recording)

Cost per attendee: £195 + VAT 

Please note: Event summary and agenda will be updated soon. If you have a topic to suggest or might like to speak at, endorse, or sponsor the event, please see how to get involved here.


Which functions will benefit from attending

  • HR, Pay roll, HR Operations and Admin, Security and Compliance, HR Information Services Management


Welcome and introduction

Conducting an effective Data Protection Impact Assessment (DPIA) to reduce risks

  • Categorising, storing, and documenting: working within the law
  • Carrying out a DPIA: scope and depth
  • Managing a rise in SARS with reduced staff
  • On-site surveillance: temperature tests and thermal cameras: the legal implications
  • Staff communications: what must you inform them about?
  • What about data when staff have arranged their own tests?
  • Ensuring transparency
  • Mitigating risk: key questions to ask

Returning to work

  • Staff information rights
  • Testing returning staff: clarifying grey areas
  • Mandatory testing scenarios
  • Sharing info with other employees
  • Monitoring staff with symptoms
  • Whistleblowing and other risks
  • Outsourcing the testing process: working lawfully
  • Changes to policy and communication: a blueprint


  • Holding test data: the new ICO guidance
  • GDPR and DPA Act 2017: defining “lawfully, respectfully, and transparently” and “legitimate interest”
  • Understanding testing options
  • Keeping the information current
  • Who should you test?: avoiding discrimination claims
  • What data are you allowed to collect?
  • “Special category data”: a simple definition
  • Safety added value or invasion of privacy?: should you test employees?

Tea break

Collecting data from contact tracing

  • Collecting personal customer data:
    • What are you allowed to ask?
    • How long can you keep it?
    • Consent issues and challenges
  • Communication policy and content
  • Ensuring collection methods are lawful
  • Ensuring the data is accurate
  • Sharing and transparency issues
  • Duty of confidence: when and how can it be overridden
  • Using a contact tracing scheme: the mechanics
  • Collecting data from young or vulnerable customers
  • Using the data for other purposes

Working from home challenges

  • Employee devices: the risks and solutions
  • Breaches of confidentiality
  • A security checklist for employers
  • Physically securing data in transit
  • Business continuity concerns
  • Key messages for training: raising employee security awareness
  • Use of internet and social media platforms
  • Revisiting and updating guidelines and policy on processing, storing and sending information
  • Video conferences: working safely and securely

Managing a data breach in remote working situations

  • Key technical and organisational measures you must show
  • What to report and to whom?
  • Hacking and power outages
  • Risk assessment considerations
  • Notifying data subjects


Contact us to book or discuss our events & services

Phone icon 01983 861133
Email icon

Exclusive offers

Get early bird offers, discounts and useful HR content straight to your inbox

By signing up you agree to our privacy policy

In-house training

We can tailor this course to run in-house. Find out more