Covid-19 brings challenges for all of us and forces us to have new behaviors. This pandemic imposes several challenges on organizations with regard to the processing of personal data of workers, service providers or visitors who need access to the company’s facilities. Therefore, companies have implemented new methods of collecting personal data so that they can comply with the contingency plans that are being adopted by companies. In today’s article, we leave some important aspects to properly treat personal data in the context of Covid-19!
Ways of data collection
Organizations must use means of data collection that do not identify (or allow to identify) the data subjects. Anonymous forms or surveys are advised, whenever these means are compatible with the purpose of data collection. When this is not possible, companies must ensure that the personal data processed are adequate and limited, taking into account the purpose for which they are processed.
If companies want to collect personal data that they consider relevant, such as recent travel and contacts with people infected with Covid-19, they should take into account the different levels of protection that the legislation offers to the data in question. The processing of data in this context can happen if there is recourse to the legitimate interests of organizations. They can also be treated as they aim to defend the health of the data subject and other people.
Exceptions to the ban on personal health data
Companies can justify the processing of personal health-related data to protect public health. They can also treat them for the purpose of fulfilling obligations and for exercising rights related to labor legislation and social security, to ensure the safety and health of workers and to prevent the spread of the new coronavirus.
GDPR is here!
There are many companies that have not yet prepared themselves to protect their data in accordance with the new legislation. The fines are quite high and it is unconscious not to be concerned with the information of your business, as the exposure of sensitive data can seriously compromise the organization’s survival. At a time when data processing is so important, companies must ensure that highly sensitive data is encrypted or masked, so that there is no risk of being lost and the company is a victim of the heavy fines contained in the new regulation. Datapeers offers a variety of sophisticated scrambling techniques to protect sensitive data, replacing it irreversibly with fictitious but realistic data.