The Impact of COVID-19 on GDPR
Privacy: The Impact of COVID-19 on GDPR
In the immediate aftermath of COVID-19, some businesses were suddenly required to shift operations online and entire workforces needed to work from home. One of the major fallouts to emerge from this was just how acute the appetite for remote working has been.
In fact, 78% of employees have expressed a desire to spend at least a certain amount of their time working from home in a post-pandemic world, according to a survey by McCrindle. But while our ways of working might have changed in Australia, one thing that hasn’t wavered is the necessity of compliance with the GDPR.
In light of this, many organisations will likely settle upon a hybrid working environment. With a mix of employees working in the office, at home or a combination of the two, the risks of a data breach in the so-called new normal are very real – and businesses must act to ensure GDPR compliance in Australia.
A failure to do so can result in significant reputational and financial damage. Fortunately, Shred-it can support you to mitigate the risks and protect your business, customers and employees. To help you do so, in this article we’ll explore the impact of COVID-19 and GDPR and any steps you can take to maximise compliance in this year – and beyond.
How has COVID-19 affected the Data Protection Laws?
Many regulators were unprepared for the global pandemic. However, after some adjusting, they were able to provide guidance on how to interpret existing legislation during the crisis.
Ultimately, nothing significant changed and existing legislations must still be adhered to, even during times of crisis. In fact, the case was made that compliance is now more important than ever – albeit exceptions can be made for governments to act in the public interest. But even then, they must limit the data they use.
Lines are blurred, however, when we look at the collection of data throughout the public health crisis. For many businesses – particularly in the hospitality industry – taking people’s names, phone numbers and other personal data for the purposes of contact tracing was required to remain open.
But concerns were raised that businesses were not being careful about how the information was being collected, that it could be used for other purposes, or that it was often left lying in plain sight, as reported by The Guardian.
How to Make Your Business More Resilient Against Data Breaches?
Since the start of COVID-19, malicious or criminal attacks remain the leading cause of data breaches, with human error continuing to be the second largest cause, as reported in the Office of the Australian Information Commissioner’s (OAIC) Notifiable Data Breaches Report.
Part and parcel of this has been the increased risks that have arisen from remote working. But regardless of whether your organisation is embracing remote or hybrid working, our secure shredding services can help you remain compliant with the GDPR.
However, there are some simple steps you can take to further mitigate the risks and make your business more resilient against data breaches. This includes: educating employees, securing digital devices, limiting access to sensitive data, securing paper documents and employing a Shred-it All Policy.
In addition, we can also protect your remote workforce with secure, purpose-built bags to store all confidential documents when they are no longer needed. Staff simply seal these bags and return them when they’re next in the office.
Shred-it protects what matters and what matters to us is the security of your business. By following these simple steps, combined with our specialty shredding services, you can give your company every chance to prevent your personal information from falling into the wrong hands.
This article is provided for your convenience and does not constitute legal advice. Readers should not take, or refrain from taking, actions based upon the content of this article. Prior results do not guarantee similar outcomes. Please seek professional legal advice.