Tag Archives for " employees "

Sensitive personal data in HR functions: climbing the ladder of legal bases

The GDPR’s entry into force has forced HR teams across the US and EU to re-evaluate the ways in which they justify the use of personal data relating to their employees, applicants and contractors.

Whilst compliance priorities will vary between businesses, all US headquartered organizations with a presence or personnel in the UK should be particularly mindful of their enhanced obligations to satisfy multiple conditions under both the GDPR and the UK’s new Data Protection Act 2018 (“DPA 2018“) before collecting certain special categories of personal data.

Full article: Sensitive personal data in HR functions: climbing the ladder of legal bases

Vicarious liability in the data breach context – bad news for UK employers?

The Court of Appeal has upheld a decision of the High Court holding that an employer can be vicariously liable for data breaches caused by the actions of an employee, even where the employee’s actions were specifically intended to harm the employer.

Full article: Vicarious liability in the data breach context – bad news for UK employers?

The perils of employee-collaboration tools and how to avoid them

Today, the rise of flexible work schedules, job shares and teleworking, has created much desired flexibility for many workers. In order to accommodate this growing trend, employers are investing in online collaboration tools in which employees who are separated by time or space are able to efficiently work together. The utility and efficiency of online shared workspace is undeniable. However, also undeniable is the inherent privacy risk that these collaboration tools create.

Full article: The perils of employee-collaboration tools and how to avoid them

Walmart’s Newly Patented Technology For Eavesdropping On Workers Presents Privacy Concerns

Walmart just won a patent for audio surveillance technology that measures workers’ performance, and could even listen to their conversations with customers at checkout. While there’s no guarantee that Walmart will ever build this technology, the patent shows the company is thinking about using tech not just to facilitate deliveries or make its warehouses more efficient, but also to manage its workforce, which is the largest in the United States.

Source: Walmart’s Newly Patented Technology For Eavesdropping On Workers Presents Privacy Concerns

Poland regulates workplace monitoring

CCTV in the workplace under the Polish law Until recently, the matter of video surveillance in the workplace has not been explicitly regulated by Polish law. However, the new changes to the employment law dated May 10, 2018, address the issue of the use of video surveillance in the workplace.

Source: Poland regulates workplace monitoring

An Employee’s Right of Erasure Under the GDPR

GDPR introduces the concept of a “right of erasure” i.e. a ‘right to be forgotten’. Although the concept currently exists under EU law, it is currently applicable under very limited circumstances, when data processing may result in damage or distress.

Under the GDPR, pursuant to Article 17 and Recital 65, an employee will have a right to have his/her data erased and no longer processed, where consent of processing is withdrawn, where the employee objects to such processing, or where processing is no longer necessary for the purpose for which it was gathered. That said, the employer, under certain circumstances, can refuse to comply with an employee’s request for erasure of personal data – where data processing is required by law or in connection with a legal proceeding.

Source: An Employee’s Right of Erasure Under the GDPR | Workplace Privacy, Data Management & Security Report

Spanish court admits emails from internal investigation as evidence

A judicial decision, issued by the employment division of the Spanish Supreme Court, has confirmed the admissibility as evidence, to justify a dismissal, of the emails of the dismissed employee obtained in the course of an internal investigation.

This decision has its origin in a claim for unfair dismissal filed by an employee of a Spanish company which had been dismissed by the company for committing very serious infringements of the Spanish Workers’ Statute – it was proven that the dismissed employee had accepted a bribe from one of the company’s suppliers.

Source: Spanish court admits emails from internal investigation as evidence

8 steps to GDPR compliance: A brief guide for HR functions

At its core, the GDPR dramatically heightens expectations on businesses in the way that they manage, use, store, secure and otherwise process personal data.

Clearly, HR and Talent functions act as the custodians of significant volumes of often sensitive or confidential personal data within any organisation, and must therefore take centre stage as this new and demanding law bites.

Source: 8 steps to GDPR compliance: A brief guide for HR functions

Greek DPA “further elaborates” on processing of data stored in corporate computers

The Hellenic data protection authority (‘HDPA’) issued, on 19 April 2018, Decision No. 34/2018 on a complaint filed by a former employee of N. KRITIKOS – G. NTAIRTZES SA PAPER TRADE alleging that the Company denied his right to access and unlawfully processed his personal data.

In particular, the Company had carried out an inspection of the computer used by the Complainant for professional purposes during his absence and without previously notifying him or obtaining his consent, which he alleged also contained personal files.

Source: Greece: HDPA “further elaborates” on processing of data stored in corporate computers

In these three countries, employee consent may be the only way to transfer their data

Before a deep dive into the issues of employee data processing and transfer, it is worth examining the requirements for employment documentation in Russia, Belarus, and Ukraine.

Generally, paper files remain the prevailing form of such documentation, and they are extensively used by local companies to demonstrate compliance to state regulators. Among other purposes, employee records maintained in a prescribed way present a proof of proper employee data collection allowing its further processing.

Source: In these three countries, employee consent may be the only way to transfer their data

1 2 3
>