Data protection requirements in the home office

In the March issue of our ePrivacy Newsletter we already reported on the requirements that the GDPR places on working in home offices.
For more than two months now, the Corona crisis has had a firm grip on the world of work. Wherever possible, companies have sent their employees into the home office and working from home has become the norm for many people. In order to be able to continue the intensive exchange with customers and colleagues, they are using mobile devices and various IT solutions such as video conferencing tools and collaboration platforms.
Information on the requirements of data protection for IT security for mobile working can be found in Article 31 Paragraph 1 of the GDPR. If personal data are processed, the requirements are particularly high. 
Relaxation of data protection at times of “lockdown
In view of the current situation, some supervisory authorities have relaxed the strict requirements. For example, the Bavarian State Commissioner for Data Protection (BayLfD) has issued a “Special information on mobile working with private devices to cope with the corona pandemic”. This regulates, among other things, the use of non-official terminal devices and private messenger and cloud services for professional purposes. 
Create IT security policies
To be on the safe side at all times, an IT security policy should also cover the home office. This can be adapted individually and according to the current requirements and serves not least to sensitize employees when handling data of any kind.
However, a checklist can also be used to document the implementation of data protection in the home office of individual employees. This enables the company to determine for each individual employee’s home office workstation whether the workstation meets the requirements for data protection and data security (e.g. access and access restrictions to the workstation and computer, etc.) 
Our data protection experts at ePrivacy will be happy to provide you with a checklist of the data protection requirements for a home office regulation, from the basic requirements to the special features in times of the Corona crisis.