Handling personal data when working from home

3 Feb 2021 By Phil Parkinson

With so many employees now doing their jobs remotely, Phil Parkinson outlines what businesses need to be aware of when dealing with sensitive information

The coronavirus pandemic continues to have significant impacts on businesses and the economy. From the extension of the furlough scheme to mass redundancies and remote working – every aspect of business has been affected. 

For many organisations the uninterrupted continuation of work is crucial and, with ongoing lockdown regulations remaining strict, remote working has never been so important. This has led to employers experiencing new challenges when it comes to the handling of personal data.

What do employers need to know?

It’s crucial that businesses preserve the trust of their clients, suppliers and customers to maintain cash flow. The GDPR and the handling of personal data must continue to be a key focus for employers and employees to ensure the sensitive information held by a company is kept secure. 

With potential fines of up to £10m, or 2 per cent of annual global turnover, a breach of the GDPR during this difficult time could be catastrophic for companies, particularly during a time of recession.

The impact of Covid-19

Overall, businesses appear to have dealt with coronavirus and data effectively, with information continuing to circulate.

Business owners and employers should regularly review procedures and the security systems in place to enable employees to continue working from home successfully. This will also ensure GDPR policies that were put in place are still followed. Staff should be trained in cybersecurity, including protecting documents (both physical and virtual), at home and in the office. Employees should also be made aware of potential scams as these are prevalent and criminals look for security weaknesses. Businesses should also invest in a virtual private network to keep connections and personal data secure.

What can we expect from Brexit?

In terms of data, the Brexit deal has ensured that personal data can continue to be transferred between the UK and EU. Current practices will continue for up to six months, with the details of any policy changes on the transfer of data being confirmed by June 2021. This is the best possible outcome that could have been achieved for UK organisations that process personal data from the EU. Business owners can remain confident in the continued free flow of data without having to make any changes to data protection practices. 

Employers should continue to monitor for any updates to policies, with a particular focus on the review in June this year and what this could mean for the GDPR and data protection. 

The societal and economic changes currently taking place in the UK are having far-reaching and significant consequences for the majority of businesses. So just staying on top of any updates can help keep the day-to-day things running smoothly with minimal impact.

Phil Parkinson is head of commercial law at Blacks Solicitors

Senior Training Officer

Senior Training Officer

Stoke-on-Trent, Staffordshire



HR Case Manager (Development Scheme)

HR Case Manager (Development Scheme)

Birmingham, Durham, Manchester and Rochester

£25,118 - £26,901

Ministry of Justice

Human Resources Operations Manager

Human Resources Operations Manager



Hillside (Shared Services 2018) Limited

View More Jobs

Explore related articles