Data protection policies needed when working from home

Data protection

Working from home has become the new norm for many companies this past year. Due to this there has been a rise in new issues experienced by businesses involving GDPR and data protection. Employers are now being warned to ensure that confidential data is kept secure as staff continue to work from home.


GDPR must continue to be a key focus for both employers and employees. Sensitive information held by the company must be kept secure in order to retain the trust of clients, suppliers and customers. But not only for trust, a breach in GDPR can be extremely damaging to a company with potential fines of up to £10 million.


Working from home was seen to be a temporary measure when lockdown first began in March. However, almost nine months down the line many businesses are still working from home and some are considering keeping it this way for the future. However, employers may have not made the necessary changes to these employees’ employment contracts to ensure the security of confidential information. This puts them at a risk of breaching data protection laws.


Often there are contracts in place for workers to not disclose confidential information. As well as this, employers should have a data policy in place as well as having entered a Privacy Notice with all workers. In the workplace is it much easier to monitor and ensure that the policies are maintained. When staff are all working remotely in different locations it is increasingly difficult to enforce this.


Due to this businesses will need to have additional measures in place. A data privacy impact assessment and risk assessment should be conducted. Information regarding who can access the employees’ computer, password and encryption measures and the actions for moving data, paper and electronic files between the office and home needs to be included in these assessments.


What you need to do as an employer:


  • Employers must communicate to staff how they can protect data
  • Ensure that staff are recording all decisions so that information is available if there was an emergency
  • Even if you do not have a formal policy in place, whilst you put one together you should communicate with your staff highlighting the issues to be aware of and how to combat them


What you need to do as an employee:


  • If you are using your own equipment everything should be password protected and passwords should not be given to a third party
  • If you are working around other people – computers and devices should be locked if you leave the room
  • Documents should not be sent to private emails – instead keep all business property (including documents) confidential via a work email
  • When taking work calls, try to take these in a private area where conversations will not be overheard


How can oneHR help?


Safe and Secure


oneHR is a cloud hosting platform which protects your data; everything is encrypted, and sent using HTTPS. oneHR has an archive system and encrypted remote backup to ensure that important data is not lost. You can be confident knowing your data is kept secure.


Unlimited Document Storage


Our centralised document storage solution can help to keep good recording keeping and remain legally compliant. It is a secure storage system which is accessible 24/7 no matter where you are. Therefore employees can work from home and access the documents needed with the confidence that they are stored securely. As it is all cloud-based there is no need for paper documents to leave the office – reducing the risk of lost documents with important and private data on.

The document storage system on oneHR can be used to upload the data policies/assessments into your employees’ document section. This way they have access to the policies/assessments when they need to refresh themselves on how to remain compliant.


Employee Directory


oneHR allows you to have access to all employee data whilst it is stored in the cloud safely. Employers do not have to take documents away from the office. Reducing the risk of private employee data being shared.


If you have any further questions or queries about the content above or would like to request a demo for oneHR, please don’t hesitate to contact the oneHR team today.


Twitter: @oneHR_

Sign up to our newsletter