scholarly journals ‘Complete Independence’ of National Data Protection Supervisory AuthoritiesSecond Try: Comments on the Judgment of the CJEU of 16 October 2012,C-614/10, with Due Regard to its Previous Judgment of 9 March 2010,C-518/07

2013 ◽  
Vol 9 (3) ◽  
pp. 26 ◽  
Author(s):  
Alexander Balthasar
Keyword(s):  
Data Protection ◽  
National Data ◽  
Complete Independence

Processing employees’ personal data during the Covid-19 pandemic

2020 ◽  
pp. 203195252097899
Author(s):  
Seili Suder
Keyword(s):  
Data Protection ◽  
Health And Safety ◽  
Personal Data ◽  
Health Data ◽  
Body Temperatures ◽  
National Data ◽  
Pragmatic Approach ◽  
General Data Protection Regulation ◽  
Nation States ◽  
General Data

While needing to ensure the health and safety of their employees during the Covid-19 pandemic, employers face many burning data protection questions, including under what conditions they can process employees’ personal data (in particular health data) and whether gathering personal data concerning employees’ medical history, trips and contacts with infected persons, is allowed. This article focuses on issues that are problematic, based on the analysis of guidance issued by the European Data Protection Board, as well as national data protection authorities and practitioners from 20 countries in response to these concerns. The first section of the article analyses concepts of personal data and health data in the context of Covid-19. Then the article proceeds with exploring what possible legal bases employers can use to process employees’ personal data in general, and health data in particular, under the General Data Protection Regulation when applying different measures to combat Covid-19. In the latter part of the article two practical questions raised by employers – concerning the checking of employees’ body temperatures and informing them of possible infection – are discussed. The analysis indicates that national data protection authorities seem to look for a reasonable and pragmatic approach regarding compliance with the GDPR in light of the Covid-19 emergency. However, their guidance differs in several areas and the views in between nation states are not always aligned. A more specific, clear and uniform pan-European vision concerning the processing of employees’ data in times of emergency is needed to better protect employees and limit the spread of the virus.

scholarly journals UK National Data Guardian for Health and Care’s Review of Data Security: Trust, better security and opt-outs

2016 ◽  
Vol 23 (3) ◽  
pp. 627 ◽  
Author(s):  
Tom Chan ◽  
Concetta Tania Di Iorio ◽  
Simon De Lusignan ◽  
Daniel Lo Russo ◽  
Craig Kuziemsky ◽  
...  
Keyword(s):  
Health Care ◽  
Data Protection ◽  
Data Security ◽  
Ageing Population ◽  
National Data ◽  
High Quality ◽  
Quality Health Care ◽  
Quality Health ◽  
High Quality Health Care ◽  
The Uk

Sharing health and social care data is essential to the delivery of high quality health care as well as disease surveillance, public health, and for conducting research. However, these societal benefits may be constrained by privacy and data protection principles. Hence, societies are striving to find a balance between the two competing public interests. Whilst the spread of IT advancements in recent decades has increased the demand for an increased privacy and data protection in many ways health is a special case.UK, are adopting guidelines, codes of conduct and regulatory instruments aimed to implement privacy principles into practical settings and enhance public trust. Accordingly, in 2015, the UK National Data Guardian (NDG) requested to conduct a further review of data protection, referred to as Caldicott 3.  The scope of this review is to strengthen data security standards and confidentiality. It also proposes a consent system based on an “opt-out” model rather than on “opt-in.Across Europe as well as internationally the privacy-health data sharing balance is not fixed.  In Europe enactment of the new EU Data Protection Regulation in 2016 constitute a major breakthrough, which is likely to have a profound effect on European countries and beyond.  In Australia and across North America different ways are being sought to balance out these twin requirements of a modern society - to preserve privacy alongside affording high quality health care for an ageing population.  Whilst in the UK privacy legal framework remains complex and fragmented into different layers of legislation, which may negatively impact on both the rights to privacy and health the UK is at the forefront in the uptake of international and EU privacy and data protection principles. And, if the privacy regime were reorganised in a more comprehensive manner, it could be used as a sound implementation model for other countries.

scholarly journals Reporting, recording, and communication of COVID-19 cases in workplace: data protection as a moving target

2020 ◽  
Vol 7 (1) ◽  
Author(s):  
Mahsa Shabani ◽  
Tom Goffin ◽  
Heidi Mertes
Keyword(s):  
Data Collection ◽  
Data Protection ◽  
Personal Data ◽  
Privacy Preserving ◽  
Moving Target ◽  
National Data ◽  
Risks And Benefits ◽  
Guidelines And Recommendations

Abstract In response to concerns related to privacy in the context of coronavirus disease 2019 (COVID-19), recently European and national Data Protection Authorities (DPAs) issued guidelines and recommendations addressing a variety of issues related to the processing of personal data for preventive purposes. One of the recurring questions in these guidelines is related to the rights and responsibilities of employers and employees in reporting, recording, and communicating COVID-19 cases in workplace. National DPAs in some cases adopted different approaches regarding duties in reporting and communicating the COVID-19 cases; however, they unanimously stressed the importance of adopting privacy-preserving approaches to avoid raising concerns about surveillance and stigmatization. We stress that in view of the increasing use of new data collection and sharing tools such as ‘tracing and warning’ apps, the associated privacy-related risks should be evaluated on an ongoing manner. In addition, the intricacies of different settings where such apps may be used should be taken into consideration when assessing the associated risks and benefits.

scholarly journals Respecting the GDPR in Online Interviewed Focus Groups

2021 ◽  
Vol 4 (2) ◽  
Author(s):  
Carolina Goberna Caride
Keyword(s):  
Focus Groups ◽  
Data Protection ◽  
Personal Data ◽  
Security Measures ◽  
National Data ◽  
Legal Requirements ◽  
Legal Reason ◽  
Social Distancing ◽  
Research Procedure ◽  
Group Interviews

Since March 2020 the Corona virus has limited personal encounters due to social distancing measures. Thus, many data collection techniques relying on face-to-face interaction, like interviews or Focus Groups (FG), are now being practised in online environments. Such change requires the implementation of innovative measures to comply with Regulation EU 2016/679 (GDPR) and obey national data protection laws. Processing personal data of voluntary participants has to have a lawful ground and a clear purpose behind it. Moreover, the researcher has to respect legal requirements and principles for processing personal data, provide the participants with information about the research procedure and apply security measures to avoid risks to the rights and freedoms of individuals. This process has to apply to any interaction mediated by Web-Conferencing Systems (WCS). The purpose of this paper is to describe the legal requirements for conducting online interviews or FG under social distancing conditions. The project of reference for the application of these requirements is the EU Horizon2020 HELIOS project consisting of the development of a decentralised social media platform. Lay summary At universities or in industry researchers can interview people personally to test, for instance, the use of a specific technology. The objective is to collect data for future improvements. In 2020 people all over the world found themselves in a pandemic. The Covid-19 limited social meetings with beloved ones and also restricted the work of scientific researchers. Individual or group interviews could not take place in presence. Thus, a solution was seen in online conferencing platforms such as Zoom. Modifying the space and the way in which an interview takes place poses some legal challenges regarding data protection. Such conversations with individuals always have to apply European and national data protection laws. Among other things, this means that there needs to be a specific legal reason to process personal data and a specific purpose behind the interview. Additionally, the researcher has to inform participants about all the legal terms, legal guarantees and research procedure. All this applies as well if online conferencing platforms are used. In this article, you can find a description of the necessary legal steps to develop online interviews with individuals or focus groups and fulfil European data protection requirements.

Sign in / Sign up

Export Citation Format

Share Document