coronavirus

On March 14, 2020, the Italian Government and several trade unions have signed a protocol, which establishes specific procedures for fighting COVID-19 in the workplace.

The protocol also includes provisions on the processing of personal data of employees.  In particular, it provides that employers may subject their employees to pro-active body temperature controls before

On March 13, 2020, the Belgian data protection authority (“APD”) issued guidance on data protection and COVID-19. The guidance is mainly aimed at employers processing personal data of employees in the context of the measures they have taken to contain the spreading of COVID-19.

The guidance is divided in the following three parts:

  • legal basis for processing data;
  • other data protection principles; and
  • frequently asked questions about the processing of employee health data by employers.

Continue Reading Belgian Supervisory Authority Issues Guidance on Data Protection and Coronavirus

On March 10, 2020, the Hungarian National Authority for Data Protection and Freedom of Information (“NAIH”) issued guidance on data protection and COVID-19. The NAIH highlights that controllers processing personal data in the context of their efforts to prevent the spread of COVID-19 must comply with the GDPR as well as Hungarian data protection law. The guidance applies to public and private organisations, their employees and contractors, as well as other third parties (e.g. clients, visitors). The NAIH emphasises that any kind of data processing under the current circumstances has to adhere to the principles of the GDPR, especially that of accountability.
Continue Reading Hungarian Supervisory Authority Issues Guidance on Data Protection and Coronavirus

On March 12, 2020, the Spanish Supervisor Authority (“AEDP”) issued a statement and a report on data protection and COVID-19. The AEPD highlights that controllers processing personal data in the context of their effort to prevent COVID-19 must comply with the GDPR, the Spanish Data Protection Law and the Spanish sectorial health laws. However, the AEPD underlines that these laws do not stand in the way of addressing the challenges posed by the COVID-19 epidemic.
Continue Reading Spanish Supervisory Authority Issues Statement on Data Protection and Coronavirus

On March 10, 2020, the Norwegian Supervisory Authority (“Datatilsynet”) issued guidance on the processing of personal data in the context of the corona virus (“COVID-19”) crisis (see here, in Norwegian).

Datatilsynet stressed that the GDPR allows the processing of special categories of data (e.g., health data) if the processing is necessary for