As lockdown restrictions start to ease and businesses begin to reopen, the ICO has set out some key steps organisations need to take around the use of personal information when returning to work.

The six key data protection steps are:

  1. Only collect and use what's necessary
  2. Keep it to a minimum
  3. Be clear, open and honest with staff about their data
  4. Treat people fairly
  5. Keep people's information secure
  6. Staff must be able to exercise their information rights

Further information can be found on the ICO website . 

Most importantly, the GDPR does not prevent organisations asking employees whether they are experiencing any coronavirus (COVID-19) symptoms or introducing appropriate testing, but it does require you to be responsible with people's personal data and ensure it is handled with care.  

Originally published 22 June 2020.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.