News

The Information Commissioner’s Office (ICO) has published a statement on data protection and the coronavirus (COVID-19). It recognises that public bodies and health practitioners must be able to communicate directly with people when dealing with this type of health emergency and that they may require additional collection and sharing of personal data to protect against serious threats to public health. It makes clear that data protection and electronic communication laws do not stop public health messages being sent to people by the government, the NHS or health professionals, either by phone, text or email, as these messages are not direct marketing. It also states that, regarding compliance with data protection, it will take into account the compelling public interest in the current health emergency. In addition, it confirms that it can continue to offer advice to organisations through its helpline (0303 123 1113) to make sure the law around data protection and direct marketing is clear. Finally, it has provided some useful FAQs, including:

  • During the pandemic, we are worried that our data protection practices might not meet our usual standard or our response to information rights requests will be longer. Will the ICO take regulatory action against us?
  • More of our staff will be homeworking during the pandemic. What kind of security measures should my organisation have in place for homeworking during this period?
  • Can I tell my staff that a colleague may have potentially contracted COVID-19?
  • Can I collect health data in relation to COVID-19 about employees or from visitors to my organisation? What about health information ahead of a conference, or an event?
  • Can I share employees’ health information to authorities for public health purposes?

Source: New feed