Topic: Data privacy and GDPR

Subscribe to Data privacy and GDPR RSS feed

Essential guidance for employers on COVID-19 measures at the workplace from 26 April 2022

Photo of Wilson AngPhoto of Jeremy LuaPhoto of Wang Chen YanBy Wilson Ang, Jeremy Lua and Wang Chen Yan on Posted in Asia Pacific, Coronavirus, Data privacy and GDPR, Singapore
As Singapore takes its next step towards living with COVID-19, the Ministry of Manpower (“MOM”), the Singapore National Employers Federation (SNEF) and the National Trades Union Congress (NTUC) (collectively, the “Tripartite Partners”) have issued a revised set of guidelines for employers on the COVID-19 measures to be implemented at the workplace applicable from 26 April … Continue reading

Employee data compliance: Data minimization and deletion obligation

Photo of Frank WeberndörferPhoto of Claudia PosluschnyBy Frank Weberndörfer and Claudia Posluschny on Posted in Data privacy and GDPR, Europe, General, Germany
To avoid fines, the lawful processing of employee data must respect the principle regarding data retention. Employers are obliged to erase data that is no longer required, in particular regarding the publication of employee profiles or data processed in connection with COVID-19. A recent decision (Neuruppin Labor Court, December 14, 2021 – ref. 2 Ca … Continue reading

What to expect in employment law in Germany in 2022

Photo of Frank WeberndörferPhoto of Claudia PosluschnyBy Frank Weberndörfer and Claudia Posluschny on Posted in Contracts, Coronavirus, Data privacy and GDPR, Europe, General, Germany, Whistleblowing
Legal innovations Amended regulations apply to this year’s works council elections taking place from March 1 to May 31, 2022. Pursuant to Section 24 (2) of the Election Regulations of October 8, 2021 (BGBl. I 4640/2021), HR departments are required to provide, in addition to the typical employee data used to draw up the electoral … Continue reading

Essential guidance for employers on COVID-19 measures at the workplace from 1 January 2022 (including recent updated measures announced on 27 December 2021)

Photo of Wilson AngPhoto of Jessica PaulinPhoto of Jeremy LuaPhoto of Parry TanBy Wilson Ang, Jessica Paulin, Jeremy Lua and Parry Tan on Posted in Asia Pacific, Coronavirus, Data privacy and GDPR
Glass office building with sky and other towers in its reflectionAs part of Singapore’s move towards living with COVID-19 as an endemic disease, the country has been making efforts to re-open its economy. In order to facilitate the safe re-opening of the economy, the Ministry of Manpower (“MOM”) and the Tripartite Alliance for Fair and Progressive Employment Practices (“TAFEP”) have collectively issued guidance for employers … Continue reading

Stricter rules on compensation for data protection violations?

Photo of Frank WeberndörferPhoto of Claudia PosluschnyBy Frank Weberndörfer and Claudia Posluschny on Posted in Contracts, Data privacy and GDPR, Europe, Germany
The correct handling of personal data requires special care by employers. The German Federal Labour Court (BAG, 26.08.2021 – 8 AZR 253/20 (A)) has referred essential questions to the European Court of Justice (ECJ) for clarification. The BAG’s decision, which, if confirmed by the ECJ, could now tighten the standard of due diligence and increase … Continue reading

Stricter COVID-19 rules at German workplaces

Photo of Frank WeberndörferPhoto of Claudia PosluschnyBy Frank Weberndörfer and Claudia Posluschny on Posted in Coronavirus, Data privacy and GDPR, Europe, Germany
In Germany the “Epidemic Situation of National Significance” ends on November 25, 2021.  As a result, the German legislature has amended several COVID-19 related laws, such as the German Infection Protection Act (Infektionsschutzgesetz – IfSG), in order to continue certain protective measures. The amended regulations (BT-Drs. 20/15 and BT-Drs. 20/78) aim to provide for a … Continue reading

Can employers require their employees to get the Covid-19 vaccine?

Photo of Charlotte EmmersonBy Charlotte Emmerson on Posted in Coronavirus, Data privacy and GDPR, UK
With the announcement that one of the Covid-19 vaccines has received approval from the UK regulator, employers are now asking whether they can insist that employees are vaccinated before returning to the workplace. There are clearly legal and moral issues that need to be considered. Firstly, the anticipated Covid-19 vaccination programme in the UK will … Continue reading

Testing employees for COVID-19, self-isolation and sick pay

Photo of Amanda Sanders (UK)By Amanda Sanders (UK) on Posted in Coronavirus, Data privacy and GDPR, UK
On 10 September the Department of Health and Social Care published guidance for employers on the legal obligations and matters that they need to consider if planning to introduce their own testing for COVID-19. With current infection rates increasing this is ever more important for employers to help protect business continuity. In addition, employers need … Continue reading

Vicarious Liability – the UK Supreme Court hands down two important decisions.

Photo of Amanda Sanders (UK)By Amanda Sanders (UK) on Posted in Data privacy and GDPR, UK
The Supreme Court has now delivered its judgements on two important cases involving the concept of vicarious liability. In both it has upheld the appeals holding that the employer was not vicariously liable. The first case is WM Morrison Supermarkets plc v Various Claimants.  The case concerned a data breach by a disgruntled employee of … Continue reading

Covert monitoring in the workplace – impact on an employee’s privacy

Photo of Amanda Sanders (UK)By Amanda Sanders (UK) on Posted in Data privacy and GDPR, Europe, UK
The Grand Chamber of the European Court of Human Rights (ECHR) has held that Spanish shop workers’ right to privacy under Article 8(1) of the European Convention on Human Rights was not violated when their employer obtained evidence of theft from covert CCTV footage of the employees. The case involved five employees who worked as … Continue reading

New EU rules for protection of whistleblowers

Photo of Cornelia MarquardtBy Cornelia Marquardt on Posted in Contracts, Data privacy and GDPR, Europe, Whistleblowing
On 7 October 2019, the EU Council formally adopted the new Whistleblowing Directive that will guarantee whistleblowers EU-wide standards of protection. The Directive obliges both public and private organisations and authorities to set up secure reporting channels, so that whistleblowers can report violations of EU law as safely as possible. Member States have two years … Continue reading

Facilitating HR Management: Electronic medical certificates

Photo of Cornelia MarquardtBy Cornelia Marquardt on Posted in Contracts, Data privacy and GDPR, Discrimination and harassment, Europe, Germany
As part of the “Third Bureaucracy Relief Act” the German government intends to introduce an electronic submission procedure for medical certificates regarding the incapacity of employees. More than 80 million of such certificates are issued every year by doctors in Germany. Replacing extensive documentation and record-keeping duties will allow medium-sized companies in particular to reduce … Continue reading

Control or trust: Legal claim to home office?

Photo of Cornelia MarquardtBy Cornelia Marquardt on Posted in Contracts, Data privacy and GDPR, Germany
Digitization and  technological advances are accelerating the flexibility of working conditions leading to a changed understanding of leadership. A key topic of debate is the “home office” which is currently used by approximately 12 per cent of employees in Germany for all or part of their working time. On this topic, the German government is … Continue reading

Vicarious liability in the data breach context – bad news for UK employers

Photo of Amanda Sanders (UK)Photo of Catrina Smith (UK)By Amanda Sanders (UK) and Catrina Smith (UK) on Posted in Data privacy and GDPR, General, UK
The Court of Appeal has upheld a decision of the High Court holding that an employer can be vicariously liable for data breaches caused by the actions of an employee, even where the employee’s actions were specifically intended to harm the employer. This decision is significant as it means a company can be held liable … Continue reading

ICO updates its subject access Code of Practice

Photo of Amanda Sanders (UK)By Amanda Sanders (UK) on Posted in Data privacy and GDPR, Europe, UK
The Information Commissioner’s Office in the UK (ICO) has updated its Subject Access Code of Practice (the Code) which deals with requests from individuals for personal information. The amendments are mainly to reflect the Court of Appeal’s decisions in the recent cases of Dawson-Damer and others v Taylor Wessing LLP [2017] EWCA Civ 74 and … Continue reading

Norton Rose Fulbright’s online guide to global employment law is now available

Photo of Sally WoodwardPhoto of Joanna MacKenzieBy Sally Woodward and Joanna MacKenzie on Posted in Asia Pacific, Contracts, Data privacy and GDPR, Europe, Latin America, Middle East, North America, South Africa, Uncategorized, United States, Whistleblowing
More and more organisations are growing their global footprint and need to move their people around the world. In this global environment, it is essential to know, understand and comply with employment and labour laws in place across all of the jurisdictions in which organisations engage people. This will help to protect business from unnecessary … Continue reading

Employment Law and Financial Institutions

Photo of Stefanie RadinaBy Stefanie Radina on Posted in Data privacy and GDPR, Europe, Germany, Whistleblowing
In the financial sector, in addition to individual employment contracts, working conditions can be subject to various industry related statutes and regulations, collective bargaining agreements and works agreements. Laws and regulations As a reaction to the global financial crisis, the participants of the 2008 G20 summit in Washington, including Germany, agreed on the establishment and … Continue reading

Use of social media in France: Employee’s rights and obligations

Global Workplace InsiderPhoto of François GuillonBy Elodie Grangier and François Guillon on Posted in Contracts, Data privacy and GDPR, Europe, France
The impact of the use of social media in the workplace has regularly given rise to controversies and debates as how this subject is to be handled by a company’s management. The current state of employment law is still not entirely settled in this respect. It is however possible to provide some guidance on the … Continue reading

Data protection and employment law update (Italy)

Photo of Attilio PavoneBy Attilio Pavone on Posted in Data privacy and GDPR, Europe, Italy
The Italian Data Protection Authority (IDPA) is increasingly faced with issues relating to the ways employers may monitor the Internet usage of its employees. In 2016, the Authority handed down two important decisions on this topic. In the first decision, the IDPA stated that an Italian University (the University of Chieti and Pescara) was acting … Continue reading

Misclassification of Workers under the Fair Workplaces, Better Jobs Act, 2017 (Bill 148)

Photo of John MastorasBy John Mastoras on Posted in Canada, Data privacy and GDPR
On May 23, 2017, the Ontario Government released The Changing Workplaces Review: An Agenda for Workplace Rights Final Report.  The report reviewed numerous aspects of our workforce and the legislation that applies to it.  A portion of the report included a statistic that found a significant increase in the number of individuals that are self-employed … Continue reading

Monitoring an Employee’s use of the internet

Photo of Amanda Sanders (UK)By Amanda Sanders (UK) on Posted in Data privacy and GDPR, Europe, UK
The European Court of Human Rights (ECHR) has held that an employee’s right to respect for private life and correspondence is not breached where an employer monitors the employee’s personal communications at work, subject to reasonableness and proportionality. Whilst this has caused a large amount of media interest in the UK, employers should be aware … Continue reading
LexBlog