With many of us thrown in yet again to working from home it can be easy to forget the whole GDPR thing but it’s as important now as it has ever been. And I don’t know about you, but it is more likely now that mistakes will be made when juggling working from home, home schooling with live lessons if you’re a parent, lots of Zoom and Teams meetings and your other half or house mate walking round the house in their pyjamas.
So here are a few tips to help you stay compliant whilst working from home…
Read and follow your organisation’s rules properly
Your organisation really should have a Working at Home (WAH) policy and procedures that include GDPR. If your workplace does not have a policy in place, flag it up with them right now as not having one is a real business risk! If they do and you haven’t read it for a while, put the kettle on and get reading.
Using personal computer equipment
Your WAH policy should cover whether you can use your own personal devices at home for work purposes. It will hopefully include:
- Change the settings on laptops and other devices to lock your account when it is inactive.
- Turn off your screen when you leave your desk/bed/kitchen table to make a cuppa.
- Do not save documents to your laptop’s hard drive or unencrypted memory sticks when you have a work server you can save them to – even if it would make life easier.
- Do not let your laptop screen be seen from a window or from another device being used for online lessons or other online meetings.
If households are sharing a laptop or computer, consider how to keep your work secure – can you have a separate login for each person? And never leave USB sticks in the computer when others are using it.
- Obscure your background or check what is behind you before you have online meetings. You do not want everyone to see your whiteboard full of sensitive data.
- Make sure nothing confidential is visible to other family members who are near or sharing your workspace.
- If you have people in the room while you are in an online meeting, wear headphones so at least people in the room will not hear what the other person is saying.
- When offline make sure paperwork is not left out over night or if you leave the house.
- For confidential conversations, make sure you are on your own when having these conversations either on or offline whilst at home, especially if it relates to personnel issues.
Recycling isn’t always the way to go
If you do not have a shredder at home, and many of us don’t, be careful what you put in your recycling or general waste bin. Make sure that confidential waste is disposed of securely and if you cannot do this, keep it in a secure place at home until you can take it into the office.
Mixing personal and work data
This is not a good idea. If you work from a cloud, make sure that you are not downloading and saving documents onto your personal computer and then saving them later back to the cloud – chances are you will forget to delete the version on your computer. By doing this you are putting yourself at risk of a data breach should anything happen to your device ie, you lose it or it gets hacked.
And lastly, learn from my lesson – my daughter’s school asked that we take photos of children holding up their completed schoolwork. I only realised at the very last minute that in the background of the photo I’d taken was an open email on my laptop from a client.
Following the rules allows you to get on with your work with piece of mind. GDPR is nothing to be scared of. Comply and enjoy!