With the national lockdown easing process commencing, companies are multiplying measures to limit the spread of the coronavirus and ensure the safe resumption of activity. Some of these measures rely on personal data, and in particular on health related data, which by definition are sensitive. It is in this context that the authority in charge of personal data protection, the CNIL, published a note on 07 May that reiterates the framework and principles for a prevention policy that also complies with GDPR. It provides a framework for the use of temperature-taking and screening measures in relation to data protection.
GDPR compliant security requirements. As part of the Labor Code’s security requirements for employers they may ‘remind employees, who are working in contact with others, of their individual obligations to provide information feedback in cases of contamination or suspected contamination, either to the employer or to the health authorities’ and they should also ‘to facilitate information feedback by setting up, if necessary, dedicated and secure information channels’ (available here in...
Do you have information to share with us?