Does Working from Home Affect Data Protection?
Over the past few weeks many of us have had to work from home and although we have the technology to be able to do so we must consider both the equipment and the process that we are using.
You may be using your personal laptop or computer, but does it have the same level of security as the computer you use in the office.
The security measures within your office environment may include network firewalls or personal firewalls and it maybe that none of these are available to you within your home environment, which could leave data vulnerable and less secure.
Your new working conditions may present a few challenges, when it comes to data protection – how do you ensure that the personal data you are accessing continues to stay safe and secure?
Information security must therefore be a top priority during this time. The last thing you need while managing this situation is to suffer a data breach.
How to Ensure you Continue to Comply with Data Protection Regulations While You are Working from Home
As an employee working remotely, it is your responsibility to follow the processes and procedures that your organisation has put in place to ensure that data protection protocols and safeguards continue to be upheld.
1. Don’t Change the Process
Follow the same processes and procedures as you would if you were in your normal office environment. You should treat the data you collect and handle it in the same way as normal. However, you may have to take further precautions when working from home.
Lock your device if you are leaving it unattended, this will help keep data confidential. This should be done regardless of who is the house with you.
If you are saving files and you have network access you should use the designated drive or system. Keeping documents on your hard drive could mean they are less secure.
2. Make sure your security software, such as firewalls and antivirus software, are up to date.
A firewall acts as a barrier, it makes it harder for anyone to gain access and therefore helps to keep the information on your device secure. If your device is fitted with security software, you must not disable it and it must be kept up to date.
Anti-virus software on your device will protect your device from malware, such as viruses, worms and Trojans. The software will detect and prevent malware from downloading. If viruses do reach your device, it will be removed before it can damage or steal your data.
3. Set secure passwords.
The laptop / computer that you are using at home should be protected by a strong password.
What is a strong password?
Strong passwords are those that are a combination of at least 10 lower and uppercase letters, numbers and symbols. You must never use the same password for more than one account or write them down.
Files that hold sensitive data should also be protected with a separate password and use two-factor authentication where available.
What it Two-factor authentication (2FA)? This means that an additional piece of information as well as the password is required in order to gain access to the data. 2FA is simply an extra layer of security. As the user you will enter your user name and password, then instead of immediately gaining access you will be required to provide another piece of information such as providing the answer to a pre organised question
When working from home another way to safeguard your data is to encrypt the hard drive of your computer or laptop. Encryption is the process through which data and information is converted into code to prevent unauthorised access.
5. Keep hard copies safe
Never leave hard copies lying around or open to view. When protecting personal data, you must always consider any information which is in hard copy. You may still be handling letters or other information you printed out or took home to use while working from home. If you can, keep them in a locked drawer.
It is incredibly important that you continue to follow the procedures that have been put in place to ensure that the data you have access to is handled and stored safely.
If in doubt think about how you would like your personal data to be treated. If you ever need to ask the question ‘can I do this?’ then stop and ask for advice before you go forward.
If you need any further information on what and how you should be doing at this time, then please ask.
- Privacy policies for Children
- Safe Harbor Certification
- The Importance of Safe Harbor Certification
- Privacy Breach
- NHS care.data delayed - updated
- CASL - Canadian Anti Spam Legislation
- Changes to Safe Harbor certification
- Facebook Instant Personalization
- Safe Harbor vs Binding Corporate Rules
- Safe Harbor 2.0
- GDPR - General Data Protection Regulation
- Difference between GDPR and ePrivacy regulation
- What are Standard Contractual Clauses?
- Privacy Shield Vs Standard Contractual Clauses
- Data Protection for the Social Housing Sector
- Does Working from Home Affect Data Protection?