For most businesses, flexible working includes working remotely. Working remotely or working from home requires a plan to ensure privacy obligations continue to be met.
COVID-19 has created unprecedented working situations, with many employees being required to work from home at short notice. This article sets out some simple practices that you and your employees can implement at home, to ensure privacy standards are maintained.
Separation is key
If possible, your living space and workspace should be kept separate. Aside from your physical environment, this may include having a separate computer or laptop for work.
In a situation where physically meeting clients is not possible, it is important to have a space in your home where you can discuss matters with your clients privately and confidentially. Provided you are using a private space, options for confidential discussions may include Skype, Zoom or the telephone. Zoom’s new password function is a welcome addition.
Files and documents
All business and client files and documents should be kept secure, both physically and electronically. Documents should not be taken into your living space, left in your car or left near windows where they may be visible.
Confidential documents or documents containing individuals’ personal information should not be thrown in the rubbish or recycling where they could be accessible to others. Documents should be shredded before being disposed of. We suggest keeping a separate wastepaper box for work documents which can be taken to the office for disposal, after the lockdown, in accordance with your business’s practices.
There are several security issues that need to be addressed when working on a computer from home. Most businesses will have implemented security measures already. These may include using security programmes, antivirus software and passwords; two-factor password authentication should also be considered by businesses if possible.
Some simple steps you can take at home include never leaving your computer “logged on” and ensuring you update programmes and back up regularly. You need to be extra vigilant when sending passwords and confidential documents electronically. We recommend turning off “autocompletion” in Outlook to reduce the risk of sending an email to the wrong person.
If you are concerned that your business’ or clients’ privacy may have been breached, notify your business’ Privacy Officer (or appointed person) immediately. They can then notify your business’ insurer and any other relevant body, such as the New Zealand Privacy Commissioner.
If you, or your business, has any questions about the issues raised in this article, please contact one of our Insurance Team
Wynn Williams is a member of SCG Legal, a global network of more than 110 independent law firms with both legal and public policy practices serving businesses in all 50 U.S. state capital cities and the District of Columbia, as well as capital cities and major commercial centers in more than 50 countries. SCG Legal has developed a COVID-19 Global Resource Center, which is focused on up-to-date legal and public policy developments from more than 25 different countries and most U.S. States. To access it, visit scglegal.com/coronavirus-resources.