Telework and data protection monitoring

Employee monitoring

At present, teleworking telework is the prevailing modality in most companies for the development of their professional activities. This is forcing companies to implement control methods (monitoring). The current situation on teleworking as well as the fulfillment of the Regulation of data protection, will be what we will submit to analysis today.

Starting point

Although this type of work is not new, it was imposed by force in many companies by COVID-19, without the COVID-19, without the possibility of implementing a process of adaptation for the company and the worker and establishing conditions adapted to this modality.

Where are we?

After several months it has been possible to analyze the situation and teleworking has become a work modality of the future, so much so that the specific regulation is already on the verge of seeing the light of day.

Preliminary draft law on teleworking

The draft bill on telework will establish how to carry out this type of work, as well as the conditions necessary for it to be developed, the obligations of employers and employees, as well as the rights of workers, well known as digital rights in the workplace.

We remind you that any telework agreement must include the following points:

General conditions:

duration, schedule, vacations, leaves of absence.

Economic conditions:

remuneration, technical and technological equipment expenses, ownership and maintenance of digital devices, insurance, costs related to occupational risk prevention.

Digital labor rights:

digital disconnection, right to personal and family privacy, video recording and geolocation.

Specific conditions:

work organization, communications.

Control of labor activity:

control tools used to verify compliance with the functions attributed to the workers, including the labor registry and any other that may be considered pertinent, as long as it respects the family and personal privacy of the workers.

These control measures must be communicated to all workers.

Telework monitoring

Many are the doubts that our customers in Valencia tell us about how telework monitoring affects digital rights in the workplace.

It should be clarified that in addition to digital labor rights, there are also rights of the employer to verify compliance with the functions assigned to each employee.

This statement could have as a legal basis, Article 20.3 of the Royal Legislative Decree 2/2015, of October 23, which approves the revised text of the Law of the Statute of Workers in which the company could adopt the necessary control measures, (could be face-to-face or not, personal or digital) and thereby supervise the fulfillment of the functions and obligations of the Staff, always ensuring their dignity.

And one of these facets of control assumed by the company, could be the monitoring of telework and have an analysis of productivity.

Data Protection and Telework

Before addressing what is stated in our Data Protection Law (LOPD-GDD), it is useful to mention the European Framework Agreement on Telework, approved in July 2002 by the European Council, in collaboration with certain social sectors.

This Framework Agreement regulates the definition and scope of teleworking, its voluntary nature, employment conditions, data protection, privacy, equipment, health and safety, work organization, training, and collective rights, as well as its implementation and monitoring.

There is no doubt that this European Framework Agreement served as the basis for the drafting of Article 87 of the LOPDGDD, which establishes the digital right of workers to the protection of their privacy in the use of digital devices made available to them by the employer .

However, the exercise of this right owned by the employee, allows the employer to access the contents derived from the use of digital media provided to workers, (assets) for the sole purpose of controlling the fulfillment of their labor obligations and ensuring the integrity of corporate information and such assets, when these are provided by the company.

Information security

In this regard, the integrity of the information could be exposed if the employee downloads applications not authorized by the company, do not install corporate software updates or disable antivirus, firewall, etc..

When it comes to ensuring the integrity of corporate assets, it could be, for example, the installation of geolocation systems to locate equipment in the event of loss or theft.

If the employer authorizes the employee to use corporate assets for private purposes, it will be necessary to agree on a schedule for personal use and restrictions on the use made in this area of privacy, and it is essential that a user other than the professional user is created on the PC for private use in order to minimize security risks.

Another different circumstance is the use by the employee of a personal device for work purposes; here the limitations of intrusion by the employer are greater, since it must be agreed with the employee how his or her work will be monitored.

In any case, the latter is not advisable, since for a personal device to be used for work purposes, it must first be checked that it has the security elements that the company has established for the treatment of its information, since the information is a crucial value for the company.

Cybersecurity and cyber-attacks are becoming more and more frequent and it is necessary to train employees and implement the necessary security measures according to the information system being processed.

Data Protection Regulations must be complied with.

Taking into account the provisions of the European Data Protection Regulation(RGPD), the Data Protection Act (LOPD-GDD) and the various Instructions of the Spanish Data Protection Agency(AEPD), the employer must draw up an:

Telework and Labor Mobility Policy

This policy will define the corporate commitment for this modality of work, as well as the security measures that will be implemented to guarantee the security, confidentiality and integrity of the data and information in general.

This telework policy will include an assessment to analyze the proportionality between the benefits of remote access and the potential impact of compromised access to corporate information.

Telework Guide for workers

The teleworking policy should be made known to employees, recommending that it be in a simple format to be understood and applied by workers, so Business Adapter data protection ®, recommends developing a Teleworking Guide for employees.

We help you to implement Telework in your company.

If your company wants to comply with data protection regulations, implementing teleworking or labor mobility, so frequent in commercial staff for example, with total guarantee, contact us. Expert Data Protection Company in Valencia / LOPD in Valencia.

 

Ask for information without obligation at 96 131 88 04, at info@businessadapter.es or we will contact you:

[vc_row][vc_column]







    Email


    He leído y Acepto mediante marcación de esta casilla esta Política de Privacidad.

    [/vc_column][/vc_row]

     

    Contact us, we will be pleased to help you.
    error: Content is protected !!