Expert Advice Community

Guest

Work from home auditing

  Quote
Guest
Guest user Created:   Feb 23, 2023 Last commented:   Feb 24, 2023

Work from home auditing

If you would answer my question, please, referring to Teleworking and Mobile policies in ISO27001 document toolkit, how would you audit work from home considering their privacy?

0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Tudor Galos Feb 24, 2023

Organisations can audit their employees while they work from home, but the auditing should take into consideration a balance between employees’ right to privacy and the organisations’ legitimate needs to protect their digital assets from unauthorized exposure. On one hand, companies should evaluate the risks that are coming with a work-from-home or hybrid work environment: data theft, data losses, data unauthorized exposure, lack of efficient control mechanisms, and access from unsecured hardware. On the other hand, companies should evaluate whether the level of employee monitoring at home – logon/logoff times, navigation history, activity time, etc are justified in order to address the abovementioned risks. Companies must demonstrate adherence to the principle of data minimization, from Article 5 GDPR - Principles relating to the processing of personal data - that requires data controllers to make sure that the minimum amount of personal data is processed in order to achieve a processing purpose.

We highly recommend performing a Data Protection Impact Assessment (DPIA) before implementing technologies and policies/procedures to monitor employees that work from home.

Please find more details at these links:

Tudor Galos
Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Feb 23, 2023

Feb 24, 2023

Suggested Topics

Guest user Created:   Mar 24, 2022 EU GDPR
Replies: 1
0 0

Privacy policy on my homepage