The GDPR: Can your organisation monitor employees’ personal communications?
Author: Luke Irwin published 27th September 2017 ( Luke Irwin
Luke Irwin is a writer for IT Governance. He has a master’s degree in Critical Theory and Cultural Studies, specialising in aesthetics and technology.)
Plné znění článku najdete na adrese: : http://tinyurl.com/yaw6z6hm
Cituji z textu:
"On 5 September, the highest body of the European Court of Human Rights (ECHR) restricted employers’ power to monitor the private messages of their employees. The ruling overturns a lower court’s decision to back an organisation that sacked one of its employees for using an instant messaging app for personal reasons.
- So what’s allowed?
The ECHR’s ruling doesn’t ban workplace monitoring altogether, but it sets very clear guidelines on the extent to how and when monitoring is allowed and organisations’ requirements for doing so....
As private communication meets the definition of personal data (as described in Article 4 of the GDPR), organisations must prove that they have a lawful ground to collect and monitor this information.
- Keeping it legal
Organisations’ monitoring policies should form part of their information security management system (ISMS), the best practice for which is described in ISO 27001....
- GDPR training
Although you probably have a team preparing your organisation for the GDPR, everyone in your organisation who handles personal data also needs to know their obligations...."