France: national data privacy body re-iterates the principles over the collection of personal data by employers in the context of measures to prevent the spread of Covid-19

With the national lockdown easing process commencing, companies are multiplying measures to limit the spread of the coronavirus and ensure the safe resumption of activity. Some of these measures rely on personal data, and in particular on health related data, which by definition are sensitive. It is in this context that the authority in charge of personal data protection, the CNIL, published a note on 07 May that reiterates the framework and principles for a prevention policy that also complies with GDPR. It provides a framework for the use of temperature-taking and screening measures in relation to data protection.

Through . Published on 12 May 2020 à 11h18 - Update on 12 May 2020 à 16h52

GDPR compliant security requirements. As part of the Labor Code’s security requirements for employers they may ‘remind employees, who are working in contact with others, of their individual obligations to provide information feedback in cases of contamination or suspected contamination, either to the employer or to the health authorities’ and they should also ‘to facilitate information feedback by setting up, if necessary, dedicated and secure information channels’ (available here in French).…

Need more info ?

Contact

mind's on-demand study service

  • This field is for validation purposes and should be left unchanged.