With the return to the practice of remote working, from 19th November 2021 it has been Groundhog Day for many. Just as employees, business owners and organisations were adjusting to the gradual return to the office, and the emergence of a normal work routine, Covid 19 has thrown yet another curveball.

Responding to Government advice and attempts to slow the current surge of the pandemic, remote working has been enforced once again on many businesses and organisations.  It is now evident that the practice of remote working and, or a hybrid model will be with us for the foreseeable future. There is no time like the present for Data Controllers and Data Processors to consider the impacts of the EU GDPR upon the practice of remote working.  Protection of personal is enshrined in the principles of the EU GDPR. It is crucial that employers, organisations, employees and all who process personal information understand their legal obligations, which are particularly heightened by the process of remote working. Consideration should be given to the following checklist, for EU GDPR compliance and accountability.



  • Risk Assessment (Identify the risks which may threaten the security of personal information and detail how those risks have been eliminated)
  • Employee Training (Ensure that employees and all who process personal information are educated in the principles of EU GDPR).
  • Implement a written employee Remote Working Policy (Bespoke and tailored to your business and organisation and detailing employee legal obligations)
  • Ensure IT Infrastructure is robust and secure (critical that IT Stakeholders are involved in this process).
  • Data Breach Awareness and Reporting (Crucial that employees can identify a potential data breach and are aware of the data breach reporting process)

The above checklist is by no means exhaustive, for further support and guidance on the impacts of The EU GDPR and Remote Working please send an email to

Verified by MonsterInsights