Updated with guidelines from ANSPDCP and new statement from EDPB
Authors: Cristina Radu (associate), Alexandra Dunăreanu (associate), Georgiana Ghinescu (associate)
The activity of companies across all industries has undergone a number of changes as a result of COVID-19 outbreak on the territory of our country and not only. In this context, there is a need to implement measures aimed at avoiding or containing the spread of the virus, in particular with respect to ensuring the health and security of employees and collaborators. These measures may result in the carrying out of activities involving the processing of personal data, in particular of special category of personal data (such as health data).
The mission of the companies seems to be the more demanding, as they must also focus their attention on the compliance with the obligations that are incumbent upon them as data controllers in their relationships with employees or collaborators.
In order to help companies, we have prepared a summary of the opinions/guidelines issued by certain data protection authorities in other EU Member States, which also include the possibility of requesting employees to fill out questionnaires or checking the employees’ body temperature.
This information represents only a summary, therefore we encourage organizations to perform a complete analysis of the processing activity they envisage, before making a decision.