Introduction
COVID-19 (the coronavirus) continues to impact the global and local community, all the staff of Dr Werner and Partner have been monitoring the situation of the COVID-19 and implementing different measures to make sure that we are all staying safe.
As a Company, the main goal is to protect your own people and to continue business as usual with no serious disruptions to client service levels. To this effect the Business Continuity Plan (BCP) is a very important document.
The BCP is not to be seen as other Policies and Procedures. It is aimed at ensuring, in the case of an interruption to its systems and procedures, the preservation of essential data and functions, and, where that is not possible, the timely recovery of such data and functions.
Remote Working measures shall ensure the smooth running of the day-to-day operational activities whilst continuing to provide esteemed clients business as usual with minimal disruption. In the current environment, the health and safety of everyone is a shared responsibility and one that us to be taken very seriously.
Remote Working Policies
Certain contingencies must be in place to ensure continuity of work.
TIP: We suggest that together with the Business Continuity Plan, your Company also implements a Remote Working Policy.
An Employee Remote Working policy should outline a Company’s guidelines for employees who work from a location other than their offices.
To ensure that employee performance will not suffer in remote work arrangements, remote employees are advised to:
- Choose a quiet and distraction-free working space;
- Have an internet connection that’s adequate for their job;
- Dedicate their full attention to their job duties during working hours;
- Team members and managers should determine long-term and short-term goals;
- There should be frequent online meetings to discuss progress and results.
Occupational Health and Safety
The employer is responsible for the protection of occupational health and safety of the remote workers in accordance with Council Directive about ‘the introduction of measures to encourage improvement in the health and safety of workers at work’ (Directive 89/391/EC) and relevant directives, national legislation, namely the Occupational Health and Safety Authority Act, and collective agreements.
Given the very limited control over the remote worker’s physical movement and activity whilst engaged in remote working, the employer’s health and safety responsibility in respect of the remote worker is limited only to the specific place wherein the Employee will be working from.
Remote Working in line with the GDPR
Companies should abide by the GDPR to prevent data breaches and enhance data security. The main purpose of the GDPR is to protect personal information and reduce the number of data breaches by allowing more control over personal and sensitive data. Putting a remote working policy in place is essential for managing a remote team and keeping the data secure.
Remote working may impose huge risks for a Company if data is lost or damaged. Remote working is a very practical example of how easy it is to breach the GDPR. In order to minimize such risks, Companies are to adopt remote working policies as part of their business continuity measures so as to ensure that business is done as usual and data is safeguarded accordingly.
For this reason, as a remote worker it is important to keep the equipment password protected. Remote working does not mean that you can work from whichever location you choose. It is important to have a dedicated workspace whereby the data on your equipment can be protected, the same way it is protected when you are at the office, or even better. In this regard it is also important to follow all data encryption, protection standards and settings, and refrain from downloading suspicious, unauthorized or illegal software.
When adopting remote working policies, Companies are to make sure that remote employees are prohibited from using public Wi-Fi. Why?
It is NOT completely safe to connect to a public Wi-Fi, especially when using office equipment and software which contain important data and information. Hackers can easily fetch personal data by doing a Man in the middle Attack (MITM). In a MITM attack the hackers access packets of data which will be transmitting between a device and the public hotspot.
For every processing of personal data there needs to be a compliance process which complies with the GDPR. If you are interested to know more, contact us on gdprcompliance@drwerner.com.
Conclusion
The most important thing is that you Stay Safe and that you make sure to protect your own people and to continue business as usual with no serious disruptions to client service levels.
In Malta, we might see force majeure as being farfetched however, COVID-19 is a concern for many people around the world, and not only because of its medical implications but also of the legal implications thereof. At Dr Werner and Partner, we adopted remote working measures and thus we are putting our Business Continuity Plan into practice. Should you need any further information or guidelines on how to draft and implement effective Policies and Procedures, contact us on info@drwerner.com.
