These are challenging times that took us all by surprise. For the safety and well-being of everyone, employees are required to work remotely. Controllers must ensure that all the security measures, both technical and organisational, are in place to safeguard their IT infrastructures and systems.

Don’t lower your guard! There are virtual criminals out there waiting to exploit vulnerabilities that might have been unintentionally created as a result of rushed decisions. Personal data must still be protected and the GDPR remains fully applicable.

There is no moratorium from any of the requirements incumbent on controllers, including but not limited to, the obligation to notify our Office with personal data breaches that are likely to result in a risk to the rights and freedoms of data subjects.

Article by Ian Deguara, on 3rd June 2020