Daten. Leben.

3 golden work & data protection rules for the home office – especially for employers

Up to now, there has been no explicit legal obligation to offer working from home to all employees - and there is no such obligation at present either. However, there is a Corona Occupational Health and Safety Order in Germany, which is valid until mid-March for the time being, and this clearly states that the employer must offer an option of working from home if there are no compelling operational reasons to the contrary. In other words, this is a duty in light format, which, by the way, is supplemented by the employer's duty of care (keyword: infection protection in the company). What does this mean in concrete terms?
 

  1. Don't wait, but actively offer.
    It is not your employees who have to ask you for a work-at-home option, but you have to actively offer it, if possible, and, among other things, clarify and implement all data protection requirements in the company. Your employees do not have to accept the offer and conversely cannot sue for a claim. BUT: If an occupational health and safety authority or the accident insurance company is informed that no offer has been made, sanctions can be imposed - ranging from a fine to (temporary) closure of the company.
     
  2. Document everything.  
    Both your work-at-home offers and, if applicable, your reasons for refusal. If one reason is, for example, that the IT required for this is not available or that the acquisition of numerous laptops etc. is unreasonable, you are, however, required to quickly remove this barrier. You must then check, for example, whether private devices could also be used via VPN access or remote access.
     
  3. Make everyone aware. Data protection is important.
    You should not only focus on digital data security, but also on data protection in the private environment. The employer is and remains the responsible entity within the meaning of Art. 4 No. 7 GDPR. According to Art. 25 (2) of the GDPR, the employer must ensure that appropriate data protection measures are taken. This includes both technical and organizational measures. This does not mean that employees do not have to act just as responsibly at all times. And not only when it comes to digital data security, but also when it comes to everyday data protection.
     

Every one of us wants his or her data to be treated confidentially. You should keep this in mind when you write down your name, phone number or the content of the conversation on a note during a phone call and then carelessly throw it in the wastebasket later. It should go without saying that printouts containing personal data or sensitive company information should not be left open on the desk after work is done - even in a private setting.

Just like in the office, this data belongs in special containers, so that it can finally be securely destroyed in accordance with the GDPR. Especially for this purpose the REISSWOLF Homeoffice. Box. has been developed. All confidential papers are collected in it. Once the box is full, it is closed with security tape, additionally sealed for verifiable access-free transport and finally the return label is applied and the box is handed in at a DHL branch/packing station. An individual barcode can be assigned to the box and a certificate of secure document destruction can be sent to the company as proof of documentation. In this way, employers can optimally secure the work of their employees with personal data, even in the office at home. Because data protection in the individual workplace at home is more than just a secure WLAN connection.

By the way, a recent study by the ifo Institute with the Universities of Munich and Mannheim in Germany from December 2020 shows that just 1% more working from home result in up to 8% lower infection rates. One more convincing argument, right?