Remote working

Measures to control and prevent the spread of COVID-19 means more people will be working remotely. 

For remote working to be successful, it is important that organisations have effective records management and data protection policies in place to ensure that personal data remain accurate, up to date and secure and with organisations knowing where and with whom their records are held.  

To ensure that businesses can run effectively, without additional risk during the pandemic, and to be able to return to normal as quickly as possible once the crisis is over, staff must understand the need to adhere to such policies.

Where necessary your policies and procedures should include:-

Cloud and Network Access

Standalone systems



Paper Records

The controller (in most cases the employer) remains responsible for ensuring that appropriate measures continue to be in place to ensure the security of any personal data being processed.

If there are personal data breaches, or losses of personal data, the controller is, and remains, liable. Those liabilities cannot be waived, even by requiring staff to sign a form.

Helpful guidance on secure home working is available from the UK’s National Cyber Security Centre, and can be found at: