A number of issues have arisen on this subject with regard to how measures may be taken to prevent and mitigate the virus in compliance with the provisions of the GDPR, since the hazardous nature of the pandemic and the speed with which it has developed require rapid measures and the processing of personal data which, in a normal situation, would not be necessary.
On 16 March, the Chair of the EDPB made a statement on the protection of personal data in the current context(1). According to Andrea Jelinek, the GDPR does not hinder measures taken in the fight against the virus which involve the processing of personal data, and even provides for the processing of data in situations such as the one we are currently going through, but it must still be complied with.
For more information, please download the respective file in the right column.
PROCEEDING OF PERSONAL DATA IN THE EMPLOYMENT CONTEXT: LAWFULNESS
PUBLIC INTEREST AND VITAL INTEREST
CNPD: SUSPENSION OF TIME LIMITS
REMOTE WORKING, CONFIDENTIALITY AND SECURITY MEASURES
PROCEEDING OF LOCATION DATA