Are you compliant with the new guidelines regarding employees’ personal data?

In October this year, the Swedish Data Protection Authority (DPA) issued new guidelines on how employers can and should process personal data in order to comply with the applicable data protection legislation.

The guidance provides, inter alia, information on what applies to recruitment systems, sensitive personal data as well as follow-ups on performance, camera surveillance, and other surveillance of employees.

Important for you as an employer to keep in mind include:

  • That you need to have determined how long data can be stored and have routines for sorting out data.
  • That as a main rule it is forbidden to process sensitive data, such as data regarding an employee’s health.
  • That employees are usually in a position of dependence in relation to you as an employer and therefore generally cannot give their consent to processing of personal data.
  • That logging is often perceived as privacy sensitive.

If you want more information on how you can best manage your role as an employer based on the above, you are most welcome to contact Sofia Persson.