Protecting data - data protection in the home office

The fact that working in the home office is not only becoming more and more important in the current situation, but has already become part of a new work culture has been proven by statistics for quite some time. According to Statista, as early as 2019 almost 40 percent of employees were working entirely or partially from home. We can probably all imagine what the statistics look like in these extraordinary times, and many employees and the companies themselves are grateful for the opportunity to continue working in a protected work environment.

The advantages of a home office/workstation at home are obvious. The employee no longer has to travel to and from the office, thus saving time and costs. The productivity level increases, since there is no distraction from other colleagues or from the general hubbub in an open-plan office. The home office therefore promotes concentrated and productive working..

However, working from home also brings some risks with it. In particular with regard to data protection and data security. The rules and regulations of the GDPR are still valid in the home office where personal data are concerned.

When the subject of data processing and data protection in the home office arises, the question of responsibility comes up again and again. Who is responsible for what and who is liable in the case of a claim? The GDPR is really quite clear about who is responsible for how personal data are handled. The responsibility lies with the person who determines the purpose of the data processing and how the data are processed. In an employment relationship, this is the employer. The employer is therefore responsible. The same applies to the liability. Since the employer, i.e. the company, is responsible for upholding data protection and data security, he/it is also liable. The employee has no external liability.

It must not be possible, at any time, for unauthorized third parties to see personal data. This is particularly important in the home office. Family members and relatives also count as unauthorized persons. In particular, if no separate and preferably lockable office is available at home, there is a particular danger that print-outs containing personal data can be viewed by others and this would therefore constitute a breach in the protection obligation for these documents.

Leaving documents lying around is not the only thing which contravenes the data protection regulations – incorrect disposal of the documents by putting them into the normal household rubbish opens up a big gap regarding data protection. The documents can namely be seen and read at any time by anybody and everybody. Tearing up the documents is also not data protection compliant, since it is child’s play to reconstruct the torn-up document.

To ensure that personal data and documents are protected and the protection obligation is upheld, the data and the documents must be destroyed in compliance with the GDPR. To this end, each employee who works with personal data in a home office or in a mobile capacity should be given a GDPR compliant document shredder.

For document shredders which are used in the home office, some of the requirements are understandably different to those for shredders used in a large open-plan office, for instance. This is, above all, the size requirement of the document shredder -  but the noise level also plays an important role in the home office. The machine should be compact and require as little space as possible. A document shredder must also be as quiet as possible in the home office. The most important criterium which a document shredder in the home office has to fulfil is GDPR compliancy. It is vital for guaranteeing data protection in the home office.

HSM has a wide range of document shredders which fulfil the particular requirements for the home office perfectly.