Employment Relationships

Question 1

True or False: Employers should always consider member state employment law when processing employee data?

Answer 1

True

Question 2

What are the legal basis for processing employee personal data?

Answer 2

1. Consent
2. Necessary to fulfill employment contract
3. Necessary for legal obligation, and
4. Necessary for employer legitimate interest

Question 3

True or False: Consent is a strong basis for lawful processing of employee personal data.

Answer 3

False, employee is unlikely to have freely given consent because they don’t really have a choice.

Question 4

True or False: Processing an employee’s personal data for tax authorities is a legal basis for processing such data?

Answer 4

True - necessary for a legal obligation

Question 5

True or False: An employer is allowed to use workplace monitoring if it meets certain conditions.

Answer 5

True, employer must ensure compliance with the following principles:

1. Necessity
2. Legitimacy
3. Proportionality
4. Transparency

Question 6

Define this concept: Transparency as applicable to employer processing of employee personal data.

Answer 6

Employer must clearly inform employees that monitoring will be carried out.

Transparency reminder: Fair/open communication

Question 7

Define this concept: Proportionality as applicable to employer processing of employee personal data.

Answer 7

Any monitoring that takes place must be proportionate to the issue the employer is dealing with.

Question 8

True or False. when monitoring amounts to a systematic and extensive evaluation of personal aspects of individual based on manual processing - a DPIA is required.

Answer 8

FALSE. DPIA is required for such processing when its based on AUTOMATED PROCESSING.

Question 9

True or False. When monitoring amounts to a systematic and extensive evaluation of personal aspects of individual based on automated processing - a DPIA is required.

Answer 9

True.

Question 10

True or False. a DPIA is a process that considers the privacy risks to individuals of any proposed data processing activity.

Answer 10

True.

Question 11

True or False. An employer is not required to have a lawful basis for monitoring employees.

Answer 11

False. Legitimacy requires lawful basis for monitoring.

Question 12

What are some examples of lawful basis for monitoring?

Answer 12

1. Monitoring internet usage to ensure no unlawful use of disclose information to outsiders
2. Ensure worker safety.
3. Investigating Employees
4. Improving Efficiency
5. Supporting Employees

Question 13

True or False. Employer processing on the legal basis of an employment contract has no exceptions.

Answer 13

False.

Question 14

What are the exceptions to legal basis for employee personal data processing based on employment contract?

Answer 14

1. Explicit Consent
2. Legal Claims
3. Controller required to process to carry out obligations and rights

Question 15

True or False. BYOD policies open the door to greater risks to data protections.

Answer 15

True.

Question 16

True or False. Employers should always consider alternatives to work place monitoring?

Answer 16

True.

Question 17

What is Sarbanes-Oxley?

Answer 17

Act that supports whistleblowing, allows anonymous reporting.

Question 18

True or False. EU law encourages anonymous reporting

Answer 18

False. strongly discouraged.

Question 19

What are some program requirements for whistleblowing schemes in the EU?

Answer 19

(a) maintain security/confidentiality of reports
(b) report should try to include identity, EU mindset is concerned with malicious reporting.
(c) delete report within a short period of time (3-6 months) if report cannot be proven.

Question 20

True or False. Whistleblower reports should be retained for a long period of time to prevent issues?

Answer 20

False - if unproven, delete quickly, within 3-6 months.