COVID-19 has affected the way we work, live and play. Whilst some people may have worked from home pre-pandemic, it’s clear that as a global workforce, far more of us are now working remotely than ever before. Ensuring that the handling and storage of information and equipment remains a top priority for remote workers. Many newly remote workers will not have had to deal with the handling and storing of data outside the office.

Many organisations have never really been set up for remote working, however, they have been fast-tracked into unfamiliar territory and need to ensure that remote working works well.

Working remotely presents confidentiality breach risks that are different from working from ‘the office’. For example, most organisations will have strong firewall protection to identify and eliminate rogue scam emails, but this technology may not be available for remote workers.

Companies need to ensure that additional provisions are in place to prevent data breaches and to protect the employees and the business. The Privacy Act 1988 places obligations on those who handle personal information, and these rules and obligations remain in place whether you work from the office or from home.

Top tips for employees working remotely:

• Make sure you know your organisations procedures, policies, and guidance. Don’t just assume that you will work in the same way as you have always done.
• Do not opt for convenience and void using personal emails to send company information.
• Use the technology that has been approved for work use. All hardware and software you are using belongs to the company, so work and use it in the same way as you would in the office.
• Keep confidentiality at the forefront of your mind. Just because you are in your home environment working do not forget that the rules relating to handling data remain as stringent as ever. When holding conversations with colleagues or clients make sure you maintain confidentiality and position your workspace away from those you share a home with.
• Printing is important but consider whether it is essential. Do you really need to print out company information? The more paperwork you have at home the more chance that you could breach confidentiality and storage rules. Follow the guidance of your organisation relating to paper documents and if you do have documents at home store them and dispose of them securely.
• Be vigilant. Carefully assess external links that are sent to you via email or in the form of attachments before opening. If an email looks suspicious then flag it to your manager.
• Online payments. Do not assume that all requests for payment are genuine. There have been recent cases of payments being requested and made to forged accounts.
• Secure communication. Use the facilities for communication provided to you by your company. If you need to share sensitive information or attachments then think of using password protection for an additional layer of security.

With larger numbers of employees working from home, organisations need to ensure that their policies and procedures are updated and reflect the new ways of working. New policies may be required to protect information, stakeholders, and the company.

Top tips for companies with a remote workforce:

• • Revise and update your policies relating to remote employees.
  • Make sure employees know who to contact if they have IT emergencies or queries.
  • Reinforce the importance of confidentiality and data handling whilst working from home.
  • Train employees on best practice and confidentiality, reminding them about using secure company email accounts and not working off the network.
  • Consider using additional security software on home equipment that will flag up suspicious communication.
  • Make sure there are additional security steps to be taken for anyone dealing with payments and finances.
  • Where possible, think about multi-factor authentication for remote access to internal networks and systems.
  • Update employees and managers regularly so that any breaches of data protection are minimised and managed appropriately.
  • High-value or critical data that includes financials should be preserved securely.
  • Foster an organisational culture where employees are aware of their security and privacy obligations.

Organisations that comply with the Privacy Act will need to disclose to clients, suppliers and stakeholders instances of where their data has been disclosed or accessed so as to cause harm. They will also have to notify the Australian Information and Privacy Commissioner of any data breaches.

Organisations need to be increasingly adaptable and flexible, but this should not come at the cost of data confidentiality and management. The combination of trust, technology, and teamwork, and some common sense is what will ensure the company and its employees can maintain confidentiality when working remotely.