Ireland’s Data Protection Commission has issued advice on protecting data privacy when using videoconferencing.

Organizations should:

  • Use contracted service providers for work-related communications. Ensure you are happy with the privacy and security features of the services you ask employees to use.
  • Ensure that employees use work accounts, email addresses, phone numbers, etc., where possible, for work-related videoconferencing.
  • Make sure that clear, understandable and up-to-date organizational policies and guidelines are provided to those using videoconferencing.
  • Implement, and/or advise employees to implement, appropriate security controls such as access controls (such as multi-factor authentication and strong unique passwords) and limit use and data sharing to what is necessary.
  • Where videoconferencing services need to be used for organizational reasons, have a consistent policy regarding which services are used and how, and offer through VPN or remote network access where possible.
  • Avoid sharing of company data, document locations or hyperlinks in any shared “chat” facility that may be public.

Read the full guidance from the Irish DPC.