The Gibraltar Regulatory Authority has issued helpful guidance on data protection considerations for the use of video conferencing applications (VCAs).
- Consider the implications of VCAs and their compliance with data protection laws to choose the one best suited to your organization’s needs.
- Establish appropriate technical and organizational security measures to protect personal data when using VCAs.
- Establish data protection policies where proportionate.
- Consider transparency and fairness when using VCAs, particularly if monitoring staff.
- Ensure staff are appropriately educated and trained so policies are effectively implemented, and staff are aware of the dangers of unexpected invitations and links.
- Protect calls with strong passwords.
- Consider using VCA tools and security features to ensure VCA sessions are secure and data protection compliant.
- Be wary when screen sharing to ensure open documents, browser windows or desktop backgrounds are not visible.
- Use the latest software versions of VCAs and take greater care when confidentiality is crucial.