Is a DPIA necessary for introducing remote work in the workplace?
ANSWER
It all depends on how remote work is implemented. Where remote work involves, for example, systematic monitoring of employees (e.g. to assess performance of employment duties), such a data protection impact assessment may be necessary. Regardless of the above, this form of remote work should be included in the risk analysis and, before its implementation, privacy by design and by default principles should be applied.


