"In the context of the health crisis linked to the coronavirus, particularly in the perspective of a "deconfinement" phase, individuals and professionals are wondering about the measures to be implemented in order to limit the spread of the virus and ensure safety, the resumption of activity, as well as the conditions under which personal data, in particular health data, may be used. The CNIL recalls certain principles."
These principles are:
• The security obligation
• Reminder on the processing of data relating to health and the scope of the GDPR
• Update on certain practices
- Temperature readings at the entrance to the premises
- Carrying out serological tests and questionnaires on the state of health
- Business continuity plans or "BCPs"
- The reorganization of work, in particular via software solutions (update of September 23, 2020)
• Requests and recommendations from health authorities
More information on the principles is available on the CNIL's website. Click here to access the guidance.