Skip to main content

We are working to bring Devices, IT services and applications back as quickly and safely as possible. Some services are unavailable at the moment. Read about how to restore your device safely.

Data protection

Data protection law does not stand in the way of providing healthcare and the management of public health issues.

However, any measures taken must be necessary and proportionate. There are important considerations to take into account when handling personal and health data. Data processing to help prevent the spread of COVID-19 must ensure health and personal data are kept secure.

The identity of an affected staff member should not be disclosed. This includes to their colleagues or to third parties. This can only be done where there is a clear justification to do so. As with all data processing, only the minimum necessary amount of data should be processed to prevent the spread of COVID-19.

Contact your local data protection officer if you have any queries or concerns around data processing and protection

Protecting personal data when working remotely

Measures to control and prevent the spread of COVID-19 will involve more people working away from their usual office environment.

See guidance from Data Protection Commission on implementing measures to prevent the spread of COVID-19.

Paper records:

  • Paper-based files containing personal information of clients should not be taken home unless it’s absolutely necessary. If your manager has carried out the required risk assessment and decided it’s necessary for you to have such files at home, then you will need to take extra care to ensure that all information is kept private and secure.
  • You can do this by keeping them locked in a filing cabinet or drawer when not in use and making sure they are not left somewhere where they could be stolen or misplaced.
  • Please ensure that any paper-based files containing information on clients are not stored in a laptop bag when at home as many burglaries target electronic equipment such as laptops and phones and a laptop bag is a prime target for a burglar.


  • Please do not share patient information on personal email (non HSE) or WhatsApp.
  • Follow normal HSE ICT policies and procedures around the use of email.They continue to apply when working from home and you should only use HSE computers and devices with the appropriate security features built-in.
  • Use your HSE work email accounts rather than personal ones for work-related emails involving personal data.
  • Be careful not to send sensitive information to personal e-mail addresses which are not always secure.
  • Before sending an email, ensure you’re sending it to the correct recipient.

The Data Protection Commission has issued some tips to keep personal data safe when working away from the office.

If you have any queries or concerns in this regard contact your local data protection officer.

Related topic

Data Protection Office advice for remote workers

Using WhatsApp

Page last reviewed: 23/03/2020
Next review due: 23/03/2023