Many companies are under immense economic pressure nowadays. They can no longer afford there to be any staff “idle time.” In order to avoid this, companies often record their staff’s data in real-time. This is usually done by means of targeted surveillance measures, such as the collection of location data. This, however, also gives companies access to the highly sensitive data of their staff. The consequences of this may be serious infringements of the privacy of those affected.
In several different industries, the insufficient protection of staff data by companies has repeatedly led to front-page stories. “Most recently, the food delivery companies were in the public eye,” says Janine Schleper from the University of Bremen, who works within the “Success through Employee Data Protection” (EduMiDa) project network. “Breaching of staff data protection is no longer a trivial issue. It is actually the case that according to the general data protection laws, companies face immense fines, which can go into the millions in particularly severe cases, should such breaches occur.”
However, many companies do not see the protection of staff data as a challenge but rather a strain. “That does not have to be the case,” states Janine Schleper confidently, “operation optimization and data protection can be bundled and be used together to create an advantage!”
EduMiDa: Data Protection Is Not the Problem but the Solution
That is exactly the focus of the EduMiDa project, in which Schleper and her colleague Matthias Kohn - both staff members at the Institute for Information, Health and Medical Law (IGMR), University of Bremen - contribute their legal expertise. “With EduMiDa, we have set ourselves the goal of not only solving the conflict between data protection and operation optimization but also transforming it into a competitive advantage,” says Kohn. Automated data protection metrics, which bundle staff data protection and data-based operation optimization in the best way and thus fulfill both the demands of the company and the staff, are being developed for this. “Thanks to practical applicability and transparency, both sides win in the end,” assures Kohn. Effective data protection is harmonized with economic capacity for action.
IGMR feeds varying legal foundations, which are currently available for person-related data, into the automated data protection metrics. “In a software, into which staff data is entered or which collects location data for example, it is then implemented that this data may not leave the EU,” states Janine Schleper as an example. “There are currently different laws and rules for different data protection scenarios. EduMiDa is to be a tool that reliably shows the companies that are using it whether data protection is being complied with or where improvements need to be made.”
The project partners from the University of Bremen are developing different case scenarios, for which they then determine the data protection foundations. “All involved parties - the employers who want to optimize their processes, as well as the staff - should use the project results at the end. And of course, the staff councils and data protection officers should be able to quickly see that everything is organized when it comes to data protection,” explains Matthias Kohn.
Interdisciplinary Research Team
With its expertise in the field of staff data protection law, the Institute for Information, Health and Medical Law at the University of Bremen is the legal partner in the research project. Additional project partners include the Fraunhofer Institute for Secure Information Technology (SIT) in Darmstadt as coordinator, the University of Münster, and p.l.i. Solutions GmbH from Gütersloh. The Federal Ministry of Education and Research (BMBF) is funding the project, which will run until March 2024, with around 1.5 million euros.
Further Information:
www.forschung-it-sicherheit-kommunikationssysteme.de/projekte/edumida
www.uni-bremen.de/en/igmr
www.uni-bremen.de/en/
Contact:
Janine Schleper
Research Assistant
Phone: +49 421 218-66143
Email: schleperprotect me ?!uni-bremenprotect me ?!.de
Matthias Kohn
Research Assistant
Phone: +49 421 218-66106
Email: kohnprotect me ?!uni-bremenprotect me ?!.de
Both from the Institute for Information, Health and Medical Law (IGMR)
Faculty of Law, University of Bremen