Mon, Jun
46 New Articles

Hot Practice: Andras Gyorgy on SBGK's Data Protection Practice

Hot Practice: Andras Gyorgy on SBGK's Data Protection Practice

  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

SBGK’s busiest practice over the last few months has been Data Protection, according to Partner Andras Gyorgy, driven by both the COVID-19 pandemic and, more importantly, by fines for GDPR breaches raising awareness among companies.

Although GDPR has been around for a while, according to Gyorgy, some companies are struggling with it, and, he says, “we are now helping our clients better understand the rules.” For example, he says, he has worked on "many legitimate interest assessment cases where we needed to assess the nature of the data processing and determine if the measures implemented by our client are necessary and proportionate, and thus legitimately limit the fundamental rights and freedoms of the individual.” He explains that those assessments are most often tied to data processing in the workplace. “In one of them, a chain of fast food restaurants collected data on the reasons why employees decide to resign from work,” Gyorgy says. “In another, a company wanted to collect various kinds of information about its employees, so that it could meet their needs in a more efficient way.”

The team’s workload is supplemented by “many employers trying to implement different kinds of COVID-19-related health inspections.” Gyorgy points to a case involving a company that wanted to take its employees' temperatures, obtain PCR and antibody tests, and even launch a mobile platform to screen employees before they came to work.

SBGK’s work on such cases consisted primarily of providing analysis whether the intended measures complied with data protection regulation, and if not, what steps are needed to ensure compliance. Sometimes it also included representing a client before the Hungarian Data Protection Authority over alleged breaches of the law, Gyorgy reports.

“Overall, since the spring, about a third of our work has stemmed from pandemic-caused issues,” Gyorgy says, and he estimates that the remainder likely resulted from, “companies becoming more aware of the importance of GDPR, especially after the Hungarian Data Protection Authority began issuing fines for breaches of the regulation.”

Looking forward, Gyorgy says, “the pandemic-related cases will hopefully die down soon, but regardless of that we will keep busy well into the future.” His optimism, he says, is based not only on the current rise in cases. "Our clients appreciate the quality of our service, so they began referring new clients to us. It is difficult to predict what future will bring, but judging by our track record, this trend will keep on going even without pandemic-related cases.”