In recent news out of the Medetaranian, a Greek company that suspected one of its employees of embezzling money employed data retrieval and also employed video monitoring in the workplace to try and curtail the suspected illegal activity.
As it turns out they were right, as seen in the excerpt from the story below:
“The HDPA [Hellenic Data Protection Authority] considered that the employer had a legitimate right, in accordance with Article 6 (f) and recital 47 of the GDPR, pursuant to the controller’s interests to conduct a review of its records as there were reasonable suspicions of wrongdoing, which were confirmed by the audit.”
However, the company was still met with legal action from the wrongdoer for violating his data rights under the ground-breaking European privacy law, the General Data Protection Regulations, or GDPR:
“An employee of a maritime service provider filed a complaint before the HDPA claiming unlawful processing of his personal data, as well as unauthorised access and control of the company’s electronic communication systems. Specifically, the employer, which had justified suspicions that the complainant had committed criminal offences, specifically embezzlement (based on emails regarding money transfer and bank statement analysis), carried out an audit during the employee’s absence, which resulted in the recovery of electronic files deleted by the complainant. The complainant alleged that the company did not have privacy policies or policies regarding the management of infringement incidents and also argued that he had never been informed of his rights as a data subject.”
The company ended up inadvertently violating the embezzling employee’s right to know when he’s being recorded and his right to control how that video data is used.
The company was fined 15,000 Euros for the infraction.
“The company was found to have operated a video surveillance system without providing information on the exact time of its operation, the number and locations of cameras, how the recording material was recorded and processed, and also without documenting the legality of the processing. Furthermore, the HDPA had not been notified regarding the installation of this CCTV, as required under former Law 2472/1997. Concluding, the HDPA (in its decision 43/2019) imposed a fine of EUR 15,000.00 on the employer for unlawful operation of CCTV.”
Norris is up on all codes and best practices. Contact a life-safety and security expert from Norris today to keep your people safer and to create an audit trail. We’ll assess your situation, survey your site, design, engineer, install and service and maintain the perfect system for your needs.
What is Norris all about?
Norris, Inc.—a South Portland, Maine-based life-safety and security systems integrator with satellite offices in Bangor, Maine; Lee, New Hampshire; and Burlington, Vermont—was founded nearly 40 years ago by two brothers, Brad and Harty Norris. The brothers remain on the board of directors today and continue to help steer the enterprise toward its goal of advancing life-safety, security, and communications while striving to grow in its status as Northern New England’s leading systems integrator. Norris provides fully integrated life-safety and security solutions, comprising disparate systems including fire alarm, intrusion detection, access control, video surveillance, communications, and emergency notification and total systems integration via the Vigilance Systems Integration Engine and ENS. Want to become part of the Norris family? We’re hiring!