Sat, Mar
59 New Articles

Covid – 19 and Data Protection

Covid – 19 and Data Protection

  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

In the light of the pandemic of COVID – 19, controllers are processing different types of personal data in their reasonable effort to prevent the spread of COVID-19. Such processing must comply with the Serbian Law on Personal Data Protection (“LPDP”).

Every processing should be following data protection principles, including the current atypical processing of personal data caused by the pandemic.

To provide a safe working environment and to protect the health of employees, we are of the opinion that the employers may process personal data of employees related to:

  • their travel history (whether and when the employee visited countries considered to be at risk; whether the employee was in contact with anyone who has visited those countries recently);
  • their health data related to the presence of symptoms of COVID – 19.

The employers are not allowed to perform medical checks, but only to process employees’ personal data that is adequate, relevant and limited to what is necessary to obtain a safe working environment and prevent the spreading of COVID-19.

The employers may reveal personal data of potentially infected employees/s within the organisation to prevent spreading COVID – 19 within the organization and in the community.

Legal grounds on which controllers may rely for the processing of data not considered as health data is processing that is necessary in order to protect the vital interest of the data subjects or another natural person (Article 12 Paragraph 1 item 4 of the LPDP) as well as legal obligation of the employer to obtain safe working environment (Article 12 Paragraph 1 item 3 of the LPDP). The latter is further provided in Article 80 of Serbian Labour Law and Article 11 of Serbian Law on Safety and Security at Work.

As per the health-related data, the acceptable legal ground for processing may be that processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices, on the basis of the law which provides for suitable and specific measures to safeguard the rights and freedoms of the data subject, in particular professional secrecy. (Article 17 Paragraph 2 item 9 of the LPDP).

Various European Supervisory Authorities issued guidelines on this topic in the past days and these guidelines provide for similar interpretations of the applicable data protection regulations (please find some of the links below).





By Ivan Milosevic, Partner, JPM Jankovic Popovic Mitic

Serbia Knowledge Partner

Who we are

Karanovic & Partners is a regional legal practice in Southeast Europe with tradition spanning two decades and cooperating offices in Serbia, Croatia, Slovenia, Montenegro, Macedonia and Bosnia & Herzegovina. With more than 100 attorneys at law cooperating across the region, we take pride in our work, dedication and understanding of our clients' industries and needs.

What we do

We work with some of the most respected and reputable businesses in the world, banks, as well as governments, state-owned entities, startups and NGOs. We see our clients as long-term partners.

We focus on straightforward solutions and tailor-made advice. Lawyers cooperating with us are fully immersed in our clients’ culture and industry to ensure that the work is delivered intelligently and reliably.

What sets us apart?

In our company culture, excellence is a must. We are reliable, adaptive and fast.

Karanovic & Partners operates under the “one team” principle, combining our regional reach and local know-how to deliver coordinated legal advice necessary for achieving our clients’ goals.

All News about, and Legal Analysis by, Karanovic & Partners can be found here.

Firm's website: https://www.karanovicpartners.com/


Our Latest Issue