Karolina Romanowska
Karolina Romanowska, adwokat, handles issues of data protection and employment law. She has experience adjusting HR documentation to the requirements of the General Data Protection Regulation for a number of leading companies from the sectors of logistics, food, sport, and financial services. She advises HR departments in negotiation of contracts involving processing of personal data. She also participates in corporate due diligence.
Responding appropriate to a data breach is one of the fundamental duties of data controllers under the EU’s General Data Protection Regulation (GDPR). But practice shows that complying with these duties often poses major problems for data controllers, including when the breach occurs in an employment context. These difficulties include in particular assessing:
- Whether a breach has occurred
- The risk associated with the breach
- What legal duties are imposed on the data controller in relation to the breach
- What measures should be implemented in connection with the breach.
For a recruiting employer, a candidate’s professional competence is crucial. Equally important, however, is sometimes the timing of starting work.
The start date is affected not only by the notice period for the candidate's current employment. In the case of candidates who are citizens of third countries (i.e., outside the European Economic Area or Switzerland), the need to legalize their stay and work in Poland matters.
The upcoming amendment to the Labour Code on remote work is expected to comprehensively regulate a number of issues and relationships between employer and employee, significantly changing the existing legal landscape for performing work from home. The amendment also touches on issues of processing of personal data.
A bill entitled the Act on Specific Solutions Facilitating Business Operations During the COVID-19 Epidemic has been filed with the Sejm. It would allow employers in Poland to demand information from employees about COVID-19 test results, having undergone a COVID-19 infection, or vaccination against COVID-19.
According to the proposal, an employer would be entitled to demand information from an employee or a person in a civil-law relationship (e.g. a contractor) to the effect that the person has obtained a negative COVID-19 test within 48 hours before submission of the information.
