15th August 2018

Fingerprint scanners are becoming commonplace in many workplaces to monitor staff attendance, calculate overtime and assist with the accounting practice for the business.

However, these devices MUST be considered when creating your businesses data protection policies and procedures.

Processing any personal data needs a lawful basis and Biometrics data falls under 'Special Category' data which means additional safeguards need to be in place.

If you are considering or already use biometric scanning you need to ask yourself and your provider the following questions.

1) Did we make provision in our data protection policies?

2) What is our legal basis for using it?

3) Who is the Data Controller and who is the Data Processor.

4) Is the data leaving the EU and if so does the receiving country have an 'adequacy decision' or if its the USA is it on the Privacy shield list?

There are other questions to ask, which should be covered in your data audit activity. Not having the right answer could have a devastating effect on your business, in terms of fines and adverse publicity from the Information Commissioners Office.

If you're unsure call Transition Law for FREE introductory legal advice.