Frank Slootweg wrote:
Chris wrote:
Carlos E.R. wrote:
On 18/09/2020 18.27, VanguardLH wrote:
Chris wrote:

Many employers don't allow employees to choose where to store files.

Did her school provide her with VPN access to their network?

No. They provide a web page with a login and tools, and they provide
Gmail for groups.

Then they could well be breaking GDPR rules. No "personal information"
should be stored on, nor sent via, unsecured mechanisms - personal info
includes students' details. Email is not a secure mechanism by any stretch
of the imagination.

In these times, the GDPR rules are broken left, right and center. At
least in our country (The Netherlands) the relevant authorities only
have time to handle the most severe infringements.

IME, things like work from home, remote education, etc., etc., would
not be possible without 'infringements'. IMO the impact of the Corona
virus overrules the importance of the GDPR.

Yep.

Case in point: The very people who work from home to do contact
tracing have to violate the GDPR in order to do their work. The IT
infrastucture has to be upscaled by order of magnitude and then security
and privacy suffer in favor of speed.

Disagree. It's not that difficult, but does require planning and desire to
do it properly. We do it he
1. every laptop is encrypted by default
2. all files are stored in a secure cloud
3. rules stipulate nothing personal should be sent via email - only shared
via the cloud
4. a VPN is available for all staff working remotely

Works well mostly.