The ICO has announced today that it has updated its regulatory approach during COVID-19, which it first published on 15 April 2020 (you can read our summary here). 

The ICO has maintained the same approach as it announced previously, but has made small additions, such as the ability for the ICO to conduct audits remotely. 

In April 2020 the ICO stated it had stood down its audit work, in light of the economic impact on organisations and that travel and contact restrictions were in force. The ICO has now stated it will undertake some risk based audits on an offsite basis, acknowledging the travel and contact restrictions that remain in force. 

The ICO acknowledges that the focus for many organisations over the next few months is rebuilding their businesses, and stresses that information rights should be considered in those rebuilding and recovery plans. 

The ICO has stated it will continue to support organisations by offering guidance on the data protection challenges created by the pandemic, as well as providing broader support via its website and advice services. 

In May 2020, the ICO also set out its priorities during and after COVID-19. You can read our summary of the key points here