In Greece, while there isn't a single, comprehensive law dedicated to remote work (telework), recent legislation and existing regulations provide a framework. Law 4808/2021 (New Labour Law) specifically regulates telework, outlining types of telework arrangements, employer obligations, and employee rights. This is a significant development for remote work in Greece. As Greece is part of the EU, the General Data Protection Regulation (GDPR) applies, dictating how employers handle employee data in a remote work setting.

Legal Landscape

Law 4808/2021 (New Labour Law)

Article 67 of this law specifically regulates telework, outlining types of telework arrangements, employer obligations, and employee rights. This is a significant development for remote work in Greece.

General Data Protection Regulation (GDPR)

As Greece is part of the EU, the GDPR applies, dictating how employers handle employee data in a remote work setting.

Ministerial Resolution 98490/03-12-2021

This resolution specifies employer obligations regarding compensation for expenses incurred by teleworkers, such as internet costs and equipment maintenance.

Technological Infrastructure Requirements

For successful remote work implementation, employers in Greece should consider the following technological infrastructure:

Secure Remote Access

Providing secure remote access to company systems and data is crucial. This could involve Virtual Private Networks (VPNs) and multi-factor authentication protocols.

Reliable Internet Connectivity

While internet access in Greece is improving, ensuring employees have reliable and secure connections is essential for uninterrupted work. This might involve subsidizing internet costs or establishing partnerships with internet service providers.

Communication and Collaboration Tools

Cloud-based communication and collaboration platforms enable effective communication between remote teams. These tools can include video conferencing software, instant messaging applications, and project management solutions.

Equipment

The New Labour Law doesn't mandate employers to provide equipment for telework. However, some employers might offer equipment or reimbursements as part of a telework agreement.

Cybersecurity Awareness

Investing in cybersecurity training for employees can significantly enhance data security in a remote work environment.

Employer Responsibilities

The New Labour Law establishes clear employer responsibilities regarding telework:

Written Agreement

A formal written agreement between the employer and employee outlining the terms of the telework arrangement is mandatory.

Data Security

Employers have a responsibility to implement appropriate data security measures to protect sensitive information entrusted to remote workers (as mandated by GDPR).

Right to Disconnect

The New Labour Law acknowledges the right to disconnect for teleworkers, meaning employees can refuse to answer work emails or calls outside of agreed-upon working hours.

Compensation for Expenses

Employers might be required to compensate teleworkers for a portion of expenses incurred due to remote work, such as internet costs and equipment maintenance (as outlined in Ministerial Resolution 98490/03-12-2021).

Training

Providing training on telework policies and best practices for both employers and employees can foster a smooth transition and successful remote work environment.

Performance Management

Employers should establish clear performance expectations and effective performance management processes for remote workers.

Flexible work arrangements are becoming increasingly popular and are recognized in various forms.

Part-Time Work

Part-time work allows employees to work a reduced number of hours per week compared to a standard full-time position. The terms are typically defined in the employment contract, outlining working hours, pro-rated compensation based on full-time salary, and benefits eligibility. The Greek Labour Code dictates general employment rights, which apply to part-time workers as well.

Flexitime

Flexitime allows employees some flexibility in scheduling their work hours within a set timeframe. For instance, an employee might work core hours in the office (e.g., 10:00 am - 4:00 pm) and have the flexibility to adjust their start and end times within predefined limits. The Working Time Act outlines minimum working hour requirements and overtime pay regulations, which remain applicable under flexitime arrangements.

Job Sharing

Job sharing is another form of flexible work arrangement where two or more people share the responsibilities of a single full-time position. Each job sharer would have a defined set of hours and responsibilities outlined in a shared employment contract. There are no specific legal regulations governing job sharing, but general contract law principles apply.

Equipment and Expense Reimbursements

While there's no legal obligation for employers in Greece to provide equipment or reimburse expenses incurred by workers under flexible work arrangements, some employers might offer these benefits:

Equipment

The New Labour Law doesn't mandate employers to provide equipment for flexible work. However, employers may choose to provide laptops, headsets, or other necessary equipment. If so, the terms of equipment provision and employee responsibility for the equipment should be clearly outlined in a written agreement.

Expenses

Employers might offer reimbursements for expenses like internet connectivity or increased electricity usage due to flexible work. A clear expense reimbursement policy outlining eligible expenses, claim procedures, and any applicable limits would be beneficial for both employers and employees.

In Greece, data protection for remote workers is governed by a combination of EU regulations and national legislation. The General Data Protection Regulation (GDPR) applies as Greece is part of the EU. This regulation dictates core principles for data processing, including transparency, accountability, and lawful processing. It influences how employers handle employee data in a remote work setting. The New Labour Law (Ν. 4808/2021) doesn't directly address data protection, but it acknowledges the processing of employee data inherent in telework arrangements.

Additional Considerations

The Hellenic Data Protection Authority (HDPA) is an independent authority that issues guidelines and recommendations on data protection best practices, including those relevant to telework. The data protection regulations are constantly evolving, so employers should stay updated on any emerging regulations or HDPA guidance related to telework.

Employer Obligations

Employers in Greece have specific responsibilities regarding data protection for remote employees. They must identify a lawful basis for processing employee data under GDPR regulations, such as contractual necessity or employee consent. They should collect and process only the minimum amount of employee data necessary for work purposes. Employers must implement appropriate data security measures to protect sensitive information entrusted to remote workers. This might involve encryption, access controls using strong passwords and multi-factor authentication, and secure remote access protocols like VPNs.

Employers should provide clear information to remote employees about the type of data collected, the purpose of processing, their data protection rights, and proper data handling procedures. They should also train employees on data security best practices to minimize risks associated with phishing attempts or improper data handling. In the event of a data breach, employers must notify the HDPA and affected individuals within the stipulated timeframes as outlined by GDPR.

Employee Rights

Even in a remote work environment, employees retain certain rights regarding their personal information under GDPR. Employees have the right to access their personal data held by the employer and request corrections if necessary. Under certain circumstances, employees can request the deletion of their personal data.

Best Practices for Securing Data

Both employers and employees can take proactive steps to minimize data security risks in a remote work environment. They should limit the amount of personal and company data shared electronically with remote workers. "Need-to-know" principles should be applied. Encrypted communication tools should be utilized for sensitive information exchange. Employees should be educated on identifying and avoiding phishing attempts designed to steal login credentials or sensitive data. Remote workers should be encouraged to regularly back up important data to a secure location. This can help mitigate the impact of ransomware attacks. Clear channels should be established for employees to report any suspicious activity or potential data breaches.