Many fronts are being opened warning about how the thermographic control systems that are being implemented are breaking the Data Protection Law (GPDR).

The temperature measurement is a private information and, as such, subject to the GPDR. The legitimacy of a previous acceptance by the workers to access job positions is being questioned, considering it as a forced acceptance.

Accessing a building with an automated thermographic control with security personnel performing second light checks and stenographers of all those who are accessing, may violate protection rights and may be considered disproportionate.

Once the first somewhat coarse attempts at massive thermographic controls of dubious effectiveness have been overcome, solutions are being suggested to take these aspects of privacy protection into account.

Some of these solutions are those that combine the use of facial recognition combined with thermographic detection, allowing proportionate management in each of the fields of action.

These systems use a facial biometric accreditation system that can be carried out by the same user from his mobile phone and which will be used to notify the citizen himself in case that a certain temperature control exceeds the temperature threshold. The reach of this notification can be adjusted depending on the context. We will analyze it for each of the stages of how a pandemics health control system should proceed.


Having who is generating a warning of possible high temperature through the facial recognition system, this information can be directed to the citizen himself who receives this notification and has instructions on how to proceed for a verification control. If we have health supervision, only an adequate profile can also receive this notification and carry out health monitoring. If necessary, we can locate said person in a proportional way and avoid the divulgation of this first control, which may have a reliability index not higher than 85% in the best case scenario.

A detection should place the person on a notification list for possible contagion that, until the patient is discharged or the diagnosis is ruled out, it should be treated with the utmost privacy, circumscribing it to the scope of sanitary control for this pandemic.


The verification process should be carried out in isolation, discreetly and by health personnel. The result of this verification must allow channeling the subsequent treatment based on a protocol for health action. Being able to trace the access of this person in different public areas will be a support measure for the health monitoring phase. Since the presence control system can use facial recognition with non-thermal imaging cameras, it is possible to trace the steps of a possible contagion.

Health monitoring

The access control data can be used to determine contact persons who have passed just before and after and who should be under control verification. Access to this information must be registered, protected and justified for the prevention of possible contagion.


When the person is discharged, or the contagion is ruled out thanks to a test and after preventive confinement, it will be necessary to update the monitoring situation and automatically generate notifications.

Immunity information

It will be relevant to maintain this information during the management of the pandemic because, either it has been confirmed or not, both the detection system and the health monitoring must use this information for future diagnoses.


The combination of non-contact biometric identification elements such as facial recognition and the use of remote identification systems with intelligent thermographic control systems can be one of the basic systems of management support for pandemic health control and prevention of contagion risks in the context to ease the lockdown.

Facial recognition systems will need to adapt quickly to be efficient enough to identify faces with the use of masks. The NIST organization itself is already planning evaluation phases of these systems in this context.

The main receiver of a high temperature notice must be the citizen himself, so establishing systems for direct notification to the mobile device should be the priority of a system that guarantees the right to information and privacy of sensitive data.

The sanitary control of a pandemic requires measures of prevention and protection of a society. Conciliating social protection opposed to individual protection requires information systems designed to protect information, restrict access to information and audit the entire system. Automating the diagnostic systems is a fundamental measure to minimize individualized treatment and massive monitoring by security personnel who should not have access to health information.