The rules haven’t changed in terms of data storage, confidentiality, and compliance. If anything, Covid has made it that much more important that GDPR is followed with so many people working remotely and data being shared virtually and over multiple networks. (https://www2.deloitte.com/ce/en/pages/about-deloitte/articles/how-to-make-your-business-more-resilient-against-data-protection-breaches-during-COVID-19.html)