Have you noticed, as privacy pros, that our issues continue to be an important aspect of dealing with the ongoing pandemic?

At my firm, we’ve been working a lot lately on helping clients in various sectors deal with the privacy issues related to rules that ensure the people who enter their premises are, with certain exceptions, vaccinated against COVID-19. 

For example, the Treasury Board issued a policy requiring government institutions to ensure the federal public service is fully vaccinated. Those unable to be vaccinated will be accommodated; those unwilling will face consequences. This necessarily involves collecting proof of vaccination and, in some cases, some other sensitive personal information. This has never been required before, so we are breaking new ground with these initiatives.

This past week, we did some urgent work on a privacy impact assessment for one of our clients abiding by the Treasury Board policy. I think doing a PIA was a really good thing in this instance because it allowed us to look into some of the details as to exactly what information is needed, how it’s collected, transmitted and stored, who will have access and whether it all needs to be retained for periods of time.

In the private sector, this is also an issue for many of the organizations we’re working with, coming up with policies and procedures to try and make sure their workforce is as safe as possible. While there is no requirement to do PIAs in the private sector (yet, at least), it’s good to see many of our clients reaching out for help to try and get this done properly.

There was a joint statement from privacy regulators on the implementation of vaccine passports back in May, and it’s good to see some of the important issues, concerns and principles highlighted in that document. One thing that’s missing, though, is some additional, up-to-date and practical privacy guidance on all this. I understand the pace at which some of these things are coming together is very fast, but most of us on the ground have to operationalize these requirements and our clients, who are trying to navigate all this, want to do their best to avoid unnecessary problems.

What are your organizations doing when it comes to proof of vaccine? I’d love to hear your experience, so read up on this week’s news and then drop me a quick line. 

Have a great weekend!