Introduction to Resource Center
This page provides an overview of the IAPP's Resource Center offerings.

Contact Resource Center
For any Resource Center related inquiries, please reach out to resourcecenter@iapp.org.



COVID-19 Testing and Health Monitoring

Resource Center / Infographics / COVID-19 Testing and Health Monitoring

COVID-19 Testing and Health Monitoring

This resource outlines the privacy-related questions surrounding COVID-19 testing and health monitoring.

Published: April 2020

View Infographic (PDF)

This resource outlines the privacy-related questions surrounding COVID-19 testing and health monitoring. The IAPP additionally published this supplementary article on COVID-19 testing and health monitoring.

As economies reopen, the scope and scale of health data collection, use and sharing will only increase. Employers and businesses are conducting testing, temperature checks and health screenings. This data collection raises novel privacy issues because of its scale, the non-traditional methods and reasons for its collection, and the benefits and risks to sharing the data widely. If you are collecting or controlling this data, these are questions worth asking.

Privacy Questions: COVID-19 Testing and Health Monitoring

Context

  • Where is the testing or health monitoring being conducted?
  • Who is conducting the testing or health monitoring?
  • What is the purpose of the testing or health monitoring (and is it mandated by government authorities or employers)?

Use Limitations

  • Have you limited access to the data?
  • Do your policies limit use of the data to the purposes of collection?
  • Do you have rules for sharing test results internally, specifically or anonymously?
  • Do you have rules for sharing the data with third parties?

Security

  • Is the data anonymized, aggregated, deidentified and/or encrypted?
  • Are there stringent security measures and confidentiality policies in place?
  • Is the data stored securely, separately and with access controls?

Legal Requirements

  • What privacy or data protection laws apply?
  • Are there applicable exceptions or COVID-19- specific guidelines from authorities?
  • Do anti-discrimination laws apply to the data collection, use or sharing?

Data Minimization

  • Is data recorded, stored or shared necessary for the intended purposes?
  • Is certain data retention mandated by law or otherwise necessary (including for the immediate purpose, contact tracing or insurance)?
  • Do you have a data deletion schedule?

Transparency

  • What information are you sharing about your COVID-19-specific data processing?
  • Do individuals understand your data use, sharing and retention policies?
View Infographic (PDF)

Tags: Health Care, Employee Privacy, Location Privacy, Personal Privacy, Privacy Law, Privacy Operations Management
Related Stories