COVID-19 Guidance and Resources

COVID-19 Guidance and Resources

Below, access a collection of privacy news, resources, guidance and tools covering the COVID-19 global outbreak.

Screen Shot 2017-04-14 at 3.02.11 PMDPA Guidance on COVID-19
The IAPP has rounded up COVID-19 guidance published by data protection authorities to date. This guidance provides information and FAQ pertaining to data processing and COVID-19.

Screen Shot 2017-04-14 at 3.02.11 PM

The Privacy Advisor Podcast: What happens to data privacy in a pandemic
In this episode of The Privacy Advisor Podcast, Michelle De Mooy of DeMOOY Consulting and former director of privacy and data at the Center for Democracy and Technology, talks with host Angelique Carson, CIPP/US, about the data privacy concerns related to private-public entities partnering up to address the health crises COVID-19 has presented. 

Screen Shot 2017-04-14 at 3.02.11 PMIAPP Web Conference: COVID-19 Privacy and Security Issues
Original broadcast date: Tuesday, March 31, 2020

The COVID-19 pandemic has changed the world in ways unseen for a generation and at a pace that seems to be accelerating every day. Join us for this educational web conference to hear from legal and privacy operations leaders and government officials in the health care and employment field.

Screen Shot 2017-04-14 at 3.02.11 PMIAPP LinkedIn Live
IAPP President and CEO J. Trevor Hughes, CIPP, provides an update through LinkedInLive on IAPP operations and content offerings during the COVID-19 global outbreak.

IAPP News Coverage

Below, find a collection of IAPP news coverage surrounding the COVID-19 outbreak and its impact on the privacy industry.

IAPP offices go virtual: An update

Hello, everyone. The IAPP has taken the precautionary step in response to COVID-19 by having employees work virtually in order to prioritize everyone’s health and safety. To the greatest extent possible, it is business as usual at the IAPP. Operations will continue on a remote basis — we recognize that the work of privacy is ongoing, and we’re here for you. I wanted to provide some reminders and updates that I hope will address concerns you may have: IAPP trainings are available virtually. W... Read More

Pandemic incites concerns about data-sharing overreach

Proportionality — that’s the watchword companies need to adhere to in times of crisis. The challenge of the COVID-19 pandemic and concerted efforts to stop its spread have thrown data protection law into the global spotlight. With companies and authorities alike doing everything they can to stem the transmission of the disease, measures like checking recent travel histories, taking body temperature and tracking patients’ movements have come to seem acceptable. But many are asking, how far shoul... Read More

COVID-19 updates from EU, Ireland, Netherlands and US

As the COVID-19 pandemic continues, here are the latest stories on how the outbreak has affected privacy: The World Health Organization is advising those offering technological aid to combat COVID-19 to be mindful of privacy and human rights, Reuters reports. Euractiv reports the European Commission hopes to use COVID-19 to demonstrate the EU's open data policy and data use for the "common good." The U.S Department of Health and Human Services' Office for Civil Rights issued guidance on how... Read More

California attorney general's office: No delay on CCPA enforcement amid COVID-19

The COVID-19 pandemic has brought many things in life to a screeching halt. For many organizations, the outbreak has meant shuttering, limiting or digitalizing most, if not all, operations. Those types of transitions and subsequent hardships have led some in the privacy space to question whether it's right for California Attorney General Xavier Becerra to go forward with California Consumer Privacy Act enforcement July 1. A coalition of 35 advertising groups sent the attorney general a letter M... Read More

On balancing personal privacy with public interest

It's hard to imagine going through a day right now without thinking about COVID-19, the disease caused by the coronavirus. You likely already know the basic facts: It appears to have originated in Wuhan, Hubei Province, China; the disease can cause severe illness in people, including death, though, according to the U.S. Centers for Disease Control and Prevention, serious illness occurs in only 16% of cases; the disease is rapidly spreading around the world; and there's still a lot of unknowns su... Read More

COVID-19 response and data protection law in the EU and US

Managing the COVID-19 outbreak and stopping its spread is now a global challenge. In addition to the significant health and medical responses underway around the world, governments and public health officials are focused on how to monitor, understand and prevent the spread of the virus. Data protection and privacy laws, including the EU General Data Protection Regulation and various U.S. laws, are informing these responses. One major response to limiting the spread of infection is contact traci... Read More

Why the new HIPAA telehealth announcement is a welcome move

As more doctors’ offices and care centers try to move non-urgent care patient visits from in-person to online to battle further spread of COVID-19, the U.S. Department of Health and Human Services issued new guidance that can help.  The guidance came in the form of a Notification of Enforcement Discretion for Telehealth Remote Communications directed at health care providers subject to the Health Insurance Portability and Accountability Act. It states the Office for Civil Rights “will exercise ... Read More

An IAPP update regarding COVID-19

Hello, everyone. Over the past few days, many of you have reached out to the IAPP regarding the management and status of our upcoming conferences, trainings and gatherings as it relates to COVID-19. Your questions and concerns are warranted, and we are listening. The IAPP will always prioritize the well-being and safety of our members, sponsors, staff and anyone affiliated with the production of our events and gatherings. The IAPP leadership and staff are focused on this highly dynamic and evo... Read More

Resources

Below, find external resources covering privacy and COVID-19, with topics including compliance, cybersecurity and workplace privacy.

Global Resources 

Report: WHO-China Joint Mission on COVID-19

This report from the World Health Organization-China's Join Mission reviews national and local government reports, discussions on control and prevention measures with national and local experts and response teams, and observations made and insights gained during site visits. Read More

Compliance Resources 

Cybersecurity Resources 

HIPAA and Telehealth Resources 

HHS: Notification of Enforcement Discretion for Telehealth Remote Communications During the COVID-19 Nationwide Public Health Emergency

This notification, published by the U.S. Department of Health & Human Services, announces that the Office for Civil Rights (OCR) will exercise its enforcement discretion and will not impose penalties for noncompliance with the regulatory requirements under the HIPAA Rules against covered health care providers in connection with the good faith provision of telehealth during the COVID-19 nationwide public health emergency, effective immediately. Read More

Why the new HIPAA telehealth announcement is a welcome move

As more doctors’ offices and care centers try to move non-urgent care patient visits from in-person to online to battle further spread of COVID-19, the U.S. Department of Health and Human Services issued new guidance that can help.  The guidance came in the form of a Notification of Enforcement Discretion for Telehealth Remote Communications directed at health care providers subject to the Health Insurance Portability and Accountability Act. It states the Office for Civil Rights “will exercise ... Read More

HHS notice on telehealth penalties raises privacy concerns

The U.S. government just eased the path for doctors and nurses to do video chats with patients by lifting privacy and security compliance penalties and enforcement action against health care providers. The Office for Civil Rights at the U.S Department of Health and Human Services Tuesday said it will allow health care providers to use technology, such as Apple FaceTime, Facebook Messenger video chat or other video platforms, to communicate with patients. But, while federal response to the COVID... Read More

HHS announces HIPAA penalties waiver amidst COVID-19

The U.S. Department of Health and Human Services has issued a limited waiver protecting health care providers from Health Insurance Portability and Accountability Act penalties during the COVID-19 outbreak. The waiver absolves providers of certain HIPAA responsibilities, including being required to honor facility directory opt-outs and issue privacy notices. Patient rights to request confidential communications and privacy restrictions have also been temporarily revoked under the waiver.Full Sto... Read More

Workplace Privacy Resources 

General Resources 

EDPS comments: Monitoring spread of COVID-19

On March 25, the European Data Protection Supervisor provided comments to the Directorate-General for Communications Networks, Content and Technology of the European Commission on monitoring the spread of COVID-19. Read More

Student Privacy during the COVID-19 Pandemic

This report, published by The School Superintendents Association and the Future of Privacy Forum, provides guidance on how the Family Educational Rights and Privacy Act and Health Insurance Portability and Accountability Act govern the disclosure of students’ health information held by schools. Read More

Resource Collections 

Future of Privacy Forum: COVID-19 Privacy & Data Protection Resources

Global Privacy Assembly: COVID-19 Resources

Privacy International: Tracking the Global Response to COVID-19

Photo by CDC on Unsplash

Icons made by Flat Icons, turkkub, Eucalyp, monkik, and Freepik  from www.flaticon.com