On June 6, 2020, New York Governor Andrew Cuomo issued Executive Order No. 202.38, permitting commercial building owners, retail store owners, and those authorized on their behalf to manage public places within their buildings and businesses to require individuals to undergo temperature checks as a condition to entry. To prevent people that may have
I was lucky enough to participate in an excellent panel of healthcare professionals discussing how COVID-19 has impacted medical technology, methods of treatment and research, and patient privacy rights. If you are concerned with contract tracing applications, or what governments, employers, or private companies may be doing with data from contact tracing applications, we also had a terrific discussion on those topics.…
Continue Reading Villanovans in Healthcare VIRTUAL Spring Speaker Series – DATA PRIVACY AND DIGITAL TRANSFORMATION
The Federal Emergency Management Agency has published its “Exercise Starter Kit for Workshop on Reconstituting Operations,” which is available here.
This excellent resource will get many businesses started as they prepare to resume limited or full operations, but entities should also be careful to address any safety, privacy and insurance issues (to name a…
On May 7, 2020, the New York Attorney General announced she will not sue Zoom after it agreed to adopt enhanced data security and privacy measures to protect the data of its 300 million plus users. As COVID-19 social distancing policies radically change the way individuals and industries communicate, Zoom saw a reported 3,000 percent…
The European Data Protection Board weighs in on location data and contact tracing apps.
- don’t use personal data if you don’t have to
- collect only the minimum amount
- clearly define the controller, and the purposes
- use encryption
- apply robust safeguards
- delete after when no longer necessary or when the crisis is over
The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) issued an advisory to hospitals and other healthcare organizations that cybercriminals are targeting them with phishing campaigns, ransomware, and other malicious acts referencing COVID-19. Cybercriminals are exploiting the fact that the healthcare sector is consumed with COVID-19 management and response to ramp up attacks, including ransomware…
Citing a “significant increase in cybercrime” during the COVID-19 pandemic, the New York Department of Financial Services (DFS) issued guidance to all New York State regulated entities identifying areas of heightened cybersecurity risks. DFS advised regulated entities they should assess and address these areas as per cybersecurity regulation 23 NYCRR Part 500.
Heightened Risk #1:…
Healthcare data company CENTOGENE announced it has joined forces with blockchain startup Ubirch to create a solution to secure results of COVID-19 mass testing that takes into consideration General Data Protection Regulation (GDPR) compliance.
Based on the premise that absent a vaccine widespread testing is inevitable to permit the return of social interaction, the solution…
Iceland’s data protection authority offers advice on GDPR compliance during the COVID-19 outbreak.
- Information that a person is quarantined is generally not considered to be sensitive personal information, but it is appropriate to pay particular attention to the principles of the Data Protection Act on data minimization and fairness.
- Maintain only the minimum
This is not the time for strict enforcement of data protection. We are showing agility during this crisis.
- Information that someone is infected with coronavirus is health information.
- Information that someone has been quarantined or returned from a so-called “risk area” is not health information.
- Employers should not disclose information that individual employees