COVID-19: Privacy and security in the next normal has been saved
COVID-19: Privacy and security in the next normal
COVID-19 introduces new security and privacy challenges
Managing the delicate balance between public health and personal privacy in the next normal.
The COVID-19 pandemic has caused countries worldwide to re-examine data privacy and compliance. Fundamentally, in light of regulatory pressures, it comes down to an ethical question that has been debated since the times of Socrates and Plato: at what point are the rights of the individual overridden by the needs of public safety and economic wellbeing? The answers to this question will vary widely based on country-specific regulations and cultural norms, as well as the state of COVID-19 infections in each region, and will be a defining undercurrent as the global economy re-emerges into a “next normal.”
As many organisations and governments work to develop track-and-trace apps to enable society to get back to normal, security considerations as well as data privacy regulations should be integrated across the development of these innovative screening capabilities.
While it is tempting to prioritise health above all else during a pandemic, data privacy laws still need to be followed. This can be challenging in a time when personal protected health information (PHI) and special categories of data are being shared at an unprecedented level. Globally, employers will need to adopt a new set of practices that balances promoting employee health and enabling the business to operate at a reasonable level. It has never been more important for public and private organisations to fully understand how privacy laws apply to their operations, so they can safely operate in the next normal.
Data Privacy in the Next Normal
In building a holistic approach to meeting privacy and security requirements around COVID-19 health considerations, organisations should build a holistic, ethical and sustainable approach to privacy and security for COVID-19 health considerations. Key factors to enhance efficiency and effectiveness include:
- Cross-functional executive support. Privacy and security is a cross-functional issue that requires strong executive support and involvement across areas such as business, IT, HR, and legal.
- Risk-based approach. Focusing on business risk (as opposed to merely compliance) and identifying and prioritising high-risk items can increase the value the privacy and security solutions can deliver.
- Data lifecycle. Before you can understand how to implement reasonable controls, you first need to understand where the sensitive data is and how it is used, from collection through destruction.
“We’re all in this together” may already be a “pandemic cliché,” but it is particularly fitting for this situation – governments, private sector organisations, and the general public all need to work as a united front and build an international mechanism to protection people not merely from the last threat, but from the coming ones. This article provides the thoughtful considerations around data privacy in the COVID-era for organisations to leverage as they recover and thrive in the next normal.
Published: June 2020