Tag Archives: COVID-19

City of Baltimore May Criminalize the Use of Facial Recognition Technologies by Businesses

The Baltimore City Council recently passed an ordinance, in a vote of 13-2, barring the use of facial recognition technology by city residents, businesses, and most of the city government (excluding the city police department) until December 2022.  Council Bill 21-0001  prohibits persons from “obtaining, retaining, accessing, or using certain face surveillance technology or any … Continue Reading

COVID-19 Vaccine Passport Programs: Privacy and Security Considerations

As access to COVID-19 vaccines becomes more prevalent, and we begin to conceptualize what a post-pandemic world might look like, many governments are assessing the idea of a COVID-19 vaccine passport framework.  In late March, the European Commission announced its plan for a COVID-19 Digital Green Certificate framework (“the framework”) to facilitate “safe free movement … Continue Reading

DOH Employee Error Causes Breach of COVID-19 and Other Health Data Affecting Nearly 165,000 Individuals

In a recent post, we highlighted the need for a privacy and cybersecurity training program, one not solely focused on spotting phishing attempts (although that is quite important as well). A primary reason, quite simply, is that employees continue to be a leading cause of data breaches. This fact was reaffirmed for the Wyoming Department … Continue Reading

California State Healthcare Worker Accesses COVID-19 Data on More Than 2,000 Patients and Employees

As we noted in late January 2020, the spread of infectious disease raises particular concerns for healthcare workers who want to do their jobs and care for their patients, while also protect themselves and their families. Perhaps the desire to protect one’s self and family is what motivated a California state healthcare worker to access … Continue Reading

More Movement towards Digital COVID Vaccination Records

A key tech initiative as COVID-19 vaccinations begin rolling out are digital health passports. One example is being developed by a group of large tech companies along with the Mayo Clinic as part of the Vaccination Credential Initiative. The Initiative’s digital vaccination record will likely be a smartphone app. The Initiative is leveraging the CommonPass … Continue Reading

Federal Contractors: Have You Done Your Privacy Training?

Federal contractors know all too well the list of annual requirements and obligations can seem overwhelming at times.  One that may get overlooked by some is annual training requirements. A fairly new such training went into effect in 2017 – it requires certain federal contractors to do annual data privacy training. According to the U.S. … Continue Reading

CDC Expands Guidance on Workplace SARS-CoV-2 Testing to Require Informed Consent

As employers continue to grapple with a safe return to the workplace, on January 21, the U.S. Center for Disease Control and Prevention (CDC) issued new guidance for businesses and employers on SARS-CoV-2 testing of employees, as part of a more comprehensive approach to reducing transmission of the virus in non-healthcare workplaces. While the CDC … Continue Reading

Want to Know if Your Employees Received the COVID-19 Vaccine? Some Best Practices to Consider

While its rollout has been slow, the vaccine is being administered across the U.S. and in other countries. As of January 15, 2021, nearly 36 million doses of a COVID-19 vaccine have been administered, just over 11 million in the U.S. For a variety of reasons, organizations want to know whether their workforce members (employees, … Continue Reading

OCR Releases Report Summarizing HIPAA Privacy and Security Compliance Failures

In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business associates for tackling HIPAA compliance as we enter the new year.  The Report examines OCR’s findings from … Continue Reading

Federal Agencies Issue Joint Alert on Imminent Cybercrime Threat to Healthcare Providers

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have issued a joint cybersecurity advisory stating they have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers. The advisory describes the tactics, techniques, and procedures … Continue Reading

COVID-19 Screening Program Can Lead to Litigation Concerning Biometric Information, BIPA

As organizations aim to return to some type of normalcy, and help ensure a healthy and safe workplace, many have implemented COVID-19 screening programs that check for symptoms, and an employee’s recent travel and potential contact with the virus. Moreover, many states and localities across the nation are mandating or recommending the implementation of COVID-19 … Continue Reading

New York and New Jersey Release COVID-19 Exposure Apps

New York and New Jersey release “COVID Alert NY” and “COVID Alert NJ,” apps designed to alert their users when they have been exposed to someone who tested positive for COVID-19. These apps follow those released in Pennsylvania and Delaware and are soon to be joined by Connecticut. The states hope to enhance their contact … Continue Reading

Will the Public Health Emergency Privacy Act Make it into the Next Stimulus Package?

Despite several attempts, Congress has struggled to push forward a federal consumer privacy law over the past few years. But the COVID-19 pandemic, which has raised concerns regarding location monitoring, GPS tracking and use of health data, has heightened the urgency for federal consumer privacy legislation. In May, a group of Democrats from the U.S. … Continue Reading

EEOC Issues Guidance on Antibody Testing in the Workplace

In late-March and April 2020, the Equal Employment Opportunity Commission (EEOC) released guidance addressing various questions with answers concerning COVID-19 and related workplace disability-related issues under the Americans with Disabilities Act (ADA). Recently, on June 17th, the EEOC updated its guidance to include a new question regarding antibody testing. Most of the questions concern general … Continue Reading

California AG Urges Consumers to be Vigilant While Online During the COVID-19 Pandemic

With California’s mandatory COVID-19 stay-at home orders impacting some 40 million people by forcing the vast majority of them to connect remotely to work, go to school, order necessities, socialize and do many other things, California’s Attorney General Xavier Becerra recently issued an alert reminding consumers of their privacy rights and to encourage them to … Continue Reading

Federal COVID-19 Consumer Data Protection Bill Introduced

As the COVID-19 pandemic presses on, legislators and regulators continue to remind the public of the importance of data security and privacy protections. On April 30th, U.S. Senator Roger Wicker (R-Miss), Chairman of the Senate Committee on Commerce, Science, and Transportation, announced plans to introduce (jointly with several co-sponsors) the COVID-19 Consumer Data Protection Act. … Continue Reading

Legislators and Regulators Weigh in On Privacy and Data Security Protections for Healthcare Providers Amid COVID-19 Pandemic

As they work to combat the surging COVID-19 virus, healthcare providers recently were reminded by legislators and regulators of the importance of data security and privacy protections. On the data security front, U.S. Senators Richard Blumenthal, Tom Cotton, David Perdue, and Mark Warner recently wrote to the Director of the U.S. Department of Homeland Security’s … Continue Reading

FCC’s Declaratory Ruling on the TCPA’s “Emergency Purposes” Exception During COVID-19: Does it apply to Workplace Correspondence?

The Telephone Consumer Protection Act (“TCPA”) generally prohibits the use of automated dialing equipment or prerecorded voice messages to make calls, send text messages, or send faxes absent prior consent of the called party. This includes calls or texts to cellular phone numbers as well as calls to residential lines. There are limited exceptions to … Continue Reading

Videoconferencing Zooms to the Forefront in the COVID-19 World

As the COVID-19 crisis continues, many companies throughout the country have arranged for significant portions of their workforce to work from home. A natural part of that arrangement is conducting videoconferences. With employees working at home in isolation, many seek opportunities to connect with others through a visual medium. Thus, companies are using videoconferencing to … Continue Reading

UK and US Issue Joint Cybersecurity Alert Concerning Explosion of COVID-19 Phishing Attacks

In the US, many organizations anxiously awaiting assistance under the CARES Act are becoming the targets of cyberattackers looking to feed off of the massive relief being provided by the US treasury. Yesterday, the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre … Continue Reading

Key Components of a COVID-19 Screening Program

Stopping the spread of coronavirus is critical to overcoming the COVID-19 pandemic. As testing is ramping up around the country, some states and localities have imposed health screening requirements in an effort to identify persons at risk of being infected and stopping them from infecting others. Whether mandatory or recommended, screening employees and visitors could … Continue Reading

OCR HIPAA Guidance For Getting PHI of COVID-19 Exposed Individuals to First Responders

With first responders on the front lines of helping to fight the coronavirus, sharing information about potential exposure to COVID-19 is critical to protecting them and preventing further spread. In these situations, the information shared is most often “protected health information” (PHI) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule. … Continue Reading

HHS Removes Enforcement Barriers for Telehealth during COVID-19 Nationwide Public Health Emergency

The Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) wants to make it easier for individuals to reach a healthcare provider, including those most at risk (older persons and persons with disabilities). Effective immediately, during the COVID-19 nationwide public health emergency, OCR announced it will not enforce noncompliance with … Continue Reading

HIPAA Privacy Rule Waiver, Other Medical Information Questions During the COVID-19 Pandemic

As the coronavirus spreads across the globe and in the United States, providers, businesses, employers, and others are struggling to understand what medical information they can collect and what information they can share. These are difficult questions the answers to which involve considering factors such as long-standing compliance requirements (e.g., HIPAA, ADA, GINA, state law), … Continue Reading
LexBlog