Reexamining data privacy and protection amid COVID-19
As proposed legislation unfolds, security and privacy professionals should prepare to face the implications of greater responsibility and risk when it comes to data privacy.
The COVID-19 pandemic has forced companies to restructure many areas of operation, including their approach to cybersecurity and data privacy. The spotlight has been placed on healthcare data and how it can and should be used to combat the spread of the virus. As security and privacy professionals, our attention is honed in on the debate surrounding contact tracing and the collection of COVID-19 health data because it will set a precedent for data collection and impact future privacy laws.
In response to the global pandemic, a group of senators introduced the COVID-19 Consumer Data Protection Act, which would regulate the collection and use of personal data amid the current coronavirus crisis. Now, months after it was introduced, the COVID-19 Consumer Data Protection Act doesn’t stand alone as a piece of privacy legislation—it was followed by the Public Health Emergency Privacy Act and the Exposure Notification Privacy Act. Although each aims to tackle the issue of data privacy in a slightly different way, all three mark an important shift in perspectives and have the potential to reshape the United States’ standard for how to handle and share data during a national health crisis.