Support Centre


COVID-19 Resources

How your organization responds and gets back to work in the wake of the Coronavirus can be tricky. We have research and guidance compiled to help you think about privacy in a global pandemic.

Privacy Today

The Dubai International Financial Centre ('DIFC') announced, on 1 June 2020, that His Highness Sheikh Mohammed bin Rashid Al Maktoum had enacted DIFC Data Protection Law No. 5 of 2020 ('the Data Protection Law') and that the Board of Directors of the DIFC Authority has also issued new Data Protection Regulations ('the Regulations').

U.S. Senator, Maria Cantwell, announced, on 1 June 2020, that she, along with U.S. Senators Bill Cassidy and Amy Klobuchar, have introduced the bill for the Exposure Notification Privacy Act ('the Bill') to the U.S.

The Icelandic parliament passed, on 12 May 2020, Act no. 40 of 19 May 2020 on Protection of Whistleblowing ('the Whistleblowing Act').

The Communications Regulatory Authority ('CRA') announced, on 19 May 2020, the implementation of measures to address the COVID-19 ('Coronavirus') crisis.

The Mexico Ministry of Economy ('the Ministry') announced, on 1 June 2020, that it launched, through the Undersecretaries for Foreign Trade and in coordination with the Mexican Association of Secretaries of Economic Development, the dissemination plan implementing the

The Kansas Attorney General ('AG'), Derek Schmidt, announced, on 1 June 2020, that he had sent a letter ('the Letter') to the Kansas House of Representative and Senate leaders recommending that contact tracing and personal privacy be reviewed and addressed during a special session of the Kansas Legislature.

The Federal Government ('Bundesregierung') announced, on 29 May 2020, the publication of the first version of the contact tracing app ('the App'), which aim to reduce the spread of COVID-19 ('Coronavirus').

The European Data Protection Board ('EDPB') issued, on 25 May 2020, its opinions on the draft decision of the national data protection authorities ('DPAs') of Czech Republic, Germany, and Ireland regarding the approval of the requirements for accreditation of a certification body pursuant to Article 43(3) of the General Data Protection Regulatio

The Office of the Inspector General ('OIG') of the Department of Health and Human Services ('HHS') published, on 1 June 2020, its semi-annual report ('the Report') to the U.S. Congress. In particular, the Report highlights the need to enhance cybersecurity as one of the most pressing issues facing the HHS.

The Chilean Transparency Council ('CPLT') announced, on 1 June 2020, that following an audit of 12,000 purchase orders made by 86 organisations in the health sector, the CPLT found that 12 purchase orders by hospitals and six by health services were made which revealed the sensitive personal data of patients.

The European Medicines Agency ('EMA') published, on 27 May 2020, questions and answers ('the Q&A') on the use of digital technologies for approval of medicinal products.

The Office of the Inspector General ('OIG') of the Department of Health and Human Services ('HHS') published, on 26 May 2020, its COVID-19 ('Coronavirus') response strategic plan ('the Plan'). In particular, the Plan details three goals including, among others, the protection of infrastructure.

The Polish data protection authority issued, on 25 May 2020, a statement ('the Statement') on the exemption of employees to fulfil their information obligation under Article 14 of the General Data Protection Regulation (EU) 2016/679) ('GDPR'), when employees report their family members for health insurance purposes.

The Cyberspace Administration of China ('CAC') released, on 24 May 2020, the National Health Commission's ('NHC') notice ('the Notice') on the construction of smart hospitals, as well as the improvement of appointment diagnosis and treatment system.

The Icelandic data protection authority ('Persónuvernd') announced, on 19 May 2020, that it had issued, on 18 May 2020, an opinion ('the Opinion') on the requirement of the Directorate of Health that self-employed medical practitioners transmit information about their patients for their registration.

The Healthcare and Public Health Sector Coordinating Council ('HSCC') and the Health Information Sharing and Analysis Center ('H-ISAC') released, on 18 May 2020, guidance ('the Guidance') for healthcare entities on ways to manage their cybersecurity tactical crisis response during an emergency, such as the COVID-19 ('Coronavirus') pandemic.

The Financial Intelligence Unit ('FIU') published, on 29 May 2020, a report ('the Report') aiming to provide information on the money laundering and terrorism financing ('ML/TF') risks posed during COVID-19 ('Coronavirus').

The Board of the International Organization of Securities Commissions ('IOSCO') announced, on 28 May 2020, that it is requesting feedback on proposed updates ('the Proposed Updates') to its principles for regulated entities that outsource tasks to service providers.

The Monetary Authority of Singapore ('MAS') announced, on 28 May 2020, that fairness metrics in credit risk scoring and customer marketing will be developed as part of the Veritas framework, created for financial institutions to promote the responsible adoption of Artificial Intelligence and Data Analytics ('AIDA').

The Caribbean Financial Act Task Force ('CFATF') announced, on 27 May 2020, that the Cayman Islands had passed five bills as part of a regulatory framework to regulate Virtual Asset Service Providers ('VASPs').

The Financial Services Commission ('FSC') published, on 28 May 2020, a supplementary FinTech regulatory sandbox plan ('the Sandbox Plan') which includes four new innovative services and a working group proposal on artificial intelligence ('AI') in financial services.

The State Control Committee of the Republic of Belarus announced, on 25 May 2020, that the Republic of Belarus had adopted, on 13 May 2020, Law of 13 May 2020 No. 14-Z ('the Law') on amending the law on anti-money laundering and countering the financing of terrorism measures ('AML/CFT').

The Monetary Authority of Singapore ('MAS') announced, on 26 May 2020, its updated guide on digital token offerings ('the Guide').

The Gambling Commission ('the Commission') announced, on 27 May 2020, that PT Entertainment Services Limited surrendered its licence, following an investigation which uncovered non-compliance with social responsibility and money laundering obligations.