Upgrade to a premium account to save this to your customizable Workspace
Create an account
Join our community for free to access exclusive whitepapers, reports, and regulatory information.
COVID-19 Resources
For easy access to COVID-19 ('the Coronavirus') material from across the OneTrust DataGuidance platform, use the tabs above. You will find links to reports, webinars, and articles which highlight the key points you need to know in order to negotiate the practical and legal challenges brought about by the Coronavirus. Regulatory guidance, requirements for employers, and the latest updates on the Coronavirus’ impact on privacy laws from around the world have been compiled here to keep you informed as your organization takes its next steps.
OneTrust: The OneTrust platform comes equipped with custom assessments and reports to automate some of the challenges you’ll need to navigate to get your business running in a way that is safe, healthy, and with privacy in mind.
Vendorpedia: OneTrust Vendorpedia can help you understand and evaluate the impact of Coronavirus on your vendors and any new policies or procedures they’ve implemented in their own response to COVID-19.
Coronavirus Guidance Rolling Report (last updated on 8 April 2021): This Report collates the guidance, statements, legislative amendments, and similar released by supervisory authorities from around the world. The Report includes a comparison chart of guidance on major topics as well as a region by region, jurisdictional breakdown of authoritative information on privacy and the Coronavirus.
The Office of the Data Protection Ombudsman ('the Ombudsman') published, on 26 October 2021, the decision Dnro 6132/151/19 by the Deputy Data Protection Ombudsman ('the Deputy Ombudsman'), as issued on 15 October 2021, in which the Deputy Ombudsman ordered a hospital district to change its practice in exercising the right of access to comply wit
The Federal Commissioner for Data Protection and Freedom of Information ('BfDI') published, on 25 October 2021, a decision of the German Data Protection Conference ('DSK'), issued on 19 October 2021, on the processing of the COVID-19 vaccination status of employees by their employers.
The Belgian Data Protection Authority ('Belgian DPA') announced, on 13 October 2021, that it had been aware of a potential security incident relating to the validation and processing of Covid Safe Tickets via the CovidScan app in order to provide proof of vaccination, immunity, or a negative test result for COVID-19.
The Office of the Australian Information Commissioner ('OAIC') published, on 20 September 2021, its 2020-2021 digital health annual report. In particular, the digital health annual report sets out the OAIC's digital compliance and enforcement activity during 2020-2021, in accordance with the My Health Records Act 2012, (No.
The Privacy Commissioner of Canada, Daniel Therrien, issued, on 22 October 2021, a statement regarding the Prime Minister's announcement about a standardised Canadian COVID-19 proof of vaccination for travel.
The Manitoba Ombudsman ('the Ombudsman') announced, on 20 October 2021, that it has completed an investigation relating to a privacy officer in a healthcare facility who allegedly used that access to view and disclose information for purposes unrelated to her work, therefore violating the Personal Health Information Act ('PHIA').
The Baden-Württemberg data protection authority ('LfDI Baden-Württemberg') issued a comment, on 15 October 2021, contradicting a statement from the Baden-Württemberg Ministry of Social Affairs, Health and Integration, according to which the requirement to wear face masks in the workplace could not be eased due to data protection
The Office of the Data Protection Ombudsman ('the Ombudsman') published, on 19 October 2021, the decision Dnro 6745/163/18 by the Deputy Data Protection Ombudsman ('the Deputy Ombudsman'), as issued on 29 September 2021, in which the Deputy Ombudsman ordered a healthcare provider to change its practice due to violations of Article 5(1)(b) of the
Premier Patient Healthcare notified, on 30 September 2021, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting 37,636 individuals.
Decree of the President of the Council of Ministers 12 October 2021 ('the Decree') amending the Decree of the President of the Council of Ministers of 17 June 2021 and introducing new methods for verifying the COVID-19 pass in the public and private workplace, was published, on 14 October 2021, in the Official Gazette, following a favourable opi
The Office of the Ombudsman released, on 15 October 2021, general guidance for employers on employee vaccination status checks.
The Data Protection Authority of Bavaria for the Private Sector ('BayLDA') released, on 22 September 2021, guidelines on the inquiry about the vaccination status of employees.
The Privacy Foundation New Zealand released, on 12 October 2021, a statement which urged the New Zealand Government to undertake a comprehensive impact assessment, including a privacy assessment, of the vaccination certificate roll-out, prior to its introduction in November.
The Data State Inspectorate ('DVI') published, on 8 October 2021, guidelines on the processing of personal data in an educational institution for the purpose of the face-to-face learning process during the COVID-19 pandemic.
House Bill ('HB') 833 for the Protecting DNA Privacy Act entered into effect, on 1 October 2021. In particular, the Protecting DNA Privacy Act regulates and creates expanded definitions for acts relating to the unlawful use of DNA.
OSF HealthCare notified, on 10 October 2021, the U.S. Department of Health and Human Services ('HHS') Office for Civil Rights ('OCR') of a data security incident affecting 53,907 individuals.
House Bill ('HB') 2069 for the Arizona Genetic Information Privacy Act, under §44-7921 et seq. of Chapter 38 of Title 44 of the Arizona Revised Statutes, came into effect on 29 September 2021, after receiving signature by the Arizona State Governor on 20 April 2021.
As part of the Australian Government's response to the COVID-19 pandemic, a nationwide vaccination program is being rolled out in stages to support access to, and delivery of, safe and effective COVID-19 vaccines and treatments for all Australians.
The Czech Ministry of Health recently issued a new extraordinary measure based on which companies can grant access to the workplace only to those individuals who tested negative for COVID-19 or those who are covered by one of the exemptions below.
On 17 March 2021, the European Commission announced a proposal for a legislative framework1 that would allow the bloc's 450 million people to travel freely within the EU during the ongoing COVID-19 pandemic.
As almost 400 million people worldwide have been vaccinated against the Coronavirus, the prospect of 'vaccine passports' is becoming an ever-increasing reality in order to get back to normal.
The use of contact tracing apps to tackle the COVID-19 pandemic has in many ways thrust privacy to the centre stage as a legal issue which requires careful balancing with other important matters such as public health.
The European Data Protection Board ('EDPB') Document on response to the request from the European Commission for clarifications on the consistent application of the GDPR, focusing on health research1, was adopted on 2 February 2021.
With the entry into force of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'), the life sciences sector, particularly in the framework of clinical research, had to deal with a significant variance of approaches and opinions expressed across Europe by all interested stakeholders.
The Health Insurance Portability and Accountability Act of 1996 ('HIPAA') Security Rule contains an array of safeguards that covered entities and business associates must adhere to.
In keeping with the USA's sectoral approach to privacy, the Health Insurance Portability and Accountability Act of 1996 ('HIPAA') is supplemented by rules which specifically regulate the use of health information.
The rapid development of information systems has raised the issue of personal data protection within the health sector. Such problems are related to the insufficient development of protection mechanisms for judicial practice.
Epidemiologist. Droplets. PPE. Asymptomatic. R number. Long COVID. Social distancing. If there is an indisputable consequence of the COVID-19 pandemic, it is how familiar we have all become with concepts that were alien to most of us barely a year ago.
COVID-19 - Return to Work
Key Takeaways: COVID-19 - Return to Work
HIPAA compliance and cybersecurity challenge
Key Takeaways: HIPAA compliance and cybersecurity challenges
COVID-19 privacy and supply chain issues
Key Takeaways: COVID-19 privacy and supply chain issues
Handling data subject rights under the GDPR
Key Takeaways: Handling data subject rights under the GDPR
COVID-19 European and U.S. cybersecurity issues
Key Takeaways: COVID-19 European and U.S. cybersecurity issues
COVID-19 privacy and employment issues
