Upgrade to a premium account to save this to your customizable Workspace
COVID-19 Resources
For easy access to COVID-19 ('the Coronavirus') material from across the OneTrust DataGuidance platform, use the tabs above. You will find links to reports, webinars, and articles which highlight the key points you need to know in order to negotiate the practical and legal challenges brought about by the Coronavirus. Regulatory guidance, requirements for employers, and the latest updates on the Coronavirus’ impact on privacy laws from around the world have been compiled here to keep you informed as your organization takes its next steps.
OneTrust: The OneTrust platform comes equipped with custom assessments and reports to automate some of the challenges you’ll need to navigate to get your business running in a way that is safe, healthy, and with privacy in mind.
Vendorpedia: OneTrust Vendorpedia can help you understand and evaluate the impact of Coronavirus on your vendors and any new policies or procedures they’ve implemented in their own response to COVID-19.
Coronavirus Guidance Rolling Report (last updated on 30 November 2020): This Report collates the guidance, statements, legislative amendments, and similar released by supervisory authorities from around the world. The Report includes a comparison chart of guidance on major topics as well as a region by region, jurisdictional breakdown of authoritative information on privacy and the Coronavirus.
The Select Committee on COVID-19 published, 21 April 2021, it's report Beyond Digital: Planning for a Hybrid World which calls for the Government to consider new health and employment rights to protect wellbeing in the digital world.
The North Rhine-Westphalia State Commissioner for Data Protection and Freedom of Information ('LDI NRW') released, on 20 April 2021, a statement on data protection principles, requirements, and limits when carrying out COVID-19 tests in schools.
The Federal Office for Information Security ('BSI') published, on 21 April 2021, its statement on the use of artificial intelligence ('AI') systems.
The Icelandic data protection authority ('Persónuvernd') published, on 19 April 2021, an updated guideline on the registration of guests at restaurants due to COVID-19, with reference to the recently enacted Regulation No. 321/2021 on the restriction of epidemic gatherings.
The Ukrainian Parliamentary Commissioner for Human Rights released, on 20 April 2021, a statement in support of the Council of Europe's guidance on vaccine passports and human rights.
The Federal Trade Commission ('FTC') issued, on 19 April 2021, a report dealing with issues related to the efforts to protect consumers during the COVID-19 pandemic related to fraud, privacy, and other consumer issues using sophisticated targeting, aggressive law enforcement, partnership, and outreach. Specifically, the report outlines that, amo
The European Institute of Innovation and Technology's Health Think Tank ('EIT Health') published, on 20 April 2021, a new report on AI calling for urgent reforms in EU healthcare systems.
The Council of Europe ('CoE') announced, on 14 April 2021, that it had issued a guidance document to the European governments of all 47 member states on the safeguarding of human rights in the context of vaccine passports for COVID-19. In particular, the Council of Europe discussed the four following themes:
The Federal Data Protection and Information Commissioner ('FDPIC') announced, on 13 April 2021, that it commenced participation within the Federal Office of Public Health ('FOPH') project for a standardised and internally recognised data protection compliant COVID-19 vaccination certificate.
Credit China announced, on 13 April 2021, that the National Medical Security Administration had issued guidance on strengthening cybersecurity and data protection.
The European Union Agency for Cybersecurity ('ENISA') announced, on 7 April 2021, that it had released a new tool to aid healthcare organisations in identifying best practices in order to meet cybersecurity needs when procuring products or services.
The Danish data protection authority ('Datatilsynet') issued, on 10 April 2021, a statement addressing whether social security numbers should be displayed on COVID-19 vaccination passports.
The Office for Personal Data Protection ('UOOU') published, on 9 April 2021, its opinion on the potential use of digital green certificates, the so-called COVID-19 vaccination passports, following the joint opinion of the European D
The French data protection authority ('CNIL') addressed, on 7 April 2021, the European Data Protection Board ('EDPB') and European Data Protection Supervisor ('EDPB') joint opinion on the Digital Green Certificate proposals.
Trinity Health issued, on 5 April 2021, a notice to the U.S. Department of Health & Human Services Office for Civil Rights ('OCR') and to customers confirming that it was impacted by the data security incident affecting Accellion, Inc., whose File Transfer Appliance is used by Trinity Health.
As almost 400 million people worldwide have been vaccinated against the Coronavirus, the prospect of 'vaccine passports' is becoming an ever-increasing reality in order to get back to normal.
The use of contact tracing apps to tackle the COVID-19 pandemic has in many ways thrust privacy to the centre stage as a legal issue which requires careful balancing with other important matters such as public health.
The European Data Protection Board ('EDPB') Document on response to the request from the European Commission for clarifications on the consistent application of the GDPR, focusing on health research1, was adopted on 2 February 2021.
With the entry into force of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'), the life sciences sector, particularly in the framework of clinical research, had to deal with a significant variance of approaches and opinions expressed across Europe by all interested stakeholders.
The Health Insurance Portability and Accountability Act of 1996 ('HIPAA') Security Rule contains an array of safeguards that covered entities and business associates must adhere to.
In keeping with the USA's sectoral approach to privacy, the Health Insurance Portability and Accountability Act of 1996 ('HIPAA') is supplemented by rules which specifically regulate the use of health information.
The rapid development of information systems has raised the issue of personal data protection within the health sector. Such problems are related to the insufficient development of protection mechanisms for judicial practice.
Epidemiologist. Droplets. PPE. Asymptomatic. R number. Long COVID. Social distancing. If there is an indisputable consequence of the COVID-19 pandemic, it is how familiar we have all become with concepts that were alien to most of us barely a year ago.
On 29 December 2020, the Israel Privacy Protection Authority ('PPA') published its sixth report1 as part of a report series on the findings of a supervision process regarding the compliance with the Privacy Protection Law, 5741-1981 ('the Law'), and the Privacy Protection Regulations (Data Security) 5777-2017 ('the Regulations').
The Health Insurance Portability and Accountability Act of 1996 ('HIPAA') is undeniably a complex piece of legislation, and knowing its rules and how they apply to your organisation is key to achieving compliance.
The use of artificial intelligence ('AI') has become the norm in many industries, with the health and pharmaceutical sector being no exception. As such, complex sectoral laws like the Health Insurance Portability and Accountability Act of 1996 ('HIPAA') deserve close attention as to how it governs the use of such practices. Elizabeth G.
The Ministry of Health and Family Welfare ('MoHFW') announced, on 14 December 2020, that the Government of India had approved the Health Data Management Policy ('the Policy').
COVID-19 - Return to Work
Key Takeaways: COVID-19 - Return to Work
HIPAA compliance and cybersecurity challenge
Key Takeaways: HIPAA compliance and cybersecurity challenges
COVID-19 privacy and supply chain issues
Key Takeaways: COVID-19 privacy and supply chain issues
Handling data subject rights under the GDPR
Key Takeaways: Handling data subject rights under the GDPR
COVID-19 European and U.S. cybersecurity issues
Key Takeaways: COVID-19 European and U.S. cybersecurity issues
COVID-19 privacy and employment issues
