Monthly Archives: April 2020

Privacy and COVID-19 Contact Tracing – Lessons from South Korea?

Very interesting discussion in the most recent Journal of the American Medical Association, “Information Technology–Based Tracing Strategy in Response to COVID-19 in South Korea—Privacy Controversies.”

The sources of information are staggering in their breadth: mobile phone carriers, immigration services, law enforcement, credit card companies, public transit companies, government agencies, health insurers and health care providers. It is difficult to imagine this type of tracing in the United States.… More

Colin Zick recommends getting ready for the new data sharing rules now, despite enforcement delay…

Colin Zick, co-chair of Foley Hoag’s Health Care Practice and Chair of the Privacy and Data Security Practice, spoke with Bloomberg Law’s Ayanna Alexander regarding the Department of Health and Human Services’ decision to hold off on enforcing new health information data-sharing rules. His recommendation: prepare now, as the new requirements aren’t going away. “They will go easy on you if you are trying to comply, but the pandemic makes it difficult or impossible,” Zick said.… More

FERC Authorizes Deferred Implementation of Seven NERC Reliability Standards

The Federal Energy Regulatory Commission (“FERC” or “Commission”) recently issued an Order approving a request by the North American Electric Reliability Corporation (“NERC”) to defer the implementation of several Reliability Standards scheduled to take effect later this year. This action, along with others discussed in an earlier post here, are the latest measures approved by FERC that demonstrate the Commission’s intent to exercise discretion in easing reliability compliance burdens in light of the national emergency related to the coronavirus pandemic.… More

Best Privacy and Security Practices, COVID-19 Edition (Hint: Fewer Differences than You Might Think)

Businesses scrambling to move their workforces into remote environments are rightly concerned about the smooth and productive flow of information, including question about whether there will be any government support for building out a remote infrastructure, and what limitations are there on the kinds of information employers may obtain or share to minimize the health impacts on their employees (both questions, among many others, that Foley Hoag’s COVID-19 Task Force was built to help answer). … More

Beware of COVID-19-Based Cyber Attacks, Say US and UK Agencies

Malicious cyber actors have been exploiting the COVID-19 crisis, warn the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre (NCSC) in a joint release issued April 8. Bad actors have done so in two main ways: first, by grafting COVID-19-related themes onto standard cyberattack practices; second, by exploiting vulnerabilities in services that have seen increased use since the pandemic began.… More

Jeremy Meisinger discusses why strong, transparent privacy protections are both possible and necessary to secure the public buy-in needed to make public health surveillance work

Both legally and practically, there need not be an exclusive choice between health information privacy and using GPS and other technology to gather and provide information about COVID-19. Foley Hoag’s Jeremy Meisinger shares more in this GPS World article.