https://www.cpomagazine.com/data-privacy/ethical-data-privacy-in-a-time-of-covid-19/
By Pam Hrubey
cpomagazine.com
April 27, 2020
As COVID-19 continues to spread, the data collected from those who are infected
will increase greatly. As the number of infected individuals rises, so does the
potential stigma associated with infection. As a result, companies that collect
data indicating infection status – even incidentally – must handle that
information in an ethical manner that protects the privacy of data subjects.
Even when regulations are vague or nonspecific, organizations must assess the
necessity of sharing sensitive information, and they must respect the
preferences of their data subjects.
Extending explicit choice to consumers even when not required allows them to
control their own data in a detailed manner. Organizations increasingly are
realizing that this is a business advantage.
Regulatory compliance versus ethical compliance
Regulations such as the European Union’s General Data Protection Regulation
(GDPR) and the California Consumer Privacy Act (CCPA) suggest that data privacy
is an increasingly universal concern. Regulations likely will continue to
expand in geographic coverage and in specificity. Some companies, such as
Microsoft, have taken a proactive approach and extended the protections
afforded by this progressive legislation to those who reside outside the
covered jurisdictions.
These extended protections anticipate the likelihood that similar legislation
will be enacted on a wide scale. But a standardized regulatory framework also
can serve as a foundation on which a company can build clear privacy policies
and standards, keeping the rights of the consumer front and center.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
