Risk Management

Privacy Protocols While Teleworking

As the world continues to navigate the COVID-19 pandemic, many organizations have had to adjust their business operations. During this time, an increased number of employees have transitioned from working in the office to teleworking from home or other remote locations. Although teleworking has provided business continuity during the COVID-19 pandemic, it has also created increased privacy risks.

Below are a few privacy protocols that should be followed while teleworking:

  • Virtual Private Network (VPN). Using VPN while teleworking will create a secure connection to your employer’s network and certain electronic files.                  
  • Virtual meetings.  Sit in a private area to avoid unauthorized viewing or listening of confidential and sensitive information. Wear a headset to reduce the risk of auditory disclosures. Be mindful of surroundings when using the camera, as well as what information is visible if the screensharing feature is used.
  • Secure electronic devices.  Do not leave laptops, mobile phones or other devices unattended in vehicles or any unsecured locations. Always use the lock screen feature when stepping away from devices.
  • Documents. Make every effort to keep documents in an electronic format while teleworking. If documents are in paper form, they should be stored in a locked file cabinet or briefcase. Disposal of paper documents in a teleworking location should always be shredded.
  • Help desk. Contact the IT Help Desk with any questions or problems with devices, email, or connectivity issues.

Privacy and Contact Tracing During the COVID-19 Pandemic

Contact tracing is a key public health strategy used to prevent the spread of contagious diseases. The process of contact tracing generally involves identifying people who have a contagious disease, along with anyone they may have exposed (their contacts) and working with them to interrupt any further disease transmission.

While contact tracing has been an effective and long-standing public health practice, some of the traditional means of contact (for example, home or physician visits) may occur over a period of days. As the world navigates the fast spread of COVID-19 infections, the need for more immediate methods of contact through modern technology started to transform this process.  The State of California recently launched a COVID-19 contact tracing program called California Connected and  public health workers contact individuals infected with COVID-19 by phone, text, or email.  All information collected by the local public health departments, including identities of any other exposed individuals, remains confidential.

In May 2020, Apple and Google collaborated on the development of contact tracing technology and released an Exposure Notification application programming interface to be used with mobile applications that notify individuals of COVID-19 exposures. Although this type of technology has accelerated contact tracing efforts, the use has elevated concerns from some privacy advocates, particularly regarding data collection, storage, and usage. In response, the American Civil Liberties Union  recommended some privacy-by-design principles and policy safeguards that should be incorporated in the creation of contacting tracing technology, and encouraged the use of strict policies to protect the collected data. Congress has introduced three separate bills, the COVID-19 Consumer Data Protection Act, Public Health Emergency Privacy Act, and Exposure Notification Privacy Act to establish privacy protections of health information during a national health emergency. As contact tracing protocols continue to integrate technologies that will improve the practice, it is imperative that sound privacy and security protocols are in place.

Click here to learn more information about the LA County Department of Public Health’s contact tracing program.