With the new normal, comes new risks.

According to a recent KPMG survey,75% of Americans are thinking more about data privacy now than before the COVID-19 pandemic began. 

It stands to reason considering the flow of data has never been more insecure. With companies forced to go remote and track and trace measures being implemented across the board, it’s not imprudent to wonder what checks and balances are in place to prevent misuse, security breaches, and data leaks. 

Organizations and individuals alike need to look closely at the way they handle data. After all, we all may be operating under a new normal, but the rules and regulations that govern private data remain unchanged. You may think that a global pandemic is reason enough to let compliance slip, but this would be an incorrect assumption. According to the Council of Europe, sound data protection principles always allow for balancing an individual's right to privacy with public interest.

Rapid digital transformation 
 

At the onset of the COVID-19 pandemic, the majority of businesses across the globe were forced to accelerate digital transformation measures and adjust to an almost fully remote workforce in record time. 

With the pandemic no closer to ending, we’ve entered a state of what has become known as the new normal. In this new normal, organizations have to adjust to the ongoing disruption and maintain critical operations, while taking extra measures to ensure the safety of their workforce. Many have chosen to continue allowing teams to work from home. 

In order to continue to work efficiently, these workers need access to the organization’s systems, processes, and data, which means privacy risk is no longer constrained to a single location. The flow of data is harder to control outside an organization, increasing the likelihood of a data breach and regulatory non-compliance.

Thanks to COVID-19, the data privacy risk profile has changed, and the process for managing risk needs to change too. You can bet cybercriminals will be keeping up. 

Track and trace
 

To battle the virus, the public has shown an incredible willingness to share private data for track and trace purposes. According to KPMG, most American employees were happy to share their personal information if it meant being able to get back to work quicker. 

This risk with track and trace lies with entities suddenly being asked to handle sensitive private data and not knowing what to do with it once they have it. In fact, many might not even know the extensive data laws that relate to private data.

The possibility of legal non-compliance is high. Remember, there is no opt-out button or privacy policy in place when collecting data for track and tracing purposes. There exists an unspoken agreement that this data will only be used for its intended purpose – namely preventing the spread of an infectious disease. 

The new normal requires every organization that handles private data for public health reasons to know the regulations that apply and to have a process in place to safely store and protect that data. 

Implementing a proper risk framework is a great first step. 

The world is racing to get back to normal, but we’re not there yet. In this new normal, understanding how the disruption has affected data privacy risk is crucial to preventing data and security breaches and maintaining regulatory compliance. 

Hush-Hush Sensitive Data Discovery and Data Masking tools can help you identify and protect private data in your organization and comply with privacy laws such as HIPAA, GDPR, CCPA and more. 

Request a demo now.