While businesses grapple with the COVID-19 crisis, data privacy and data security regulation remains a pressing concern. Some significant state laws regarding data privacy and security have gone into effect in 2020, such as the California Consumer Privacy Act (“CCPA”) (effective January 1, 2020) and the New York Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”) (effective March 21, 2020). Regulator expectations for compliance with these new legal requirements seem immune from the virus that has placed strains on business operations and employees responsible for understanding and operationalizing new business processes to comply with these new legal requirements.
As resources are strained and employee focus is diverted to the evolving and unforeseen business demands in addressing COVID-19, the need for focus on data privacy and security appears even greater. Read on for three data security and privacy recommendations when handling COVID-19 related disruptions to business.