Employee Privacy in a Pandemic

COVID-19 has presented businesses with a new challenge in keeping their company safe and it starts with employee health. As they re-open in the wake of the pandemic, they must keep track of individual health with regard to who is sick and how it might affect the company as a whole. This means that a lot of personal and private health information is being accumulated and stored within a business’s records. There are two issues that management must be aware of with this, and that is what type of information is collected, and how it is safely stored and protected.

Gathering data for the sake of having data is a mistake that many people make. Effort is put into the research, without a clear idea of how or why you need the information that you’ve put time into gathering. Make sure it is worth it. Additionally, when this is done at the business level, it can create a lack of trust from employee to employer, and it can also be a liability if your team feels like big brother is at the helm in more ways than one.

Change is Inevitable

When the World Health Organization declared the COVID-19 outbreak a pandemic on March 11th, 2020, there was little doubt that changes would be in place immediately that affected our everyday life. How long those changes will stay in place remains unknown, but we have seen a shift in the workplace that has put many workers in a permanent “work from home” status. With the fast-moving, and sometimes haphazard way that this was put in place for many companies, there was a huge risk of mistakes being made, issues being overlooked, and policies not in place to conform to what would have been standard procedure when in an office.

One of the main areas that we know this to be true is with cybersecurity and along with that, employee privacy. While they are not undeniably intertwined, they are in fact tightly linked. An employee’s private life, especially when it comes to their online life, is something that can quickly infiltrate the business systems if it is compromised. This can be best monitored in an office setting, but not so much in a home office.

Do not be tempted to collect unnecessary data from your employees and outline how you will use the data and why you need it, prior to asking for it. Also ensure that if there is a breach, and that information is compromised, you have a plan in place since you are liable for that leak. Look ahead to that happening, and ask yourself, “if it does happen, what will the outcome be for our business?”. This will help you to collect only what is necessary and react in the most efficient and well-planned manner.

Yes, COVID-19 has allowed for us to be more stringent in some ways with masks and social distancing, and more relaxed in others such as in our home office, but don’t let that false sense of security leave you exposed to a greater risk of a breach. The fallout won’t end there if it is more than your business data that is stolen.

We are a proud partner of HIPAA Secure Now!, a company of HIPAA experts dedicated to helping medical entities stay compliant and keeping their data safe.  Thank you HIPAA Secure Now! (www.HIPAAsecurenow.com) for the contents of this article.

Want more cybersecurity tips to help keep your business safe & secure? Sign up for our email newsletter and have new articles & tips delivered straight to your inbox monthly.

Posted in ,

Tracy Hardin

Tracy Hardin is President and founder of Next Century Technologies in Lexington, KY. She has a bachelor's degree in computer science from the University of Kentucky and has earned certifications from Novell, Cisco and CompTIA. Her specialties in the field of IT are network design and security, project management and improving productivity through technology. She loves helping people by sharing her knowledge of tech.