How can Organization adapt Privacy and Security protocols in the Covid-19 environment?
The duration of the Covid-19 pandemic and its impact on global business environments has generated a renewed focus on network security and privacy risk issues. Many people still conduct their professional lives from remote locations, most often from home. Spam, Hacking, Malware and Ransom attacks are daily threats, with most incidents not publicly reported and remedied by a professional IT team. The Wall Street Journal reported on Oct. 5, 2020 that “a Philadelphia company that sells software used in hundreds of clinical trials, including the crash effort to develop tests, treatments and a vaccine for the coronavirus, was hit by a ransomware attack that has slowed some of those trials over the past two weeks.”
Are we protecting personal health information such as biometrics and Covid- 19 test results?
To compound the continuous requirements of managing data across an enterprise, there are new challenges, such as how to collect and store pandemic-generated personal and health information, such as biometrics and Covid- 19 test results.
What proactive steps should organizations be taking to reduce risk while sharing information both internally and externally?
Planet Data is utilizing our Exego Intelligence contract analytics platform to allow organizations to efficiently identify existing contracts that require modification or the insertion of new information to comply with the evolving compliance landscape.
In March of 2020, many professionals were directed by governmental entities to leave their office environments immediately. It was widely believed at that time that these directives would be short in duration, merely fourteen days.
As people fled their offices, important, confidential documents were often left in place at workstations either in hardcopy form or on company computer systems.
How A Contract Analysis Management System allows clients to identify, search, compare and modify contracts across the organization
Many organizations have been less attentive these past months to their Records Retention Management policies. Additionally, contracts are not being modified to incorporate issues such as Force Majeure and Third-Party Management or Vendor Management. Exego Intelligence allows our clients to identify, search, compare and modify contracts across the organization regardless of original document format.
For example, network security vendors may have access to entire IT systems and their stored information. Accordingly, Security and Privacy Questionnaires must be revised to clearly understand the vendor’s competence to collect, store, protect and transfer confidential data. The auditing entity who will be allowing access to their data ecosystems must receive complete responses to vendor policies, work processes and breach mitigation plans prior to renewing or retaining a vendor entrusted with such information. Parameters for vendor accountability should include third party insurance coverage, personnel training, sub-vendor oversight and business interruption contingencies.
Records management and data retention oversight is now again a high priority. The evolving work environment, combined with the creation of new types of PII, such as biometrics and Covid-19 testing, have compelled the need for compliance with legal requirements such as “HIPPA” (health), and “GDPR”, and “CCPA” (privacy). Recent changes in data storage and transfer requirements across jurisdictions (e.g. Privacy Shied invalidation) have concomitantly increased the risks of failing to maintain control over enterprise-wide information.
In many organizations, contracts are still not maintained in a centralized location, but rather reside in their respective business units in multiple formats (e.g. electronic, PDF, paper). These business silos may have different legal issues to address. A current challenge is to enable efficient collaboration for contract consistency and compliance where documents may not be as readily accessible prior to the pandemic.
Exego Intelligence can enable an organization to rapidly adapt to our new era of data management.
We are not likely going back to the old days, pre-March 2020.
Oct 7 , 2020
Howard J. Reissner, Esq.
CEO – Planet Data