Tag:data storage

Good practice – the storage of COVID-19 vaccination certificates
Forgotten Issues: What Business Continuity Planning in the COVID-19 Era Isn’t Contemplating

Good practice – the storage of COVID-19 vaccination certificates

By Cameron Abbott, Rob Pulham and Ella Richards

As the public’s focus in NSW and Victoria turns quickly to reopening and emerging from lockdowns, we have experienced an increased focus across the country on vaccination rates. Public health orders and laws in several Australian jurisdictions have changed to require businesses to, amongst other things, collect, store and hold vaccine information about their workers, and to take steps to ensure unvaccinated persons do not enter their premises.

This has led to businesses collecting vaccination information including in the form of government-issued COVID-19 vaccination certificates. However the collection of this information creates additional legal and cyber security risks. Some federal government issued certificates contain an individual healthcare identifier (IHI) – a number individually identifies an Australian for healthcare purposes (it is more sensitive than your Medicare number). The IHI combined with the individual’s name and date of birth creates an attractive opportunity for cyber criminals. It is so sensitive that it comes with its own specific legislation sanctions including criminal penalties for breach.

Businesses should ensure they have the right processes in place when collecting and storing this kind of information to avoid exposure to civil and criminal penalties, including up to two years’ imprisonment for improper use or disclosure of an IHI.

For more information on the appropriate processes for collection and storage of vaccination information, please contact Cameron Abbott from our Privacy team. K&L Gates will keep you informed of any further updates.

Forgotten Issues: What Business Continuity Planning in the COVID-19 Era Isn’t Contemplating

By Cameron Abbott, Warwick Andersen, and Max Evans

As the world grinds to a halt following the dispersion of COVID-19 and businesses around the globe experience a significant downturn, more and more businesses are turning towards their Business Continuity Plan (BCP) in order to mitigate the potential impacts of this worldwide emergency on business sustainability. However, a key aspect of BCP’s is that they encapsulate the full scale of collateral issues that may arise from such an emergency.

From a technology perspective, BCP’s need to consider access. This issue is twofold: being access to premises in which businesses operate in order to correct system defects and system outages, as well as access to external premises that provide technology services such as data storage or data security services.

Read More

Copyright © 2024, K&L Gates LLP. All Rights Reserved.