A year after the onset of the COVID-19 pandemic in the U.S., companies are still grappling with questions about how to handle and retain sensitive health information, and emerging efforts to monitor who's been vaccinated will only exacerbate these issues. 

The novelty of the pandemic, especially in its early days, created widespread "uncertainty and confusion" around data privacy issues since companies didn't have protocols in place or any legal precedence to follow, according to Adrienne Ehrhardt, the chair of Michael Best & Friedrich LLP's privacy and cybersecurity practice group.

"So it was unclear to companies what data they could and should collect and retain, what notices to provide, and what action to take based on that data," Ehrhardt said. 

In the wake of this guidance, companies have moved to engage with both their private-sector partners and government regulators to devise a process that balances public safety with privacy concerns.

"The public and private sectors will need to continue harmonizing these somewhat competing interests while also balancing the benefits and risks introduced by data-driven technology solutions," said Elizabeth Rogers, a partner at Michael Best & Friedrich LLP. "A fair balance of post-pandemic individual, public and business interests will depend on all of these actors continuing to work together."

To read the full article, click here.