CCPA & COVID-19 Pandemic

by | Apr 1, 2020

It is important to remember that, despite the wide-reaching and deep impact the the COVID-19 pandemic, the rights of individuals to have their protection respected are as important and relevant as ever.

In recent weeks we have see a relaxing on the policing of HIPAA legislation in the United States and a delay on the sanctioning of approved GDPR fines against Marriott Hotel and British Airways in the European Union – decisions that were, respectively, taken to allow for vital treatments to be applied to those suffering and not adding further financial burden on a number of companies.

Towards the end of last week California Attorney General Xavier Becerra moved to remind consumers that their rights under the California Consumer Privacy Act are still in place and provided guidance on how to safeguard their private details during this turbulent time.

He said: “The reality is that COVID-19 is forcing families to adjust to a new way of living and connecting remotely. Whether it’s our children’s schooling, socializing with family and friends, or working remotely – we are turning to mobile phones and computers as a lifeline. With such a dependency on online connectivity, it is more important than ever for Californians to know their privacy rights.”

There has already been one delay to the enforcing of the CCPA, to July 1, and business groups are seeking an additional delay of a further six months. However there is no indication that the extra time will be allowed as companies were already expected to have everything in place prior to January 1 2020, long before the pandemic arrived in the United States.

The following areas need to be considered in order to remain safe during this time.

CCPA Consumer Rights During Covid-19

The main rights included under CCPA include the following and must be respected during the pandemic:

  • There must be a “Do Not Sell My Information” link or button on websites which allows you to opt-out of the sale of your personal information that is gathered using cookies or some other collections method.
  • You should be allowed to request that the business delete personal data that it has collected from you at any time.
  • Any business that collects information on you should be in a position to advise you of what personal information if has collects, used, distributed of sold. CCPA gives you the right to request this information twice annually. shares, or sells. You may exercise this right twice during a 12-month period.

Email Scams During COVID-19

Phishing emails have already been witnessed offering potential victims everything from false information people infected with COVID-19 to the chance to purchase a vaccine or cure.

The best indication that something is not authentic is that you will be asked to hand over personal information, such as your bank account, Social Security number or even your work log-in credentials. These emails will likely include some level of malware that can infect your device and steal your private data. Never hand over personal or financial details in an email. If feel the email may be legitimate then double check by calling the company to verify it, using contact information from another source, not from the email itself.

Never visit a link or download a file that is included in an email that you were not expecting or that looks suspicious.

Working from Home during COVID-19

See to it that you have turned on the privacy and security settings of your virtual meeting and conference software to avoid interruptions. The Californian AG office recommends that you do the following:

    • Have your meeting ID private and share it directly to  meeting participants without sharing it publicly anywhere. Advise 0ther participants to do the same.
    • Protect the meeting with a password.
    • Disable settings that may default to save chat history
    • If there are any additional security features available enable these also. Every little helps

Home Network Security during COVID-19

Ensure that all online devices have any software patches and updates applied. Also make sure that your wireless router has protection added to it by changing the name of the router and the preset passphrase.

COVID-19 Child Data Protection

During this time if it likely that children confined to home will be spending a lot of time online through leisure time and also for homeschooling reasons. Inforom yourself how safeguard children with the guidance available on the Attorney General’s website here.

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.


Please enable JavaScript in your browser to complete this form.

Patrick Kennedy

Patrick Kennedy is a highly accomplished journalist and editor with nearly two decades of experience in the field. With expertise in writing and editing content, Patrick has made significant contributions to various publications and organizations. Over the course of his career, Patrick has successfully managed teams of writers, overseeing the production of high-quality content and ensuring its adherence to professional standards. His exceptional leadership skills, combined with his deep understanding of journalistic principles, have allowed him to create cohesive and engaging narratives that resonate with readers. A notable area of specialization for Patrick lies in compliance, particularly in relation to HIPAA (Health Insurance Portability and Accountability Act). He has authored numerous articles delving into the complexities of compliance and its implications for various industries. Patrick's comprehensive understanding of HIPAA regulations has positioned him as a go-to expert, sought after for his insights and expertise in this field. Patrick's bachelors degree is from the University of Limerick and his master's degree in journalism is from Dublin City University. You can contact Patrick through his LinkedIn profile:

Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.

Comprehensive HIPAA Training

Used in 1000+ Healthcare Organizations and 100+ Universities

    Full Course - Immediate Access

    Privacy Policy