{{announcement.body}}
{{announcement.title}}

How COVID-19 Affects Information Archiving

DZone 's Guide to

How COVID-19 Affects Information Archiving

Should Coronavirus cancel out privacy and archiving laws?

· Cloud Zone ·
Free Resource

At the time of writing this text, in early April 2020, there were 1,348,628 people infected with COVID-19 worldwide, 367,758 across the States. A month later, the figure stands at 4.18 million cases of infection and 1.37 million cases in the US.

It’s been a little over three months since the WHO declared COVID-19 outbreak a global health emergency. In the meantime, the virus has managed to spread across the globe, taking lives, jobs, and families apart.

While it may look bleak, especially now when the death toll continues to climb, China’s experience does provide some hope that this, too, shall pass and that we will one day (though not certain when) come back together with our friends, relatives, and colleagues.

What the virus has managed to achieve in a short span of time is to force us to rapidly adapt. Some countries are fighting the virus back through lockdowns, some introduce curfews, others go about somewhat seemingly more relaxed.

Meanwhile, industries have been pummeled by the sudden shift in business operations. Unemployment has skyrocketed (over 16 million jobs in the US have vanished in a matter of days).

Many industries have hardly anything to work with (travel industry in particular), while others, such as medical care, are swamped with work. Then again, education needs to morph into a fully online experience, which can be a grueling process. The financial industry needs to grapple with the recession. And what about information archiving?

Information Archiving in the Age of Coronavirus

By its nature, information archiving is more of an “in the background” industry, but essential for keeping track of vital information in order to use it when it matters the most. As such, it has its own share of obstacles to overcome.

Information archiving is not the first in line to provide critical resources to those in need or who make key decisions. But it is the first in line to give the decision-makers access to right information.

Now, we don’t want to be overly assuming. Information archiving is not as important as healthcare, government or schools right now. But it does have a role to play to make sure that all pieces of information get where they are most needed. It’s just a piece of the puzzle, but an important one.

So let’s look at some cases where information archiving can make all the difference at a time when all industries are forced to morph and adapt

Archiving WFH Channels, and Security Concerns

One of the immediate effects of COVID-19 is forcing businesses to go remote.

Most companies have introduced working from home, allowing employees to work from their own devices or take business hardware and software home.

While so far, this seems like a working interim option, it sure brings a suite of potential problems.

For one, employees working from home may resort to unofficial enterprise communication tools, using, for example, Facebook Messenger, text, or other instant messaging apps.

This is an issue because if a company doesn’t archive these channels (or can’t archive them due to the technical nature of their vendor) in their course of operation, the information could get lost. This can lead to poor business decisions, penalties, fines, and tarnished reputation.

In their desire to get the task done, some employees might take the easier, more convenient, route and use personal channels to get the message across. And this can cause more damage than not.

It doesn’t have to be anything dramatic, though. It’s enough for one employee to mention the name of a client/case through a channel that’s not protected. If this gets out, your company’s looking at fines for non-compliance, not to mention the lawsuit from the client.

What About Connectivity Issues?

Another issue here is that due to the fact that many are working from home, the network gets overburdened and connectivity issues follow.

In turn, employees might start saving files (and information) locally. And no matter how diligent an employee is, this method is simply prone to errors and loss of business information. And we’re not even looking into the security issues here

While some organizations are better prepared to handle data collection and transfers, work from home could still be an obstacle. According to D. Kessler and A. D’Ambra of Law360.com, the configuration of IT systems can prohibit or limit remote data collection without authorizations. “This configuration may block collection of data in response to discovery requests and its subsequent transfer to hosting and reviewing vendors.”

In the Wake of COVID-19: eDiscovery Requests

While we have a lot to focus on in the short and near term, the reality is that regulated industries, especially government, healthcare, and schools will continue operating. And they will still be held accountable for their work before the general public.

Once the pandemic subdues, the number of eDiscovery and litigation cases will surge. One portion of these requests will come from the backlog caused by the pandemic.

Saving Health, but Harming Privacy?

The other part of surging eDiscovery requests will likely come from those affected by the COVID-19, whether its thousands of patients admitted and treated in hospitals or COVID-designated facilities, families of those who unfortunately passed away, laid-off workers, K12 kids’ parents.

There is serious ground here for people to file their requests to get information.

Everyone who’s been to some effect affected by COVID-19 will likely want to get their entire medical file to read through symptoms and diagnosis.

In some cases this is purely for the sake of curiosity, in other cases it’s to prove mistreatment. Whatever the reason, a request is a request and hospitals will need to address them. And the time to prepare for these requests is already now.

And it’s not about medical files only. Another issue could be social media posts.

There are thousands of pictures and videos taken in hospitals right now, where staff have been shown in grueling conditions, while working to save lives. Some videos have been made by news agencies, others by staff members themselves.

And while these images can inspire people to stay home or show even more support for those on the first line, there’s a crack here through which personal health care information may slip.

What would happen if a patient is recorded in one of these videos and their identity is revealed?

Archiving Remote Education During COVID-19 Outbreak

Education, both K12 and higher education, spark a lot of concern in terms of protecting students’ privacy, while ensuring that amidst the pandemic, students are not cut off from learning. In the wake of the pandemic, schools will be asked to document their remote learning processes.

Right now, the issue is that there is no global policy that would address the privacy or data archiving concerns in the time of coronavirus. Each school district is forced to make do with available resources.

In some cases, this means that some teachers and some students are given school hardware and software to attend the online classes. Other staff and students need to use their own personal devices, which are often not secure and can serve as a perfect leeway for hackers’ foul play.

And it doesn’t have to be as technically demanding as a hackers’ attack.

There have been cases, such as the infamous Robbins v. Lower Merion School District, where students were given computers by school districts. Schools then remotely turned on web cameras and had a look into students’ bedrooms. There were around 66,000 images taken of students in the privacy of their homes. One sophomore student was even being disciplined in school for his behavior at home that was caught on camera, which eventually exposed the school spying scheme.

Speaking of remote web conferencing, in July 2019, a security researcher, Jonathan Leitschuh showed that any website can open up a video-enabled call on a Mac when the Zoom was installed on it. It essentially means a stranger can have a peek into your bedroom at any given time, even when you uninstall Zoom. Zoom later reported fixing this issue.

These frightening incidents give us pause, especially when most schools in the US seem to be switching over to Zoom. While it’s great that students have consistent access to education, there’s plenty of security concerns.

Zoom is known for breach of user privacy, involving faulty end-to-end encryption, sharing sensitive information with Facebook, and “Zoombombing” (where random intruders interrupt the Zoom meetings only to play porn videos or engage in hate speech).

Should Coronavirus Precede Laws?

And these concerns have also spilled over into the public sector, the one sector that needs to keep crucial services working. According to the Financial Times, the US Senate has told its members to avoid using Zoom over privacy concerns. But that’s one tiny fire put down. What happens with the others?

Right now, government agencies are doing their best to keep information flow going. While Zoom has fixed its nagging bug, and now requires a password before you can enter a meeting, government agencies are in a bit of a catch-22 situation.

Under Sunshine laws, governments need to organize public meetings, where everyone has a right to comment. It’s all about finding a way to allow everyone a safe and un-hijacked meeting where public opinion would be upheld. So what to do with all these Zoom bombings?

David Anderson, mayor of the city of Kalamazoo in Michigan has recently talked to NPR on the topic. Back in March, a Kalamazoo city commission was Zoombombed, as intruders hijacked the meeting, spewing racial slurs and profanity.

Since then, Mr. Anderson has been working with the city attorney to find a way ahead and allow public meetings to take place, but keeping the trolls away. One direction he’s thinking about is whether it’s possible to “collect recorded messages in advance and then see whether they’re appropriate to play or not? Does it really have to be in real-time?”

To answer these questions, Mr. Anderson is hoping to get advice from the state government.

And it’s in this dialogue where we can hope to find a feasible solution that would allow government agencies to stay compliant but also stay in touch with the community at a time when it’s needed.

Whatever solution is reached to penalize the breaking of relevant regulations on information archiving once the pandemic is over, one thing is for certain—it’s much better to make an effort now and properly document the entire process.

Documenting Government Procurement Programs

The COVID-19 outbreak has shown how feeble healthcare systems are.

Caught off guard, many national medical care systems have turned to the government for assistance. The lack of medical equipment has prompted governments to run immediate procurements both at home and abroad to get the much needed medical tools.

As a result, governments will be asked to document their medical equipment procurement programs, as well as their procurement processes in other areas.

All this data is subject to NARA and similar laws, which require federal and state agencies to properly document their business operations.

While intentions are noble and can literally save lives, the question remains—does COVID-19 cancel out all other regulations?

Until a conclusion is reached, it’s best we keep in line with archiving regulations and archive as much as possible. That way, we’re preserving proof of proper conduct and retaining evidence that can prove valuable in legal cases that are likely to erupt in the aftermath of the pandemic.

Topics:
compliance management software ,documentation ,information archiving ,information management ,security

Published at DZone with permission of Stefan Vucicevic . See the original article here.

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}