Data privacy during the COVID-19 pandemic COVID-19


ON Apr 07, 2020

The Covid-19 pandemic brings new technological challenges to healthcare and public health services. Many organizations are currently evaluating their options to use digital tools for continuing daily business or developing new applications to respond to the pandemic without compromising data security and privacy. Providers are limiting their face-to-face interactions with patients by moving part of their services to telehealth or video chat applications. Even during this public health crisis, organizations are still required to comply with data privacy laws such as HIPAA, 42 CFR Part 2, CCPA, and are also expected to respect patient, user, or employee privacy.

Public health emergencies are among those few exceptions where gathering data from individuals and sharing their sensitive health information can serve the common good. Yet, it also increases vulnerability to security and privacy threats. Even in times when detailed surveillance data is critical to contain the pandemic we can still maintain a human-centric approach and preserve data privacy.

Digital health services have long been facing barriers to automate and integrate privacy into applications to streamline data exchange. The inability to integrate granular consent or organizational policies into data flow is an important one. With the global pandemic and increased need to integrate digital technology to manage sensitive data, these problems have become more evident than ever.

ConsentGrid™ offers the technical solution that will greatly benefit organizations responding to the pandemic. It is designed to integrate privacy attributes into data flow and to streamline the interaction across different organizations. ConsentGrid™ is an automated privacy platform that streamlines telehealth and mental health services with opt-in consent integration, data anonymization and pseudonymization for analytics and reporting, and responds to all privacy concerns during service and integration (see our privacy governed data flow architecture).

ConsentGrid™ can help organizations with:

  • Just-in-time opt-in consent for sensitive geolocation data (CCPA requirement),
  • Anonymization or pseudonymization of data,
  • Data surveillance,
  • Data aggregation,
  • Contact tracing of carriers, Covid-19 cases, vulnerable groups,
  • Granular context-aware consent for exchanging sensitive medical data,
  • Centralized consent support for collaborating parties, and
  • Integration of privacy controls into data flow.

ConsentGrid’s privacy architecture is suitable for telehealth, mental health, and other health and wellness applications, as well as for data exchange systems used by medical providers, state and government agencies.

Please contact us at to learn how ConsentGrid™ can help your organization fight the pandemic.