Choose Site
TECHNOLOGY, OUTSOURCING, AND COMMERCIAL TRANSACTIONS
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS

An annual survey found that the coronavirus (COVID-19) pandemic has influenced decisions made by state chief information officers (CIOs) in 2020 in all areas addressed by the survey. The 2020 State CIO Survey (the Survey) released by the National Association of State Chief Information Officers, Grant Thornton Public Sector LLC and CompTIA (Sponsoring Organizations) was conducted several weeks after the start of COVID-19 and includes the responses from 47 state and territory CIOs.

Information Services Group (ISG) reported that the global outsourcing industry is slowly recovering from the industry’s dip in performance during the second quarter of 2020 due to the coronavirus (COVID-19). Data measuring commercial outsourcing contracts with annual contract values (ACV) of $5 million or more show that third-quarter ACV for the global market rose 3% to $14.6 billion.

In response to the coronavirus (COVID-19) pandemic, technology companies and public health authorities around the world have been developing contact tracing apps as a way to track and thus slow the spread of the virus. Implementation of those apps, however, can raise privacy and cybersecurity considerations.

Contact tracing apps essentially work by gathering information from individuals who have tested positive for the virus and then locating and notifying people with whom those individuals have been in close contact, frequently by use of GRP, Bluetooth, or wireless technology.

As companies adjusted to the “new normal” of coronavirus (COVID-19) restrictions, spending on cloud services has seen a boom. Spending by companies on cloud services exploded in the second quarter to a record $34.6 billion, up approximately 11% from the first quarter of 2020 and 30% from the same period last year, according to research firm Canalys, as reported by the Wall Street Journal.

With the world in various states of lockdown, your organization’s online presence is more important than ever…even more so with official enforcement of CCPA beginning last month. It may be a good time to spend an afternoon reviewing and updating the legal boilerplate on your organization’s website. Here is what we recommend for a basic three-part review to get you started:

  • Privacy Policy. Many clients updated their policy earlier this year to reflect changes required by CCPA. If you fall into this category, then ensuring that the proper version of your privacy policy is reflected on your website, typically in the footer, is a good idea. You would be surprised to know how many clients update their policy, but then fail to actually post the correct version publicly. If you did not recently review your privacy policy, it may be a good time to do so. In addition to seeking advice on changes recommended in light of CCPA, it is also good hygiene to pull the policy and give it a fresh read. Has your organization’s collection practices changed? Has your organization began using or disclosing data differently than it has in the past? A privacy policy only protects your organization to the extent that it is accurate and complete, so periodically spending an hour or so to ensure its accuracy is typically time well spent.

Companies developing digital therapeutics, clinical decision support apps, and other digital health technologies for use in the coronavirus (COVID-19) pandemic should be mindful of FDA’s quickly evolving policies and guidance affecting such technologies. In our recent LawFlash, FDA Regulation of COVID-19 Apps, Digital Therapeutics, and other Digital Health Technologies, we examine recent FDA developments and their implications for companies in the digital health space.

For example, FDA has issued several new guidance documents describing policies of enforcement discretion to help promote the development and availability of digital health technologies for COVID-19. FDA also has issued multiple Emergency Use Authorizations for new COVID-19-related digital health products, and has issued guidance intended to clarify when clinical decision support software is subject to FDA oversight. It is critical for companies seeking to develop digital health technologies for pandemic-related uses to determine whether and how their products may be regulated by FDA.

Although many companies are already revisiting contractual provisions relating to nonperformance, like force majeure clauses, as the coronavirus (COVID-19) pandemic continues to wreak havoc on public health and the economy, other proactive (but less publicized) contractual measures can facilitate early discovery and mitigation of potential nonperformance.

The July 1 enforcement of the California Consumer Privacy Act (CCPA) is one week away. Despite calls by the business community and trade associations to push back the enforcement date to January 2021 due to the coronavirus (COVID-19) pandemic and related disruptions to compliance efforts, the California state attorney general issued a press release on June 2 stating, “Businesses have had since January 1 to comply with the law, and we are committed to enforcing it starting July 1.”

Additionally, on June 1, the attorney general took action to finalize the CCPA regulations by submitting the final text of the proposed regulations to the California Office of Administrative Law, requesting expedited review in an attempt to have the regulations adopted and enforceable by July 1.

In case you missed it, the Morgan Lewis COVID-19 Legal Issue Compendium provides an overview of our firm’s key publications covering the legal and regulatory landscape relating to the coronavirus (COVID-19) pandemic. It includes both business management and industry-specific issues challenging executives and in-house legal teams around the world. Links to our publications are embedded within the compendium.

As businesses across America begin to reopen in the wake of the coronavirus (COVID-19) pandemic, many will likely implement new social distancing and sanitization procedures. That got us thinking about how companies may choose to use touchless authorization technologies like facial recognition as the main form of entry into their facilities, rather than continuing to use tools such as keypads or fingerprint scanners that require many people to repeatedly touch the same surfaces daily.