CIO Dive features Mary J. Hildebrand CIPP/US/E, partner and Chair of the firm’s Privacy & Cybersecurity practice in an article on the privacy and security ramifications of working remotely in the wake of the COVID-19 pandemic. Hildebrand notes that businesses have had to cede “control of the work environment” as everyone turned to Zoom and other online channels, exposing companies to both cybercriminals and potential privacy violations. She also observes that regulators have not been aligned on enforcement of data privacy laws in response to COVID-19, relaxing rules under HIPAA while forging ahead to enforce the California Consumer Privacy Act on July 1. Hildebrand also points to the lack of definitive federal legislation to regulate the collection and use of medical information for purposes of contact tracing. Google and Apple, creators of a framework for mobile apps that notify those at risk for COVID-19, also established parameters for digital contact tracing that include user consent and other privacy features. In a situation where Congress has so far failed to act, it's plausible, says Hildebrand, that private enterprise has taken on “a quasi-governmental role” in an effort to fill the void.