Requiring Proof of COVID-19 Vaccination in Boston
I. Background and Problem Definition
In the current situation of continued concerns about COVID-19, major metropolitan cities across the US have decided to require proof of vaccination to anyone wishing to enter restaurants, gyms and indoor venues. This is a widespread practice that seems necessary from a public health perspective. This memo will look at how to address potential privacy and security concerns in order to effectively implement the required vaccination policy in the most effective, private and secure way. The recommendation is to invest in issuing digital vaccination certificates, or passports, and to do that using security and privacy best practices.
II. Methods
This memo draws from research on current practices related to issuing digital certificates for COVID-19 vaccination verification, frameworks like the security threat brainstorming toolkit[1] (the ‘Security Cards’) and general privacy frameworks.
III. Issue Analysis
This memo recognizes the need for digital health certificates to enable a safe reopening of businesses and to build a pathway towards economic recovery. However, it also emphasizes the need to consider equity, access and privacy concerns in order to implement a solution that works for all citizens. From a security perspective, threats from malicious actors include those who would like access health records, those who would like to achieve monetary gain by accessing health record information, or even those wanting to reach political gain. Government-mandated vaccination passports are vulnerable to manipulation risk if not designed properly.
IV. Proposed Solutions
(1) The vaccination passport service should be designed with privacy rights top of mind. Even in a context in the US where data protection regulation is limited, this tool should adhere to industry standards, for example those from the World Health Organization (WHO)’s around data rights like access to data, ability to make corrections to data and ability to delete data should be taken into consideration.
(2) The vaccination passport or digital certificate of vaccination should include a method of authentication to verify that the vaccination card belongs to the person showing it.
(3) Do not store sensitive medical information in a central database to prevent data breaches of the kind that malicious actors would be tempted to perpetrate.
V. Strategic Recommendations
(1) Adherence to the principles around privacy and security of the vaccination passport should be monitored via an independent review body that does not have links or conflict of interest with the review body.
(2) Measures should be put in place by the government institution implementing the digital certificate to prevent temptation of surveillance of its population.
(3) Explicit measures should be put in place so the secured private health information is not misused or exploited by corporate entities, and does not lead to discrimination or bigger inequities on the basis of vaccination status.
