Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

3/19/2021
08:20 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Forrester: Despite COVID-19 Vaccine Deployment Underway, Employers Must Exercise Caution as They Plan to Reopen Physical Offices

CAMBRIDGE, Mass., March 18, 2021 — As COVID-19 vaccine deployment and mass vaccination programs get underway, employers are at a new decision point: how to accelerate the “back to normal” without overstepping their bounds. According to Forrester (Nasdaq: FORR), 40% of European and 30% of US employees are ready to return to the office, requiring employers to prepare for an array of new privacy, ethical, legal, and compliance challenges as they plan to leverage vaccine and immunization passports to return employees to the workplace. 

From doubts about vaccines’ effectiveness to significant country-by-country variation in administration priorities, employers need to be cautious as they define their pandemic management plans. In its new report, "The Opportunity, The Unknowns, And The Risks Of Vaccine Passports In The Workplace," Forrester identifies several risks that employers must address if deploying vaccine passports — a digital document that provides evidence of an individual’s immunization status — to inform their return-to-work strategies. Risk exposure includes sensitive data mishandling, discrimination, labor union mobilization, diminished cybersecurity, and negative impact on the customer experience. 

Key highlights from the reports include: 

  • Vaccines are not a silver bullet. Factors ranging from global vaccine strategies to early-stage understanding of the virus, its variants, and efficacy of the vaccine mean employers must plan to continue anywhere-work policies and hybrid experiences to balance convenience with well-being. 
     
  • Avoid the privacy and ethical pitfalls of a “no jab, no job” policy. Forty percent of European and 30% of US employees are ready to return to the office, but asking employees to carry proof of inoculation with them to enter the workplace introduces privacy and ethics risks. 
     
  • Follow principles of proportionality, fairness, and transparency. Employers should collect only the minimum amount of data needed to trigger specific policies. They should encrypt medical data and enforce strict access, sharing, and deletion policies to ensure fairness and protection. 
  • Employers must navigate compliance and legal risks. In the US, the Equal Employment Opportunity Commission (EEOC) agreed that employers can make the vaccine mandatory for employees, but several state legislatures have challenged the legality of such a requirement. In the EU and UK, each country has its own approach. 
  • Be mindful of customer experience and perceptions. Relaxing protocols for distancing, sanitization, and mask wearing in customer-facing interactions risks a negative impact on how customers perceive a brand and their willingness to do business with the organization. 

“While COVID-19 is loosening its grip, it’s not going away,” said Enza Iannopollo, senior analyst at Forrester. “Vaccine passports don’t offer the silver-bullet solution that many might hope for easing pandemic protocols and restrictions, and businesses should be planning for life with COVID in the medium to long term. Our overarching message to organizations everywhere is one of caution. With the right planning and consideration, the return to work will be smoother and more successful for all involved.” 

Related Resources: 

About Forrester  

Forrester (Nasdaq: FORR) is one of the most influential research and advisory firms in the world. We help leaders across technology, marketing, customer experience, product, and sales functions use customer obsession to accelerate growth. Through Forrester’s proprietary research, consulting, and events, leaders from around the globe are empowered to be bold at work — to navigate change and put their customers at the center of their leadership, strategy, and operations. Our unique insights are grounded in annual surveys of more than 675,000 consumers, business leaders, and technology leaders worldwide; rigorous and objective research methodologies, including Forrester Wave™ evaluations; over 45 million real-time feedback votes; and the shared wisdom of our clients. To learn more, visit Forrester.com.  

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32697
PUBLISHED: 2021-06-21
neos/forms is an open source framework to build web forms. By crafting a special `GET` request containing a valid form state, a form can be submitted without invoking any validators. Form state is secured with an HMAC that is still verified. That means that this issue can only be exploited if Form F...
CVE-2020-19510
PUBLISHED: 2021-06-21
Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php.
CVE-2020-19511
PUBLISHED: 2021-06-21
Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes,
CVE-2021-21422
PUBLISHED: 2021-06-21
mongo-express is a web-based MongoDB admin interface, written with Node.js and express. 1: As mentioned in this issue: https://github.com/mongo-express/mongo-express/issues/577, when the content of a cell grows larger than supported size, clicking on a row will show full document unescaped, however ...
CVE-2021-0532
PUBLISHED: 2021-06-21
In memory management driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185196177