COVID-19 and Privacy: The World Health Organization Introduced Guidance on Digital Documentation of COVID-19 Certificates: Vaccination Status

The World Health Organization (“WHO”) published, on 27 July 2021, Digital Documentation of COVID-19 Certificates: Vaccination Status — Technical Specifications and Implementation Guidance (“Guidance”). The purpose of the Guidance is to outline a method for constructing a signed digital version of a COVID-19 vaccination record based on a core data set of important information to be recorded, as well as a method for digital signing. It is expressed that the Guidance is driven by the ethics, use cases, and requirements for Digital Documentation of COVID-19 Certificates: Vaccination Status (DDCC: VS), which are based on existing free and open standards.

While it is noted that the primary target audience of this Guidance is national authorities tasked with overseeing the creation or development of a digital vaccine certification solution for COVID-19, the Guidance could also be useful to government partners such as local businesses, international organizations, non-governmental organizations and trade associations, who may need support from the Member States in developing or deploying a DDCC: VS solution.

The Digital Documentation of COVID-19 Certificate (“DDCC”) is introduced in the context of the COVID-19 pandemic as a mechanism that a person’s COVID-19-related health data can be digitally documented via an electronic certificate. It was also explained that a digital vaccination certificate that documents a person’s current COVID-19 vaccination status can therefore be utilized for continuity of care or as proof of vaccination for non-healthcare purposes. It has been stated that the work resulting from this approach is called DDCC: VS.

In the Guidance, there are two scenarios about vaccination certificate types that are considered:

- A vaccination certificate is a health document that records a vaccination service received by an individual, traditionally as a paper card noting key details about the vaccinated individual, vaccine administered, date administered, and other data in the core data set.

- Digital vaccination certificates are immunization records in an electronic format that are accessible by both the vaccinated person and authorized health workers, and which can be used in the same way as the paper card: to ensure continuity of care or provide proof of vaccination.

Two uses for DDCC: VS are covered in the Guidance. First, it was stated that the primary purpose of a vaccination certificate can be achieved by using it for continuity of care. While it is stated that vaccination records are an important part of an individual’s medical records from birth, these records show which vaccinations an individual has had as part of their medical history, individuals and caregivers; therefore, it has been described as supporting informed decision making regarding any future healthcare delivery. In the Guidance, the use of DDCC: VS in this context is to provide a basis for healthcare professionals to provide a subsequent dose and/or appropriate healthcare services, provides schedule information for an individual to know whether another dose, and of which vaccine, is needed, and when the next dose is due, enabling investigation of adverse events by healthcare professionals according to current guidance on post-immunization adverse events.

It can also be used for proof of vaccination status in different non-health-related fields. Examples of usage areas include determining the vaccination status of individuals in coverage monitoring surveys, determining the vaccination status after a positive COVID-19 test, understanding the effectiveness of the vaccine, work, university education, international travel.

Additionally, minimum requirements were set by WHO to implement DDCC: VS. and it is emphasized that digital vaccination certificates should meet the public health needs of each WHO Member State as well as the needs of individuals around the world and that inequality should never be created due to lack of access to certain software or technologies. Therefore, it is stated that the recommendations for the implementation of DDCC: VS given in the Guidance have been developed to apply to the broadest use cases addressing many different levels of digital maturity across implementing countries.

Ethical issues such as potential consequences on fairness and equitable access, as well as data protection standards, should guide the creation of specifications and provide direction on how the resulting solutions can be applied ethically, as with any digital solution. As such, the Guidance goes through some of the most important ethical issues and data protection standards that any DDCC: VS should include in its distributions, where the Member States are encouraged and have legal requirements.

While the Guidance notes that the design, development, and implementation of a DDCC: VS for domestic use raises many ethical issues, recommendations are given focusing on the two priority uses of DDCC: VS for Proof of Vaccination and Continuity of Care. The recommendations given in this context are as follows:

- The scope of use of a DDCC: VS should be clearly defined.

- Potential benefits, risks, and costs should be assessed before the introduction of a DDCC: VS.

- Obtaining and using a DDCC: VS. should be as inclusive and fair as possible.

- All necessary measures should be put in place to protect participants for continuity of care.

- All communication should be clear and transparent.

- The DDCC: VS should be constantly monitored for impact and adjusted as necessary.

The Guidance also refers to fundamental data protection principles for the DDCC: VS as a prerequisite for continuity of care and proof of vaccination. Accordingly, the principles are intended to guide the national authorities responsible for creating or overseeing the development of the DDCC: VS. As a result, the goals are to encourage the Member States to adopt or adapt their national laws and regulations as needed, to respect personal data protection principles, and to ensure respect for individual human rights and fundamental freedoms, particularly the right to privacy, to increase trust in the DDCC: VS implementation. The data protection principles given in this context are as follows:

- Lawful basis, legitimate use, and fair processing principle is expressed as personal data gathered in the course of applying the DDCC: VS should be treated fairly and without discrimination, based on the data subject’s consent, the need to protect the data subject’s or another data subject’s vital interests, or specifically justified by legitimate public health objectives.

- Transparency principle means that the data subjects should be provided with easily accessible, concise, comprehensible, and reader-friendly information in unambiguous language.

- Purpose limitation and specification principle is defined in the Guidance as to the use of data for any other purpose, including the sale and use of personal data for commercial purposes, should be prohibited, except with the explicit, unambiguous, and freely given prior consent of the data subject.

- Proportionality, necessity, and data minimization principle is expressed as the processing of personal data should be relevant, adequate, and limited to what is required to fulfill the specified purposes.

- Confidentiality and security principle requires the personal data processed in the context of the DDCC: VS should be kept private and not shared with unauthorized parties; personal data should be accessible only to the data subject or other explicitly authorized parties.

- Data subject rights, complaints, and legal redress principle means that the DDCC: VS Holders if they have provided sufficient evidence of being the DDCC: VS Holder, should be able to exercise data subject rights.

- Independent oversight and accountability principle requires an independent public authority should be responsible for monitoring whether any data controller and data processor involved in the processing of personal data in the interest of the DDCC: VS adhere to the principles.

In further, DDCC: VS core dataset containing data items on the subject of care and vaccine administration events required for the two key scenarios: Continuity of Care and Proof of Vaccination. It is stated that stakeholders and systems can use the DDCC: VS core dataset as defined or continue to use their existing terminology with a map to the DDCC: VS core dataset as long as it includes the required data items in DDCC: VS. The basic data set proposed by WHO in the Guidelines is intended to include critical data required for interoperability specific to use scenarios defined and guided by public health need.

Esra Temur