New Guidelines on the Impact of HIPAA on COVID-19 in the Workplace | Bond Schoeneck & King PLLC
On September 30, 2021, the Department of Health and Human Services released guidelines, âHIPAA, COVID-19 Vaccination and the Workplace,â (the guidelines) that detail the ways in which the portability law and Medicare Liability (HIPAA) intersects with inquiries from the workplace and other third parties regarding COVID-19 vaccinations.
The HIPAA privacy rule, at issue here, enforces the use and disclosure of protected health information (PHI) to covered entities and business associates. âCovered entitiesâ include healthcare plans, healthcare clearinghouses, healthcare providers that perform standard electronic transactions, and âbusiness associatesâ are entities that perform certain functions or activities that involve use or disclosure of protected health information on behalf of, or provide services to, a covered entity.
According to the guidelines, the privacy rule is not implied by a company asking whether its employees, customers or customers have received a COVID-19 vaccine. In addition, the rule of confidentiality does not apply when a person (1) is asked about their immunization status by a school, employer, store, restaurant, place of entertainment or other person; (2) ask another person, their doctor or a service provider if they are vaccinated; or (3) ask a business, such as a home care agency, if its staff are vaccinated.
The guide also notes that the rule of confidentiality is not involved when an employee discloses their own immunization status, there is additional information contained in the guide for specific covered entities regarding when they may disclose information from. vaccination without the patient’s consent. Finally, the Guide reminds employers that documentation or other confirmation of vaccination, as long as it is received by an employer, must be kept confidential and kept separate from the employee’s personal files under Title I of the Americans. with Disabilities Act (ADA).