Navigating HIPAA and COVID Positive Employees in the Workplace

Author

Reads 561

Healthcare worker checks woman's temperature during COVID-19 pandemic in Lima, Peru.
Credit: pexels.com, Healthcare worker checks woman's temperature during COVID-19 pandemic in Lima, Peru.

HIPAA requires employers to maintain the confidentiality of employees' health information, including COVID-19 test results. Employers must ensure that only authorized personnel have access to this information.

Employers can require employees to disclose their COVID-19 status, but they must do so in a way that is consistent with HIPAA guidelines. For example, employers can ask employees to sign a form acknowledging their COVID-19 status, but they cannot share this information with anyone else.

The Centers for Disease Control and Prevention (CDC) provides guidance on how to handle COVID-19 cases in the workplace. Employers should follow the CDC's recommendations for contact tracing, which involves identifying and notifying individuals who may have been exposed to the virus.

If an employee tests positive for COVID-19, employers must take steps to prevent further transmission, including notifying employees who may have been exposed and providing guidance on quarantine and isolation procedures.

Explore further: Ecoa and Reg B Apply to

HIPAA and Employee Privacy

Employers must follow health information privacy laws on COVID-19 matters as outlined by federal and state laws. The CDC recommends appointing a workplace coordinator to handle COVID-19 issues.

Expand your knowledge: Wa State Hipaa Laws

Credit: youtube.com, HIPAA, Employee Privacy Protections, and COVID-19

Medical information about an employee must be kept confidential and stored separately from their personnel file. Employers cannot require antibody testing in order to allow an employee to return to work.

HIPAA requires that protected health information be kept private and secure by any "covered health entity" or business associate. This includes employers with self-insured health plans.

Testing records must be confidential, and an employee's identity cannot be revealed if they test positive. Employers must also consider the implications of a positive test result, including exposure implications for employees who may have come into contact with the positive employee.

Here are some key points to consider:

  • Employers must keep medical information confidential and separate from personnel files.
  • Employers cannot require antibody testing for return to work.
  • Testing records must be confidential, and employee identities cannot be revealed.
  • Employers must consider exposure implications for employees who may have come into contact with a positive employee.

HIPAA Violations and Consequences

Employers who are not covered entities under HIPAA are not restricted in their ability to ask employees about COVID-19 test results. However, employers with self-insured health plans are required to safeguard protected health information (PHI).

If an employer fails to safeguard PHI, it can result in an employer HIPAA violation. This can happen if the employer doesn't keep testing records confidential, or if they reveal an employee's identity after a positive test result.

Employers who commit HIPAA violations can face serious consequences, including fines and jail time. In extreme cases, they may even be held liable for wrongful termination if they fire an employee for refusing to disclose PHI.

For more insights, see: 401k Requirements for Employers

Is Violating a Crime?

Credit: youtube.com, 3 Examples of HIPAA Criminal Penalties at Every Tier

HIPAA violations can indeed be a crime, but only under certain circumstances. Failing to disclose protected health information (PHI) without a valid reason can result in a fine, jail time, or both.

Employers are generally allowed to ask employees about their COVID-19 test results if it's necessary to maintain a safe workplace. This was the case with Enterprise Leasing, where the employer had the right to ask about the test results of an employee who had been exposed to a family member with COVID-19.

In one notable case, Christopher Wells was terminated for refusing to disclose his and his family members' COVID-19 test results to his employer. Wells believed that disclosing the information would be a crime under HIPAA.

A unique perspective: Fmla Employer Guide

Employer HIPAA Violations

Employer HIPAA Violations can be costly and damaging to your reputation. HIPAA applies to employers with self-insured health plans, which means they must safeguard protected health information (PHI).

Employers' human resources departments often collect information on employees that may be considered PHI, but if it's not used for healthcare purposes, they're not subject to HIPAA. However, if they fail to safeguard their employees' PHI, it's considered a HIPAA violation.

Curious to learn more? Check out: Does Hipaa Apply to Employers

Credit: youtube.com, Spot the HIPAA Violations

Testing records must be confidential, and employees' identities cannot be revealed if they test positive. Testing, screening, or inquiries that are not necessary to address a direct threat are prohibited.

If an employee has a medical condition that requires alternative testing, the employer must make accommodations for such testing. Employees should be required to consent in writing to the screening.

Employers must consider the implications of a positive test result, including exposure implications for employees who may have come into contact with the positive employee. There should be predetermined conditions for an employee who tests positive to be able to return to the workplace.

Recommended read: Hipaa Penetration Testing

Organizational Protocols and Guidelines

Organizational protocols and guidelines are crucial in managing COVID-19 cases in the workplace. These protocols typically require individuals who have been flagged during the employee COVID screening process to self-isolate or self-quarantine.

A positive COVID-19 test result may require up to two weeks of isolation. This period can be a challenging time for employees, but it's essential to prevent the spread of infection.

See what others are reading: Hipaa Self Assessment

Credit: youtube.com, What healthcare organizations need to think about when going remote

Anyone who was in contact with the infected or symptomatic person should be alerted to reduce the spread of infection. Work policies will guide leave, reporting, and return to work after medical clearance.

Employers must comply with health information privacy laws while following these CDC-recommended procedures. This means maintaining confidentiality and only sharing necessary information with relevant parties.

Covid-19 and Public Health

COVID-19 is a public health threat, giving employers more discretion in obtaining health information that's usually limited under HIPAA and other privacy laws.

Employers can ask employees if they have a positive COVID-19 test, possible exposure from personal contacts, or travel to high-risk areas, as the CDC recommends.

The CDC encourages employers to ask about employees' age or medical history that may put them at high risk.

Labor and employment law experts confirm that employers can legally ask employees for this information.

Businesses and employers are given more leeway because this information is considered critical for risk assessment and planning for business continuity.

Employers are not bound by federal HIPAA laws that require protected health information to be kept private and secure in this case.

If this caught your attention, see: Whistleblower Laws Private Sector

Electronic Health Records and HIPAA

Credit: youtube.com, HIPAA in the time of COVID 19: Recent updates and enforcement actions

Electronic Health Records and HIPAA are closely linked. You can access, organize and securely share your electronic health records (EHR), which include lab results, prescribed medications and treatment plans.

Electronic health records are protected by HIPAA, which is a federal law that requires healthcare providers to keep your medical information private. This includes information about your lab results, medications and treatment plans.

HIPAA sets standards for who can access your electronic health records, and how they can be shared. This means that only authorized healthcare providers can access your records, and they must follow strict guidelines for sharing your information.

Your electronic health records are a valuable resource for managing your healthcare, and HIPAA helps ensure that they are kept safe and secure.

Jackie Purdy

Junior Writer

Jackie Purdy is a seasoned writer with a passion for making complex financial concepts accessible to all. With a keen eye for detail and a knack for storytelling, she has established herself as a trusted voice in the world of personal finance. Her writing portfolio boasts a diverse range of topics, including tax terms, debt management, and tax deductions for business owners.

Love What You Read? Stay Updated!

Join our community for insights, tips, and more.