the essential EHR system selection guide - free download

    insync healthcare solutions revenue cycle management services

      2 min read

      Is it Illegal if My Employer Demands My COVID-19 Vaccine Status?

      Featured Image

      Can your employer ask you about your vaccination status and force disclosure of PHI? The short answer is, “Yes, but…” But it’s not as straightforward as that. As the United States continues to relax mask restrictions and open back up, the question of who needs to know about employees’ vaccination status has become a hot topic.

      It's OK For Employers to Ask About Vaccinations, But There Are Right and Wrong Ways to Go About Requesting Patient Information

      Before you say, “Wait, that’s my protected HIPAA information!” take a moment to remember that the Health Insurance Portability and Accountability Act applies to covered entities such as providers, health plans, clearinghouses, and their business associates.

      Although you may be employed by an organization that is a covered entity, be aware that HIPAA rules do not extend to certain areas. For example, employers are not HIPAA-covered entities. So, if an employer asks for proof of vaccination in order to allow an employee to stop wearing a mask, the request may be permissible.

      schedule a demo with insync healthcare solutionsThere might be other federal and individual state laws governing additional aspects of that conversation.

      The employee may also have special protections that the employer is unaware of and should therefore have that conversation with their employer. Employers should consult with the Human Resources and privacy laws that apply to their jurisdiction.

      Employers should also exercise caution when they are sourcing information regarding federal and state mandates; only credible sources should be utilized. Applicable policies and procedures may require updating to remain relevant.

      This is why the short answer is, “Yes, but…”.

      For fully vaccinated people providing their status, your employer may still request that you wear a mask as part of your workplace attire. Just like they might require you to wear a jacket or ask you to leave your flip-flops at home.

      What Would Be a HIPAA Violation?

      The official answer, according to the Department of Health & Human Services is this. HIPAA Rules generally require that covered entities and business associates enter into contracts with each other in order to ensure that they will appropriately safeguard protected health information and medical records.

      A business associate may use or disclose protected health information only as permitted or required by its business associate contract or as required by law.

      How does this apply to an employer inquiring about whether or not an employee got his or her vaccination?

      A violation occurs when your employer calls your doctor to request your vaccination status, and the physician gives the information without your consent. The violation would be the physician releasing the information from your medical records – not necessarily the employer requesting the information.

      As the COVID-19 pandemic continues, many facets of the long-term implications remain unknown. Clear communication of expectations between employer and employee is vital to successful navigation.

      InSync Offers Peace of Mind with HIPAA-Compliant EHR Software

      When it comes to HIPAA regulations, it's always better to be proactive than reactive - to remain informed and compliant. Part of that proactive approach includes:

      • Accurate and thorough risk assessments to identify potential risks and vulnerabilities

      • Implementation of a risk management plan to address those risks and vulnerabilities

      • Implementation of an EHR software with security standards that fully align with and support a HIPPA-compliant ecosystem

      Schedule a demo with InSync Healthcare Solutions and get a closer look at how the InSync EHR can support your growing medical practice.

      schedule a demo with insync healthcare solutions


      Department of Health and Human Services:

      Business Associate Contracts: Sample Business Associate Agreement Provisions


      2021 Section 179: Up to $1 Million in Tax Credits but Time is Short

      The deadline to qualify for up to a million-dollar tax deduction on the 2021 purchase of new EHR software is Dec. 31. Sound too good to be true?...

      Read More

      Chronic Absenteeism: An Effective Barometer For Gauging Students' Mental Health Needs

      This isn't just about skipping school. This is about students with mental and neurodevelopmental disorders (or who self-harm) are more prone to...

      Read More

      November 2021 EHR & Practice Management System Updates

      Keeping up with constantly changing industry standards and innovations is no simple task for medical practices today. This is especially true of...

      Read More