Businesses can legally ask employer, customer vaccine status without violating HIPAA

Brittany Arquelles, age 12, prepares for her COVID-19 vaccine Friday June 4, 2021. Dayton Children’s partners with Boys & Girls Club of Dayton to offer COVID-19 vaccine clinic for individuals 12 years and older. MARSHALL GORBY\STAFF

Brittany Arquelles, age 12, prepares for her COVID-19 vaccine Friday June 4, 2021. Dayton Children’s partners with Boys & Girls Club of Dayton to offer COVID-19 vaccine clinic for individuals 12 years and older. MARSHALL GORBY\STAFF
Local News
By Micah Karr
Updated Aug 4, 2021
X

Can businesses legally ask if someone is vaccinated? The Centers for Disease Control and Prevention and the U.S. Department of Health and Human Services say yes.

The Health Insurance Portability and Accountability Act of 1996, known as HIPAA, ensures privacy of medical records through insurance reforms, administrative simplification and cost savings, the CDC’s website states. The HHS issued the “Standards or Privacy of Individually Identifiable Health Information,” also called the Privacy Rule. HIPAA’s privacy rule helps prevent organizations from spreading an individual’s protected health information.

ExploreOhio reports new 21-day high with more than 1,700 COVID cases

The Privacy Rule also sets standards for an individual’s privacy rights to understand and control how their health information is used.

The HIPAA Privacy Rule permits disclosure of health information if it is required by law or for “public health activities and purposes,” the CDC’s website states. The HIPAA Privacy Rule allows disclosure of someone’s health information for the purpose of “preventing or controlling disease, injury, or disability, including but not limited to, the reporting of disease, injury, vital events … and the conduct of public health surveillance … investigations, and … interventions,” the CDC’s website states.

ExplorePopular Oxford bar will require proof of COVID-19 vaccination or negative test for entry

HIPAA applies only to “covered entities,” such as health care providers such as doctors, clinics, pharmacies or nursing homes, a health plan, such as health insurance or a company health plan or a health care clearinghouse, the HHS website says. Therefore, it is not illegal for a business to ask an employee or customer for proof of vaccination. If a business were to contact an employee or customer’s doctor or healthcare provider about their vaccination status and the healthcare provider complied, that would be considered a HIPAA violation.

ExploreYour company can make you get a COVID shot, but many won’t. Here’s why
ExplorePHOTOS: COVID-19 vaccinations seen crucial to economic recovery
In Other News
1
Trotwood-Madison school board ousts elected member Davis over...
2
Frisch’s closings list: The ones that have closed, may close, or are...
3
Parents in Dayton region clicking ‘follow’ on @dytwithkids Instagram...
4
Dayton says there’s only one spot a local passenger rail station should...
5
Estate of 15-year-old killed in Harrison Twp. shootout sues group home...

About the Author

Follow Micah Karr on twitter

Micah Karr, a Beavercreek native has been on a breaking news desk since 2019. She has been part of Ohio Newspapers' Breaking News Team since March 2020 and has enjoyed every minute of it. She is a graduate of Wright State's Media Studies program. Before she worked with Cox Media, she wrote for Wright State's Newsroom.