Alan Phillips shared with us the following on our Facebook page recently:
One hospital administrator explained that HIPPA laws pertain to medical records, not administrative records; and that staff immunization status is administrative, and not a medical record (if concerning an arguably medical issue). However, if the reason you are not vaccinated is that you have religious objections to the vaccine, that *would* violate federal civil rights law.
Well, we disagree. My private medical information is NOT an administrative record, and once I am at the receiving end of a vaccination, I am now a patient, and no longer just an employee. Therefore, it is the professional opinion of NAMV that any organization that requires you to wear a mask, a sticker, sends out letters to all staff regarding another employee’s vaccination status, etc. is in violation of HIPAA and possible other privacy laws. How do they know if I have an immune disorder or not that prevents me from obtaining the flu? How do they know that I may have been vaccine injured previously? Shaming and embarrassing employees is not the way to accomplish this. And telling other employees what your vaccination status is, in our opinion, is illegal. Even your supervisor should really not know your vaccination status, unless they are the ones responsible for maintaining your HR file and your medical records for employment- rarely does that happen.
So what can you do? You can file a federal complaint. The more of us that do this, the more and more your employers will get fined, and will get punished for violating patient (and employee) privacy.
http://www.hhs.gov/ocr/privacy/psa/complaint/ is the link to file all privacy and HIPAA complaints.
The Empowered Patient Coalition explains on their website (http://empoweredpatientcoalition.org/report-a-medical-event/file-a-privacy-complaint)
The Privacy Rule, a Federal law, gives individuals rights over their health information and sets rules and limits on who can look at and receive health information. The Privacy Rule applies to all forms of individuals’ protected health information, whether electronic, written, or oral. The Security Rule, a Federal law that protects health information in electronic form, requires entities covered by HIPAA to ensure that electronic protected health information is secure.
If you believe that a covered entity violated your (or someone else’s) health information privacy rights or committed another violation of the Privacy or Security Rule, you may file a complaint with the Office for Civil Rights (OCR). OCR can investigate complaints against covered entities.
Don’t wait. File your complaint today. You have a right to have your vaccination status and your medical records kept private.