Don't gamble with your company's investigation process.

Learn about i-Sight software today

Balancing Employee Privacy and the Protection of Coworkers During the Pandemic

Tips for protecting infected employees’ medical data as well as their coworkers’ health and safety

Posted by Timothy Dimoff on August 18th, 2020

During and even after this pandemic, it’s important for employers and businesses to know how to deal with employee privacy issues while still protecting other employees. It’s a balancing act between respecting employee privacy rights and the pressure to keep other employees safe.

Once the word spreads that someone is either symptomatic or confirmed to have COVID-19, rumors will begin to circulate. When employees come to you for verification, tell them only what is allowed: medical information of a confirmed or suspected case, without any additional information, including the infected employee’s name.

 

Help employees protect themselves and others.

Whether your office has been open for months or a few days, employees might need a reminder of your new COVID-19 protocols. Hang our free poster in common areas to remind employees to practice safe and healthy habits upon their return to the workplace.

Get the Poster

Government Guidance

 

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently issued a bulletin in the wake of the coronavirus outbreak. It reminds companies that the HIPAA Privacy Rule applies only to “covered entities” (health plans, health care clearinghouses and those health care providers that conduct covered health care transactions electronically) and their “business associates” (entities that perform certain functions, activities or services on behalf of covered entities).

While emphasizing that “the protections of the Privacy Rule are not set aside during an emergency,” OCR reiterated that the Privacy Rule does permit covered entities to disclose protected health information without individual authorization to a public health authority, to a foreign government agency and to persons at risk, all under certain conditions.

The Equal Employment Opportunity Commission (EEOC) offers some guidance on workplace privacy issues during a pandemic in a preparedness resource that addresses the scope and applicability of the Americans with Disabilities Act. This states that during a pandemic, employers may ask employees if they are experiencing flu-like symptoms, but employers “must maintain all information about employee illness as a confidential medical record in compliance with the ADA.”

 

What to Do If an Employee Tests Positive

 

If you have an employee who tests positive for COVID-19, you should notify their coworkers. Do not reveal the employee’s name or other information that might identify them. Limit notifications to coworkers and possibly to customers who have a legitimate reason for concern for their own health.

Inform employees and those in close contact with the COVID-19 positive employee that there is a positive case among the employees and advise them to be vigilant in monitoring their own health. If asked who the coworker is, don’t confirm or deny anything except to say there is a positive case. Remind them that medical information is private and you must respect their colleague’s rights.

If an employee has unconfirmed symptoms, or notifies you that they are experiencing coronavirus signs, your response should be the same as if they tested positive. There may be a wait for confirmation, so it’s important to be vigilant.

 

Balancing Employee Privacy and Safety for the Long-Term

 

Lastly, you should amend your employee handbooks to include internal policies for the effects of a virus pandemic in the workplace. This should include a policy on collection of data and any laws or regulations that may apply.

If you have any questions about these issues, you should contact your attorney for additional guidance.


Timothy Dimoff
Timothy Dimoff

President, SACS Consulting & Investigative Services

Timothy A. Dimoff, CPP, president of SACS Consulting & Investigative Services, Inc., is a speaker, trainer and author and a leading authority in high-risk workplace and human resource security and crime issues.
He is a Certified Protection Professional; a certified legal expert in corporate security procedures and training; a member of the Ohio and International Narcotic Associations; the Ohio and National Societies for Human Resource Managers; and the American Society for Industrial Security. He holds a B.S. in Sociology, with an emphasis in criminology, from Dennison University.

Visit Website

Book A Demo

To our customers: We’ll never sell, distribute or reveal your email address to anyone. Privacy Policy

Want to conduct better investigations?

Sign up for i-Sight’s newsletter and get new articles, templates, CE eligible webinars and more delivered to your inbox every week.