Home Archives January 2007 HR: Navigating the medical-rights minefield

HR: Navigating the medical-rights minefield

| Print |  Email
Monday, January 01, 2007

If you are like the vast majority of employed people, you have learned something at work about a co-worker’s illness or medical condition. It can be as specific as someone telling you about their medical issues, or as vague as someone commenting in hushed tones that they heard a fellow employee has a serious or terminal illness.

Some privacy rights follow employees into the workplace, and other rights are conveyed by specific laws and regulations. Employers are challenged in understanding the obligations and restrictions placed on the exchange of information about employees and their personal medical status.

First, the basics: There is a law covering almost all employers that says any information about medical conditions and treatments is Protected Health Information (PHI), and that employers must take great care in how they communicate that information with benefit plan providers and within the organization. That law is the Health Insurance Portability and Accountability Act (HIPAA).

Another law, the Americans with Disabilities Act (ADA), requires employers with 15 or more employees to reasonably accommodate employees with disabilities.

A “disability” is defined as:

  • a physical or mental impairment that substantially limits one or more major life activities;
  • a person with a record of such an impairment; or
  • a person regarded as having such an impairment.

Some examples of major life activities are such things as walking, sitting, standing, seeing, hearing, breathing, working, and caring for oneself. The law also requires that the medical condition requiring accommodation not be disclosed by the organization to others, including, in most cases, the supervisor and co-workers.

These privacy requirements necessitate a delicate balancing between the employee’s right to personal privacy on the job and the employer’s need to maintain a safe, efficient and productive workplace. The simple act of sharing a medical diagnosis with the employee’s supervisor without the employee’s express (written) permission, even when the employee is the one who told you their condition, can result in a violation of the employee’s right to privacy. 

So is there a way through this maze? The answer is a qualified “yes.”  Here is what employers need to do.

  • Be aware of the privacy requirements contained in the various laws that pertain to the organization.
  • Assure employees that the organization takes its responsibility to maintain appropriate employee privacy seriously.
  • Encourage employees to share critical information with key parties on their own, or authorize in writing the sharing of that data. Any such authorization should include what information is to be shared and with whom.
  • Have a written policy about the confidentiality of employee information, including any medical information that the employer becomes aware of.
  • Train supervisors and managers about the privacy requirements and strongly advise that no inappropriate disclosure of information is to occur.
  • Have a process by which employees can bring to management’s attention any concerns they have about the inappropriate disclosure of personal information.

This last step is critical because it gives an organization an opportunity to try to resolve any issues or correct problems before an employee takes their concern to an outside attorney specializing in privacy lawsuits.

In this day when the fears about “big brother” are too often being realized, we all want our personal information to stay private at work. By taking this concern seriously and working to have appropriate protections in place, employers can create greater trust with employees and meet compliance requirements at the same time.

— Judy Clark, SPHR
CEO, HR Answers
This e-mail address is being protected from spambots. You need JavaScript enabled to view it


Resources

EPIC is a public interest research center in Washington, D.C, created to focus public attention on emerging civil liberties issues and to protect privacy, the First Amendment, and constitutional values. Go to www.epic.org.

The Office for Civil Rights–HIPAA addresses such issues as medical privacy and the National Standards to Protect the Privacy of Personal Health Information. Go to www.hhs.gov/ocr/hipaa.

The Center for Democracy and Technology is a nonprofit public policy organization “dedicated to promoting the democratic potential of the Internet.” Check out its medical information section at www.cdt.org/privacy/medical.

The Health Privacy Project’s Fact Sheet 8 explains how private your medical records really are. Go to www.privacyrights.org/fs/fs8-med.htm.

 

 

 

More Articles

The Alchemist

September 2014
Tuesday, August 26, 2014
BY LINDA BAKER

David Howitt explains why Portland consumer brands like Stumptown and Voodoo Doughnuts are taking the world by storm.


Read more...

Updated: Disrupting innovation

News
Tuesday, July 08, 2014
070814 thumb disputive-innovationBY LINDA BAKER  | OB EDITOR

The New Yorker recently published a sharply worded critique of “disruptive innovation,” one of the most widely cited theories in the business world today. The article raises questions about the descriptive value of disruption and innovation  — whether the terms are mere buzzwords or actually explain today's extraordinarily complex and fast changing business environment. 

Update: We caught up with Portland's Thomas Thurston, who shared his data driven take on the disruption controversy.


Read more...

Video: The 100 Best Survey

News
Thursday, August 28, 2014

100-best-logo-2015 500pxw-1OB Research Editor Kim Moore shares some pointers about the 100 Best Companies to Work For survey.


Read more...

Podcast: Interview with Steve Balzac

Contributed Blogs
Tuesday, August 19, 2014

082014BalzacBY TOM COX | OB BLOGGER

Tom Cox interviews Steve Balzac, author of "Organizational Psychology for Managers."


Read more...

Private liberal arts education: superior outcomes, competitive price

Contributed Blogs
Tuesday, August 26, 2014
0826 thumb collegemoneyBY DEBRA RINGOLD | OP-ED CONTRIBUTOR

Why has six years become an acceptable investment in public undergraduate education that over-promises and underperforms?


Read more...

Is this employee right?

Contributed Blogs
Wednesday, August 13, 2014
081314 thumb employeefeelingsBY TOM COX | OB BLOGGER

When I say, “Your Employee is Always Right,” I do not mean “right about the facts,” but rather “right about how they feel” and “right about how they want to be led.”


Read more...

Attack of the Robin Sages

Contributed Blogs
Monday, July 07, 2014
070714 thumb linkedinfakesBY TOM COX | OB BLOGGER

Named after the 2010 experiment by Thomas Ryan, "Robin Sages" are fake social media profiles designed to encourage linking and divulging valuable information.


Read more...
Oregon Business magazinetitle-sponsored-links-02
SPONSORED LINKS