A hospital has a patient with COVID-19. Can it share this information with the media if the patient isn’t named?
A patient in the ER hears the person in the next room coughing. He asks if that person has COVID-19. Can you tell him?
An employee tells her boss she has COVID-19. What can the boss tell the rest of the office?
The corona virus pandemic has led to endless questions about what is and isn’t permissible in both healthcare and other settings. Tackling the issues in this podcast are Joan Podleski, Chief Privacy Officer, Children’s Health; Marti Arvin, Executive Advisor, CynergisTek; and Adam Greene, Partner, Davis Wright Tremaine.
As they explain, for healthcare organizations, there needs, as always, to be great sensitivity to HIPAA and what is considered personal health information (PHI). For employers in the rest of industry, HIPAA generally doesn’t apply but the American with Disabilities Act (ADA) may limit what you can and cannot share. It can even affect how you store the information about a COVID-19 patient in your systems.
Compliance teams need to be alert to these and many other potential issues.
Our podcast guests also advise compliance teams to ensure that IT systems are being used properly by remote employees. The family sitting around the dinner table is great at dinner, but not if there is PHI that the kids can see.
Listen in to learn more about permissible, impermissible and accidental disclosures in the time of COVID-19.