They made such a big deal about HIPAA when it passed and it's a joke now. And it cracks me up when I get all the woke mailings from companies telling me about my "privacy choices" when we have NO privacy anymore.
The healthcare company I work has NEVER asked me about my vaccine status. I have Patients who ask me about it. I tell them I have HIPPA rights as well and I refuse to answer ANY health questions. The funny thing is I cannot ask them if they have HepC or aids or are mentally ill. They don't have to divulge that info to me but they want my info.
Funny, I work from home for a hospital. Back in October just after we fired people for not getting the jab, we had a virtual meeting. Our supervisor told us who had been fired. I'm thinking, isn't that a violation of their privacy? All she had to say is 3 people were let go, not who they were but yep that happened. 🙄
Vaccination status is not considered HIPAA protected, just confidential. I’m a project manager at my company managing the internal development of a vaccine/testing tracking software, we have had this conversation with our very competent legal department and determined that those responsible for maintaining the records do not need to be HIPAA trained because it is not considered HIPAA protected information.
I get the vaccine status piece, I still disagree with it considering how invasive it is. If I were to have signed the medical exemption I would have had to allow them access to my complete medical history "for covid purposes". I invoked religious exemption. But on calls, I will have people say "so and so is out, they have COVID", like it's the hot gossip around the water cooler. These are director+ level people in this company passing this information around to anyone that wants to listen. HR is part of the problem as they're in on the conversations as well... Worst part, we have weekly meetings about how blacks don't get good medical care, stop hating asians, and you're kind of a dick because you're white (I'm paraphrasing). But I don't think I'm exaggerating because I spent 4 hours in training to do a virtual tour of black oppression...
I'm not sure the distinction between confidential and HIPAA. I work in health information. Your medical information is confidential by nature as per HIPAA. If they're trying to say it's not protected information under the law, it sounds like TPTB are going around the privacy law for this particular issue. It's bs.
I have to reply twice, this is such an absurd statement. I’ve worked in healthcare for years, the penalty for exposing a patients phi could potentially cripple a company because of how strict the safeguards are against it. Cyber liability is in the millions for companies with even small (~100k) sets of lives.
True and false simultaneously. Phi protection absolutely applies outside of providing a medical service. If you’re a company that has medical info on people and you run reporting on it that is your duty to safeguard it. Had nothing to do with providing a service. If you don’t deidentify records before studies are conducted or you’re using live records in dev environments and that info gets exposed you’re screwed.
Reporting doesn’t have to be a direct medical service. It can be used for studies unrelated, used by pharma, used by medical device companies and whether you have phi in the report themselves you house the underlying data in your databases. Exposing that or leaking that is an infraction covered under the protection of hipaa. If you’re in a call center and you expose it, if you’re in IT and you email it unencrypted, if it’s exposed on an open port, it all falls under that protection
Without revealing too much, my work protects patient health info… the irony is thicc
I'm an RHIT which is a profession having to do with health information.
They made such a big deal about HIPAA when it passed and it's a joke now. And it cracks me up when I get all the woke mailings from companies telling me about my "privacy choices" when we have NO privacy anymore.
The healthcare company I work has NEVER asked me about my vaccine status. I have Patients who ask me about it. I tell them I have HIPPA rights as well and I refuse to answer ANY health questions. The funny thing is I cannot ask them if they have HepC or aids or are mentally ill. They don't have to divulge that info to me but they want my info.
Funny, I work from home for a hospital. Back in October just after we fired people for not getting the jab, we had a virtual meeting. Our supervisor told us who had been fired. I'm thinking, isn't that a violation of their privacy? All she had to say is 3 people were let go, not who they were but yep that happened. 🙄
Ya HIPPA is a fucking toothless joke too!
Concur 100%. It's amazing how quickly this policy has been violated to the nth degree.
😂😂😂
Dude at my work they literally named the person who have Covid in an email. What the hell?! Talk about invasion of privacy, much less HIPAA.
When someone asks you if you’re vaccinated, ask them if they’re wearing their AIDS virus suppression butt-plug.
Vaccination status is not considered HIPAA protected, just confidential. I’m a project manager at my company managing the internal development of a vaccine/testing tracking software, we have had this conversation with our very competent legal department and determined that those responsible for maintaining the records do not need to be HIPAA trained because it is not considered HIPAA protected information.
I get the vaccine status piece, I still disagree with it considering how invasive it is. If I were to have signed the medical exemption I would have had to allow them access to my complete medical history "for covid purposes". I invoked religious exemption. But on calls, I will have people say "so and so is out, they have COVID", like it's the hot gossip around the water cooler. These are director+ level people in this company passing this information around to anyone that wants to listen. HR is part of the problem as they're in on the conversations as well... Worst part, we have weekly meetings about how blacks don't get good medical care, stop hating asians, and you're kind of a dick because you're white (I'm paraphrasing). But I don't think I'm exaggerating because I spent 4 hours in training to do a virtual tour of black oppression...
I'm not sure the distinction between confidential and HIPAA. I work in health information. Your medical information is confidential by nature as per HIPAA. If they're trying to say it's not protected information under the law, it sounds like TPTB are going around the privacy law for this particular issue. It's bs.
1..never trust lawyers..they have zero honor.
When it’s PHI it is absolutely protected in all levels of transit regardless of the title of person using it.
I have to reply twice, this is such an absurd statement. I’ve worked in healthcare for years, the penalty for exposing a patients phi could potentially cripple a company because of how strict the safeguards are against it. Cyber liability is in the millions for companies with even small (~100k) sets of lives.
True and false simultaneously. Phi protection absolutely applies outside of providing a medical service. If you’re a company that has medical info on people and you run reporting on it that is your duty to safeguard it. Had nothing to do with providing a service. If you don’t deidentify records before studies are conducted or you’re using live records in dev environments and that info gets exposed you’re screwed.
Reporting doesn’t have to be a direct medical service. It can be used for studies unrelated, used by pharma, used by medical device companies and whether you have phi in the report themselves you house the underlying data in your databases. Exposing that or leaking that is an infraction covered under the protection of hipaa. If you’re in a call center and you expose it, if you’re in IT and you email it unencrypted, if it’s exposed on an open port, it all falls under that protection
I know when the railroad tried to make us tell them our prescription the lawyers shut that shit down hard.