Employers seeking medical information from employees will be the new paradigm
Our nation should reopen for business when three thresholds are reached. First, hospitals must be safely able to treat all COVID-19 patients without resorting to a crisis standard of care. Second, we need to be able to test everyone for COVID-19. Third, there must be a sustained reduction in COVID-19 cases over a period of time. These goals will be achieved. We just do not know when.
One thing that will change for employers after the pandemic subsides is that employers will take a more aggressive interest in the health of their employees. As good as they are, employer sponsored wellness programs will be eclipsed by employers questioning whether their employees are infectious.
Until March 2020, a variety of federal laws caused U.S. employers to avoid inquiring about their employees' health. Perhaps the most well-known of these laws is the Health Insurance Portability and Accountability Act of 1996 (HIPAA) which gives individuals rights over the privacy of their health information, including the right to get a copy of the information, make sure it is correct, and know who has seen it.
Contrary to proverbial wisdom, most employers are not covered by HIPAA. However, the business agent agreements companies sign with other entities often incorporate HIPAA practices into a workplace that would not ordinarily be regulated by HIPAA.
Similarly, both the Americans with Disabilities Act (ADA) and the Rehabilitation Act served as strong disincentives for employers to administer medical examinations or even ask questions about an employee's health.
Federal laws that rigorously guaranteed employee privacy rights were appropriate when we lived in a world that was free of infectious diseases. For the foreseeable future, there will be a new calculus when balancing the interests of the many against the privacy rights of the few.
The declaration of COVID-19 as a pandemic by the HHS, WHO and the CDC means that everyone's personal health is a matter of public interest to some degree or other. Recognizing this fact, the Department of Health and Human Services published a variety of directives stating that they will relax enforcement of HIPAA privacy rights. These announcements include: Notice of Enforcement Discretion for Business Associates, Notice of Enforcement Discretion for Telehealth, and guidance on Disclosures of PHI to Law Enforcement, Paramedics, Other First Responders and Public Health Authorities.
The EEOC declared COVID-19 to be a "direct threat," as defined by the ADA which has additional legal significance. Because COVID-19 is a "direct threat," employers can send an employee home who appears to suffer from COVID-19 symptoms. Employers can ask employees who call in sick what their symptoms are, like whether they are suffering from a fever, chills, cough, or shortness of breath. Employers can measure an employee's body temperature before she takes her place at work or joins the assembly line. None of these practices were common or even contemplated prior to March 2020.
Intrusion upon employees' privacy rights is an inevitable casualty of this pandemic. Even the simplest issue of whether to record a worker's COVID-19 infection as a work-related injury opens up a wormhole of questions that would never have been asked prior to the pandemic.
OSHA requires employers to report a COVID-19 infection as a workplace injury only if: 1) the case is a confirmed case of COVID-19, 2) the case is work related and 3) the case involves one or more of the general recording criteria (such as medical treatment beyond first-aid, days away from work). The very nature of an infectious disease makes all three of these inquiries personal and intrusive.
9/11 changed American aviation for good. After 9/11, we all have to go through security, answer questions, and take off our shoes before we get on an airplane. Hopefully, nothing like the TSA will be created to monitor infectious diseases in the workplace. But it is certain that all of us will be giving up some of our medical privacy rights to keep our fellow employees safe.
• Ross I. Molho is a partner at Clingen Callow & McLean, LLC in Lisle.