Next on the list of misconceptions is that HIPAA somehow bans asking you questions about your health. It doesn’t. Even businesses that are covered by the law, such as doctor’s practices, can in general ask you all the medical questions they please.
What they can’t do, without paying close attention to the law’s provisions, is let others see the resulting information. If your employer collects health data about you while running a health benefit plan, it must avoid disclosures you have not consented to.
That idea of consent is another place the memes go wrong. HIPAA is generally designed so its data-privacy rights are waivable; if you visit a doctor, you're probably asked to sign one or more forms to waive some or all of those rights. (An early nickname of the law among medical providers was “Huge Increase in Paperwork and Aggravation Act.”)
See the pattern? No one is violating HIPAA by asking if you’ve been vaccinated.
Advertisement
Join the conversation as a VIP Member