Employer Considerations & Checklist after Positive COVID-19 Test

Employer Considerations and Checklist After Learning of a Positive COVID-19 Test

May 2020

There are two separate but related considerations when an employer discovers an employee has tested positive for COVID-19: privacy considerations for the employee who tested positive, and safety considerations for all other employees. The latter also applies when an employer discovers a non-employee has tested positive for COVID-19 including a client, customer or vendor who has been physically present in the workplace.

Privacy Considerations for Employee

If an employer discovers an employee has tested positive for COVID-19, the employer must be aware of privacy laws and understand whether they apply. There are confidentiality requirements under several federal laws, as well as state privacy laws, but the key laws discussed briefly here are the Health Insurance Portability and Accountability Act (HIPAA) and the Americans with Disabilities Act (ADA).

The ADA generally requires employers that receive medical information about employees, treat the information as a confidential medical record, even if the medical information was voluntarily provided by the employee. That means the employer cannot disclose the name of the individual, or personally identifiable information about that person, to other employees. If an employer becomes aware of an employee’s positive COVID-19 test, the ADA applies, and regardless of the specific facts, the employer should be aware of and follow the ADA confidentiality requirements.

HIPAA generally requires safeguarding Protected Health Information (PHI). An individual’s positive COVID-19 test information is PHI. However, HIPAA may or may not apply depending on the particular facts of the situation and how the employer obtained the information. HIPAA’s obligations to safeguard PHI applies only to covered entities (and business associates). So, it is important to determine whether, at the time the information was obtained, the employer was acting within the context of its administrative role for the group health plan. If so, HIPAA applies, and the employee’s positive COVID-19 test must be safeguarded under the HIPAA rules. However, if the information was obtained when the employer was acting in its capacity as an employer (for example, if an employee tells her supervisor she has tested positive for COVID-19), then HIPAA will not apply.

Because of this somewhat difficult technical distinction within HIPAA, and because the ADA will apply regardless of whether HIPAA applies, it is a good rule of thumb to treat an employee’s positive COVID-19 test as though it is PHI protected under HIPAA.

Privacy Precautions

Keep the identity of the COVID-19-positive employee confidential and do not provide the name of the employee who tested positive to others.
Do not provide any other information related to the employee that could reasonably be used to identify the individual.

⬜ Do not provide any other information related to the employee that could reasonably be used to identify the individual.

⬜ Keep in mind the HIPAA “minimum necessary” standard and limit the information disclosed to that which is the minimum necessary to accomplish the purpose.

Safety Considerations for Employees and Individuals at Worksite
The following protocol may be utilized to document the series of events in an effort to address the safety of all employees and visitors to the worksite.

Privacy Precautions

⬜ Maintain full written documentation regarding the incident.

⬜ Determine and record the last date and time when the person was on the premises.
⬜ Interview the individual to determine the exact path, locations and focus of their travel within the buildings and workspaces.
⬜ Create a detailed list of any other individuals with whom they had close contact or interaction.
⬜ Determine from the individual the first dates of symptoms.
⬜ Seek voluntary submission of COVID19 test results. Trust but verify the information and do not violate HIPAA rules/regulations. Most individuals who have tested positive are willing to voluntarily provide the test results via text message or email.

Privacy Precautions

⬜ Control interior areas of focus with security tape to prevent anyone from passing into an area of risk.
⬜ Immediately clean all external entrances, elevators, parking area doors and touchpoints that may have been used by the person in question
⬜ Contact a local cleaning company to perform deep cleaning of any area where the individual may have spent a longer period of time or lingered.

Privacy Precautions

⬜ Secure additional cleaning and disinfecting supplies for the business. Consider enough to provide individual employees with added supplies.
⬜ Identify and pinpoint the affected areas. Areas of high touch may include: Elevator buttons, copier screens and buttons, handles to all doors (prop interior doors open if possible), bathrooms (doors, handles and faucets).
⬜ Prepare the workforce for returning to the area.
⬜ Communicate in writing to all employees who work in the immediate area. Include protocol steps in the communication including investigation, locations and cleaning steps. Establish immediate recommendations of telework and remaining away from area of possible risk.
⬜ Adjust waiting areas and common rooms to provide social distancing.
⬜ Adjust workstations or utilize every other workstation to provide the necessary 6-foot distance between employees.
⬜ Consider communication bullets for individuals with higher levels of risk including but not limited to underlying health conditions, age, susceptibility to disease, compromised immunity, etc.
⬜ Continue to allow/provide opportunity to telework, conference call and zoom meetings.
⬜ Consider daily questions / interviewing for employees working in high-traffic or densely populated work areas.
Share this post
Facebook
Twitter
Telegram
WhatsApp
Pinterest
You may also like
Comments
Search
Get CRITICAL employee benefits information delivered right to your inbox!
Featured Post
Recent posts