Contact Us
Subscribe to this blog via RSS
Join us on LinkedInCategories
- SCOTUS
- FTC
- Emotional Support Animals
- Service Animals
- Employee Agreement
- Remote Work
- Federal Trade Commission
- LGBTQ
- Minors
- United States Department of Justice ("DOJ")
- Arbitration
- Work from Home
- Workplace health
- Intellectual Property
- Trade Secrets
- Corporate
- Center for Disease Control
- Americans with Disabilities Act ("ADA")
- FFCRA
- Opioid Epidemic
- Occupational Safety and Health Administration (“OSHA”)
- COVID-19
- Families First Coronavirus Response Act
- H.R.6201
- Health Care Law
- IRS
- Paid Sick Leave
- Temporary Leave
- Treasury
- Coronavirus
- Worker Misclassification
- Labor Law
- Overtime
- Kentucky Unemployment Insurance Commission
- Sexual Harassment
- FMLA Retaliation
- Overtime Rule
- Employer Wellness Programs
- Employment Non-Discrimination Act ("ENDA")
- Genetic Information Nondiscrimination Act ("GINA")
- Independent Contractors
- Kentucky minimum wage
- Minimum wage
- Paid Time Off ("PTO")
- Sick Employees
- Wage and Hour
- ADA Amendments Act of 2008 (“ADAAA”)
- Department of Labor ("DOL")
- Employee Benefits
- Employee Handbook
- Employee Misconduct
- Employment Discrimination Laws
- ERISA
- Fair Labor Standards Act (FLSA)
- Family and Medical Leave Act (“FMLA”)
- Human Resource Department
- Kentucky Civil Rights Act (“KCRA”)
- National Labor Relations Act (NLRA)
- National Labor Relations Board (NLRB)
- OSHA
- Overtime Pay
- Pregnancy Discrimination Act
- Social Media
- Social Media Policies
- Title VII of the 1964 Civil Rights Act
- U.S. Department of Labor
- Union
- Young v. UPS
- Adverse Employment Action
- Amazon
- Americans with Disabilities Act
- Bring Your Own Device
- BYOD
- Civil Rights
- Compliance
- Department of Health and Human Services
- EEOC
- Employment Law
- Portal-to-Portal Act of 1947
- Security Checks
- Security Screening
- U.S. Equal Employment Opportunity Commission (“EEOC”)
- U.S. Supreme Court
- Uncategorized
- Volunteer
- Cloud
- Creech v. Brown
- EEOC v. Hill Country Farms
- Equal Employment Opportunity Commission v. Kaplan Higher Education Corp.
- Federal contractors
- Kentucky Labor Cabinet’s Occupational Safety and Health Program (KOSH)
- Lane v. Franks
- Micro-unit
- Non-exempt employees
- Specialty Healthcare & Rehabilitation Center of Mobile
- "Ban-the-box"
- 2013)
- Berrier v. Bizer
- Bullying
- Citizens United v. Federal Election Commission
- Compensatory time off
- Conestoga Woods Specialties v. Sebelius
- Consumer Credit Protection Act (“CCPA”)
- Crystalline Silica
- Davis-Bacon and Related Acts
- Drug-Free Workplaces
- Earnings
- Ehling v. Monmouth-Ocean Hospital Service Corp.
- Federal Stored Communications Act (“SCA”)
- Illness and Injury Reports
- Job applications
- Jury duty
- Kentucky Department of Workers’ Claims
- Kentucky Wage and Hour Act
- Maternity Leave
- McNamara O’Hara Service Contract Act
- Mine Safety and Health Administration ("MSHA")
- NFL Bullying Scandal
- Northwestern
- Payroll
- Permissible Exposure Level ("PEL")
- Sebelius v. Hobby Lobby Stores
- Senate Bill 157
- Shazor v. Prof’l Transit Mgmt.
- Violence
- Wage garnishment
- Web Content Accessibility Guidelines
- Whistleblower
- WorkSmart Kentucky
- At-will employment
- Chapter 11 Bankruptcy
- Chenzira v. Cincinnati Children’s Hospital Medical Center
- COBRA
- Companionship services
- Defamation
- Defense of Marriage Act (“DOMA”)
- EEOC v. Fabricut
- EEOC v. The Founders Pavilion
- Employee Forms
- Employee Hazards
- Employee of the Month Programs
- Employee Training
- Employer Group Health Plans
- Employer Mandate
- Employment Practices Liability Insurance
- Endorsements
- Federal Workplace Agencies
- FICA
- Form I-9
- Freedom of Speech
- Gatto v. United Airlines and allied Aviation Services
- Giant Food LLC
- Government employees
- Government shutdown
- Health-Contingent Wellness Programs
- HIPAA
- Home Health Care Workers
- KYSHRM 2013
- Litigation
- Madry v. Gibraltar National Corporation
- Mandatory vaccination policies
- Medical Exams
- Megivern v. Glacier Hills Incorporated
- Motivating Factor
- Obesity
- Online Account Protection
- Online Defamation
- Participatory Wellness Programs
- Pennington v. Wagner’s Pharmacy
- Pension Plans
- Play or Pay
- Private employers
- Record Retention
- Reference checks
- Sequester
- Severance Pay
- SHRM
- Small Business Administration (SBA)
- Social Media Ownership
- Supervisor
- Supplemental Unemployment Compensation Benefits
- Tangible employment actions
- Tax Refund
- Title VII retaliation cases
- Troyer v. T.John.E Productions
- U.S. Citizenship and Immigration Services
- Unfair Labor Practice
- United States v. Quality Stores
- United States v. Windsor
- University of Texas Southwestern Medical Center v. Nassar
- Vance v. Ball State University
- Contraceptive Mandate
- Crisis Management
- Employee Arrests
- Employee photographs
- House Labor and Industry Committee
- Job Description
- Job Requirement
- Kentucky’s Whistleblower Act
- KRS 391.170
- Labor and Pensions ("HELP")
- Municipal Liability
- Patient Protection and Affordable Care Act
- PhoneDog v. Kravitz
- Posting Requirements
- Public Sector Liability
- Religious Employer
- Right to Work Bill
- Social Networking Online Protection Act (SNOP)
- Social Privacy Laws
- Strategic Enforcement Plan (SEP)
- Telecommuting
- White v. Baptist Memorial Health Care Corp.
- Wilson v. City of Central City
- Workplace Politics
- Business Insurance
- Class Action Waivers
- Criminal Background Checks
- Employee Performance Reviews
- Employee Personnel Files
- Federal Arbitration Act (FAA)
- Federal Department of Labor
- Hiring and Firing
- Hosanna-Tabor Opinion
- Informal Discussion Letter (“EEOC Letter”)
- Insurance Coverage
- Kentucky Labor Cabinet
- National Labor Relations Act
- Retaliation by Association
- Salary Threshold
- Unemployment Benefits
- Workplace Discrimination, Harassment and Retaliation
- Communications Decency Act
- Employee Contracts
- Internet & Media Law
- Internet Defamation
- Non-Compete Agreement
- Uniformed Services Employment and Reemployment Rights Act
- USERRA
HIPAA Considerations In The Event Of Employee Death or Incapacitation
The Health Insurance Portability and Accountability Act of 1996, otherwise known as HIPAA, acts in part to provide federal protection for identifiable health information retained by covered entities, which includes most businesses that offer company health plans. While many employers have policies and procedures in place to ensure HIPAA compliance in routine, every day matters relating to the management of employee health data, few employers have developed policies or even considered how to manage protected health information in the unfortunate event of employee death or incapacitation.
Importantly, HIPAA's protection of identifiable health information does not expire in the event of incapacitation or even the death of an employee. In fact, HIPAA continues to protect identifiable health information for 50 years after death. Consequently, it is important for employers to know to whom protected health information may be disseminated during this time period in order to continue to ensure compliance and avoid the assessment of steep penalties and fines.
Covered health information for the deceased or incapacitated employee during this time may be released to their legal representative under state law. In most instances involving a diseased employee, this would be the appointed administrator of the deceased's estate. It is permissible to release protected health information to non-representative family members, including but not limited to spouses, domestic partners, parents, children, or siblings, unless doing so is inconsistent with any prior expressed preference that is known to the covered entity. However, the information released to a non-representative family member must be limited to that information which is relevant to that person’s involvement in the decedent’s or incapacitated employee's care or payment for care. The regulations leave the determination of this relevancy up to the entity’s “professional judgment.” 45 CFR 164.510(b)(5).
The Department of Health and Human Services gives the following example of what could be released: “For example, a covered health care provider could describe the circumstances that led to an individual’s death with the decedent’s sister who is asking about her sibling’s death. In addition, a covered health care provider or pharmacy could disclose billing information or records to a family member of a decedent who is assisting with closing a decedent’s estate. However, in both cases, a provider generally should not share information about past, unrelated medical problems.” (Click here to directed to The Department of Health and Human Services website.)
Consequently, unless protected information is requested by the legal representative of the deceased’s estate, or the information requested is directly related to the requestor's involvement in the deceased’s care prior to death or payment for the deceased’s care prior to death, a signed HIPAA release by the legal representative is required prior to release of the protected information. Other exceptions allowing the release of protected health information covering special situations are also available, including the allowance of release to law enforcement to assist in a criminal investigation.
It is important that employers understand their responsibilities to protect identifiable health information covered by HIPAA and develop policies to ensure compliance. For assistance in developing a plan for your business, please contact a McBrayer employment attorney today.
Services may be performed by others.
This article does not constitute legal advice.
