Swine Flu and Workplace Privacy

Posted on May 1, 2009 by Philip Gordon

The swine flu pandemic means that employers need information about employees who have swine flu, or who have been exposed to it, but what exactly can employers ask, and what are their obligations when they get an answer? Here are some answers to these and other frequently asked questions about the intersection between swine flu and workplace privacy.

Q: Is it a HIPAA violation to require employees to disclose whether they have swine flu, have symptoms of swine flu, or have been exposed to swine flu?

A: No. HIPAA does not apply to questions that an employer asks employees about their health. In the workplace, HIPAA applies only to individually identifiable health information created or received by, or on behalf of, the employer in its capacity as the administrator of a HIPAA-covered plan, such as self-insured group health, dental or vision plans; a health care reimbursement flexible spending account; or an employee assistance program. Put more succinctly, HIPAA applies only to individually identifiable health information created or received to administer a HIPAA-covered plan.

Q: Does any other law apply to an employer’s efforts to obtain information about whether an employee is, or maybe, infected with swine flu?

A: In certain circumstances described below, the Americans with Disabilities Act (ADA) will apply.

Q: Can an employer require that employees with symptoms of swine flu be tested?

A: Yes. Under the ADA, an employer who reasonably believes, based on an individualized assessment, that an employee has symptoms of swine flu can require that the employee undergo medical testing to determine whether the employee, in fact, is infected. Before requiring testing, the employer should be familiar with the symptoms of swine flu and have sufficient information to confirm that the employee has those symptoms. Any required testing must be limited to a test for swine flu. In addition, the employer is required to pay any costs associated with the test. The employer must treat the test results as confidential.

Note: The answer above is based upon the conservative assumption that the ADA’s restrictions on medical examinations of current employees applies regardless of whether swine flu is a “disability" as defined by the ADA. We are taking this conservative approach based on EEOC guidance which defines a "medical examination" as "a procedure or test that seeks information about an individual's physical or mental impairments or health" and provides as an example, "blood, urine, saliva, and hair analyses to detect disease or genetic markers." This definition would encompass the nasal swab test for swine flu. A court might find the EEOC’s guidance to be overbroad to the extent that it encompasses medical tests, like the test for swine flu, directed exclusively at discerning the presence of a temporary condition that is not subject to protection under the ADA.

 

Q: Can an employer require that employees who test positive for swine flu disclose the test results to the employer?

A: Yes. Under the ADA, an employer may require that an employee disclose health information bearing upon whether the employee poses a direct threat to the health or safety of himself or others. Because an employee with swine flu in the workplace would expose others to contagion and may aggravate the employee’s own illness, the employer can require disclosure. However, the employer must treat the positive test result as confidential.

There is one subtle distinction here: While the ADA applies when an employer requires that an employee be tested for swine flu, the ADA does not apply when the employer states that employees who have voluntarily had themselves tested for swine flu must share the results of the test for swine flu. The distinction is important because an employer that mishandles information protected by the ADA could be subject to a claim for violation of that statute which includes a fee-shifting position, whereas an employer who mishandles information not subject to the ADA might be subject only to a common law claim, which does not include fee-shifting.

Q: Can an employer require that an employee disclose whether he or she has been exposed to others who have tested positive for swine flu?

A: Yes. This inquiry does not require the employee to disclose any medical information about the employee.

Q: What can an employer tell co-workers about an employee who has been sent for testing, or who has tested positive, for swine flu?

A: The ADA requires that employers maintain the confidentiality of health information received from an employee in response to an employer-mandated disclosure. Consequently, an employer can not disclose to co-workers the identity of employees who have revealed symptoms of, or who have received a positive test result for, swine flu. An employer can tell co-workers who were exposed to the infected employee, without disclosing the infected employee’s identity, that these employees may have been exposed to swine flu and should monitor themselves for symptoms of swine flu.

As noted above, the ADA does not apply to a policy requiring that employees who have voluntarily undergone testing for swine flu disclose a positive test result. Nonetheless, as a practical matter, employers should treat as confidential the information received from employees pursuant to such a policy to encourage self-reporting.

Q: What can an employer tell managers or supervisors about an employee who has been sent home or has not been permitted to return to work because the employee is infected with swine flu or is demonstrating symptoms of swine flu?

A: The ADA generally prohibits an employer from disclosing an employee’s health condition to managers or supervisors. An employer can, however, tell a manager that the employee has been placed on leave for non-disciplinary reasons and for an indefinite period of time. The employer also can state that it will work with the manager to get the employee’s work covered and will inform the manager when the employee’s return date is known.

Q: What should an employer do when a manager or co-workers figure out that a specific employee has tested positive for swine flu even though the employer does not identify the employee — for example, because of the small size of the workforce?

A: An employer can not stop a manager or co-worker from speculating about why an employee has taken or been placed on leave. All an employer can do is take reasonable steps to protect the confidentiality of the positive test result by not identifying the employee by name and by avoiding, to the extent reasonably feasible, making other references that would permit a manager or co-workers to guess that an employee has been infected.

For additional insight and analysis, see Littler's ASAP, Swine Flu: Preparing the Workplace for a Pandemic, by Donald Benson and Steve McCown.

Littler is hosting a complimentary webinar to discuss in more detail action plans and issues that employers must consider. To register, please click here.
Tags: , , , ,
  • Print
  • Trackbacks
  • Share Link

Ensuring the Privacy of Transgender Employees in the Face of Public Transition

Posted on April 10, 2009 by Privacy and Data Protection Practice Group

Transgender individuals have good reason to be concerned about expressing their gender identity in the workplace. According to recent studies, at least one in five transgender individuals reports experiencing employment discrimination. A review of six studies conducted between 1996 and 2006 showed the following concerning reports of mistreatment in the workplace based on gender identity:

  • 13%-56% of transgender individuals had been fired;
  • 13%-47% had been denied employment;
  • 22%-31% had been harassed, either verbally or physically, in the workplace; and
  • 19% had been denied a promotion due to their transgender status.

Most employees choose whether, when, and to whom they disclose certain personal information at work. However, transgender individuals who decide to transition from one gender to another while remaining with their current employer do not have the same luxury. This largely is due to the inherently public nature of the transition. Indeed, an employee who intends to undergo a gender transition generally is required to live full-time in their new gender role for at least a year before becoming eligible to undergo sex reassignment and reconstruction surgery (if they so choose to have surgery, which many do not). During this time frame, transgender individuals often seek a variety of medical treatments, including hormone therapy, as well as change their names, modify their identity documents, and other procedures. As a result, employers and co-workers necessarily, but often reluctantly, become involved in a transitioning employee’s gender transition. While a gender transition is an inherently private process, it necessarily becomes known to co-workers at some point by the very nature of the “transition.”

What does that mean for an employer who receives notice that an employee intends to transition from one gender to another over the course of several weeks or months? More importantly, how does an employer reconcile this very public transition with potential state and federal laws protecting confidential medical information, which requires employers to maintain private information about an employee, and protect against potential common law claims like invasion of privacy?  This is made more difficult by the very nature of the public transition for transgender employees. For all practical purposes, it is somewhat similar to when an employee discloses to limited individuals that she is pregnant.  Employers must not and should not disclose this fact (that is private until the pregnant employee begins “to show”) to others who do not need to know or confirm this information to colleagues. And while such information may inherently or eventually become public due to an employee’s appearance, it necessarily is up to the employee to decide when and to whom to disclose such information.  

Such is the case with an employee who announces an intention to change gender. An employee’s transgender status, where the employee is in the process of transitioning, and especially the employee’s medical condition and/or plans for future medical procedures, must be treated as private and confidential. The decision of with whom and when a transgender employee shares such information should be left to the employee’s discretion. Medical information also may be received by employers in a variety of ways and circumstances. Depending on the nature of that information and how it is received, the information may be protected under federal laws, such as the Health Insurance Portability and Accountability Act (HIPAA), Genetic Information Discrimination Act (GINA), or the Americans with Disabilities Act (ADA) (which does excludes transgender status from the definition of disability, but protects most medical information of current employees). Regardless, out of sheer courtesy to the employee, the information should not be disseminated or the discussion of office chatter.

 

In addition to privacy concerns, employers should be aware that more and more cases are expanding the boundaries of discrimination under Title VII, and most particularly the definition of “sex.” In September 2008, the federal court of the District of Columbia ruled that the Library of Congress discriminated against Diane Schroer on the basis of “sex.” Schroer v. Billington, 577 F. Supp. 2nd 293 (D.D.C. 2008). While dressed in traditionally masculine clothing and interviewing under her previous male name, Schroer was offered a job as a Terrorism Research Analyst with the Congressional Research Service, a division of the Library of Congress. After the job offer, but before starting and before undergoing sex reassignment surgery, Schroer informed the Library of Congress that she was under a doctor’s care for gender dysphoria. Schroer informed her future employer that, consistent with her treatment, she was about to change her name, begin dressing in traditionally feminine attire, and presenting herself full-time as a woman. The job offer was rescinded one day after Schroer disclosed her plans to transition. This groundbreaking decision was the first time a court has ruled that discriminating against someone for changing gender is sex discrimination under Title VII. While case law usually develops a bit slower, the Employment Non-Discrimination Act (ENDA) still is on the horizon. With a new administration and Congress, most predict that the version of ENDA likely to be introduced will add to Title VII express protections for gender identity or expression (in addition to sexual orientation). 

 

So, how does an employer manage to maintain this balance while also fostering a non-discriminatory work environment where all employees are treated with trust and respect? Some helpful guidelines include:

 

  • Amend your Equal Employment Opportunity policy to prohibit discrimination based on gender identity or expression. (Several states, most recently New Hampshire and Washington, have passed bills protecting individuals on the basis of gender identity or expression. See also Jurisdictions with Explicitly Trans-Inclusive Discrimination Laws.)
  • Be prepared to address questions and requests from employees who notify you of their intent to transition to a different gender.
  • Write and implement a detailed policy and procedures suited to your own workplace environment to aid management, and the transitioning employee when a transgender employee decides to transition on the job.
  • Do not make decisions about how to respond to certain requests from a transitioning individual based on where an employee is in the transition process.
  • Keep in mind, at all times, that transitioning to a new gender is much more intense and intimate than simply ”changing one’s name” and dressing differently; this process truly is life-altering.

This entry was authored by Denise Visconti, a shareholder in Littler's San Diego office.
Tags: , , , , , , , , , ,
  • Print
  • Trackbacks
  • Share Link

Are the Medical Records of Deceased Employees Off Limits?

Posted on February 4, 2008 by Philip Gordon
The recent death of Major League Baseball pitcher Joe Kennedy is a tragic reminder that employees die.  However, in many ways, the employment relationship lives on, albeit under different terms.  Estates may need to be administered.  Law enforcement may need to investigate the cause of death.  Children may need to know if their deceased parent was diagnosed with a genetically transmitted disease.  How are employers supposed to respond to these requests?  More pointedly, do deceased employees have any privacy rights in their health information?  The short answer is “yes”.

Under the HIPAA Privacy Rule, the deceased have virtually the same privacy rights as the living.  In other words, a deceased employee’s protected health information generally can not be disclosed without the authorization of the decedent’s personal representative.  Whether someone can act as a personal representative depends upon applicable state law, which typically limits personal representatives to a current surviving spouse or a court-appointed executor of the deceased’s estate.  Employers often will be required to confer with the personal representative before responding to a request for the dead employee’s medical records — even if the request comes from someone close to the decedent, such as a child or an attorney representing the employee in litigation against the employer.

Employers should bear in mind that the HIPAA Privacy Rule applies only to health information created or received by, or on behalf of, a HIPAA-covered plan, i.e., a self-insured group health, dental or vision plan, a health care reimbursement flexible spending account, or an employee assistance program.  For other medical information, such as sick leave requests and reasonable accommodation and workers’ compensation information, employers will need to look to state law or the confidentiality provisions of the Americans with Disabilities Act.  As a general rule, however, these statutes follow the same scheme as HIPAA for disclosing the health information of a deceased employee.
Tags: , , , , , ,
  • Print
  • Trackbacks (1)
  • Share Link

Workplace Privacy and the MRSA "Superbug"

Posted on December 5, 2007 by Philip Gordon

The rumors are flying: The TV news ran a story last night on the evacuation and de-contamination of the local public school after one of the football players missed Saturday’s game because of infection with the MRSA Superbug.  One of your employees happens to have a son on the football team, and she called in sick on the Monday after the game.  Employees who work in the area of her cubicle have “petitioned” HR not to let the mother return to work until she has submitted written documentation from her physician that she is not infected or contagious.  Where does HR even start to unravel the privacy concerns of the mother and her child, and how should those concerns be weighed against the health interests of the mother’s co-workers? 

The legal analyses related to this issue are among the most complex in the area of workplace privacy, involving the interplay of the Americans with Disabilities Act (ADA); the Family and Medical Leave Act (FMLA); the Health Insurance Portability and Accountability Act of 1996 (HIPAA); state privacy statutes, such as California’s Confidentiality of Medical Information Act; state common law; and, at least in California, state constitutional law. 

Before wading into this quagmire, HR professionals should consider the following guidelines for balancing the privacy interests of potentially infected workers and the health interests of co-workers.

These guidelines would apply regardless of the type of infection — MRSA, Hepatitis A, TB, HIV, etc.

1.      Investigate:  Learn the facts; do not rely on rumors.

2.      Interview The Possibly Infected  Employee:  If the facts indicate that an employee might be infected with the MRSA Superbug, designate a manager with the appropriate level of responsibility to get more information directly from the employee.

3.      Consult Counsel On How To Handle An Uncooperative Employee: If the employee refuses to disclose information, consult counsel regarding whether the employee can be required to provide health information before taking any adverse action is against the employee.  If the employee already has been sent home, promptly involve counsel to minimize or resolve any possible liability risks.  

4.      Provide Notice Of Disclosure To A Cooperative Employee:  If an employee voluntarily discloses infection with MRSA, explain that (a) the employer may need to disclose limited information about the employee’s health condition to those with a need to know, such as government health officials and health care providers of co-workers to take precautions against the spread of the infection and to facilitate any needed treatment of others, and (b) the employer will limit disclosure to those with a need to know and then will disclose only the minimum information necessary.

5.      Request Consent To Disclose:  Ask the employee for permission to make the limited disclosures described above.  If the employee refuses to consent, tell the employee that the entity may have no choice but to share information about the infection with others but will do so only to the extent permitted or required by law.

6.      Avoid Identifying The Infected Employee:  When disclosing information about the infected employee, avoid identification by name except when necessary to protect the health of co-workers who might have been infected or as required by law.

7.      Instruct Supervisors On Confidentiality And Retaliation Risks:  Instruct supervisors about the need to maintain the confidentiality of employee health information and provide guidance on how to respond to questions from other employees and supervisors so as to avoid undue panic and concern.  Supervisors should be reminded of the need to avoid any claim of retaliation by the possibly infected employee or his/her family members.  Educate supervisors on the spread of MRSA infections, types of treatment, and the Company’s planned preventative steps.

There is no one-size-fits-all solution to the many complicated privacy issues that a Superbug infection in the workplace can raise.  These guidelines, however, provide a starting point for what most likely will be a tense and fast-moving situation that raises a wide range of benefits issues and employment-related liability risks. 

My colleagues in Littler's Workplace Safety Practice Group, Don Benson and Pete Rice, are OSHA experts who will be presenting a webinar on Wednesday, December 12, 2007, on how to reduce the risks of an MRSA outbreak in your workplace and how to respond when one occurs. 
Tags: , , , , , , , , , ,
  • Print
  • Trackbacks
  • Share Link