Privacy Issues in the Workplace

First page Table of contents Previous page 50 Next page Last page

Maintenance of Genetic Information: If the employer possesses genetic information about an employee, such information must be maintained on separate forms and in separate medical files and must be treated as a confidential medical record of the employee.

Disclosure of Genetic Information: Genetic information regarding an employee shall not be disclosed except:

(1) to the employee or employee’s family members, at the written request of the employee;

(2) specified occupational or health research;

(3) in response to a court order;

(4) in compliance with FMLA;

(5) to a health agency pursuant to contagious disease outbreak.

Relationship to HIPAA: This chapter does not prohibit a covered entity under HIPAA from any use or disclosure of health information that is authorized for the covered entity under such regulations. However, it is important to note that the March 26, 2013, modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules address the use of genetic information and prohibit health plans from using or disclosing genetic information for underwriting purposes, including plans to which GINA expressly does not apply. An exception to this prohibition exists for issuers of long term care polices. 139 12. C ALIFORNIA P ATIENT P RIVACY P ROTECTIONS Due to an increase of employee snooping into celebrity medical files at UCLA, California laws are consistently evolving in an attempt to protect patient privacy. New laws require health care providers to safeguard patient data and to report unauthorized access within five days to the state and the individual. The state can levy penalties up to $25,000 per patient for privacy breaches. Section 1280.18 to the Health and Safety Code established the California Office of Health Information Integrity (CalOHII) to: (1) ensure the enforcement of state law mandating the confidentiality of medical information and; (2) impose administrative fines for the unauthorized access, use, or disclosure of medical information. Every provider of health care must establish and implement appropriate administrative, technical, and physical safeguards to protect the privacy of a patient's medical information. Every provider of health care must also reasonably safeguard confidential medical information from any unauthorized access or unlawful access, use, or disclosure.

Privacy Issues in the Workplace ©2021 (s) Liebert Cassidy Whitmore 50

Made with FlippingBook - Online catalogs