The trusted source for
healthcare information and
The American Association of Occupational Health Nurses in Atlanta and the American College of Occupational and Environmental Medicine in Arlington Heights, IL, offer this advice for protecting employees’ medical information:
• Companies should establish corporate policies that outline their information practices as they relate to collecting and maintaining personal health information, including information collected through occupational health and safety programs. The policies should be included in an employee handbook and reviewed with all employees.
• All employee health information should be kept confidential and released only when required by law or overriding public health consideration, when needed by other health professionals for specific reasons, and when needed by designated individuals at the request of the employee. Disclosure should be limited to the minimum amount necessary for the purpose requested.
• Health information should not be used in making determinations about hiring, firing, or promotion.
• The policy should address where and how the employee medical records are stored; security of records (of both electronic and physical files); management of files of employees who are terminated, resign, or are laid off; mechanisms for employee access and consent for disclosure.
• Employees should be provided a copy of the company’s employee handbook and encouraged to review their rights regarding personal health information records kept at the workplace.
• Employers should remind employees that insurance claims forms and other legal medical documents they sign may include permission for the release of health information.