Why is there so much confusion surrounding HIPAA and Covid-19 vaccines?


With the Covid-19 pandemic winding down over a year after we saw the world stop, we can thank the HIPAA  and vaccine for helping us get back to normal. Although many countries and states still mandate mask-wearing to keep unvaccinated people safe and help elderly people and immunocompromised people feel safe, the sharp upswing in vaccinations can help us get back to normal.

However, what if you do not want to be vaccinated? There are people worldwide who do not want to take the “risk” associated with a new vaccine that has not had any noted long-term effects due to the recent inception. Those who want to risk their chance at not being vaccinated may be making a wrong decision in more ways than one. 

Some businesses may avoid hiring non-vaccinated people to keep their other employees safe. But if you don’t want to tell your business owner about your vaccination status, is that a crime? Let’s find out.  

What does HIPAA stand for? 

Maybe you have heard your doctor or physician saying “HIPAA,” but you are not sure what it means. In short, what does HIPAA stand for? Many people have heard of HIPAA before, but there is so much confusion surrounding this acronym and topic that it can be overwhelming to medical patients and those who are undergoing medical treatment.

HIPAA stands for Health Insurance Portability and Accountability Act. Basically, this act is a federal law that must be followed in all states in America. This law requires doctors, medical professionals, and other medical workers, whether nurses or laboratory technicians, to keep a patient’s information private and secure. 

If a medical professional shares personal information without asking permission, this is a direct breach of HIPAA. Unless authorized by the patient, medical information cannot be shared between two entities, whether the receiver or listener is in the medical field or not. 

Simply put, this act is a federal law that prevents health information from being disclosed without previously gaining consent from the patient that says you are allowed to reveal their information to another person or business. The Department of Health and Human Services created the HIPAA Privacy rule to ensure that HIPAA policies are followed by all professional entities. 

See also  Beginners guide to develop a CFD trading strategy

The Department of Health and Human Services is strict at enforcing this rule, putting heavy fines on a company if a business or corporation refuses to follow the rules or is negligent in protecting a patient’s information from public knowledge. 

HIPAA Privacy Rule

The HIPAA Privacy Rule is a subset of the overall HIPAA policy. This branch of HIPAA is a subcategory that works on the enforcement of keeping a patient’s medical records private knowledge from the general public and other medical professionals.

If medical professionals do not follow the privacy rule, this is a direct breach of HIPAA. HIPAA helps regulate people in the medical field from lacking privacy and protection of personal files and sharing private information wrongfully without permission. 

HIPAA – requiring disclosure of vaccine status

There have been many articles in the news lately about the HIPAA act and whether asking about a person’s vaccination status is a direct breach of the privacy rule. However, businesses and other entities, such as restaurants or retail shops, do not have to follow HIPAA rules since they are not medical entities.

When looking up what HIPAA stands for, we see that the only people legally bound to this law are medical professionals. Since most businesses are not in the medical field, an employer asking a person their vaccination status is not a direct breach of HIPAA.

A recent article came out that asked, “Are businesses violating federal laws by asking if you’ve gotten a Vodi-19 vaccine?” The answer in short terms is yes – businesses are allowed to ask if you have been vaccinated or not since this does not fall under the scope of HIPAA.

An article by WTHR gathered information from the U.S. The Department of Health and Human Services, the Equal Employment Opportunities Commission, the National Law Review, and Park Legal LLC. All of these organizations agreed HIPAA does not regulate businesses, not in the health field. 

Since Congress passed HIPAA over 24 years ago, this Accountability Act has protected millions of patient’s personal health information from being shared without previous consent or a breach of patient’s private information due to lack of security. 

See also  Why You Should Use Custom Caps to Promote Your Business

However, the general public still seems to be confused over who is covered by HIPAA. Patients must remember this rule applies to their doctors and medical professionals, but the general public must remember this law does not regulate your personal medical information from being questioned by other non-medical entities.

Related medical entities bound by HIPAA law include insurance companies, hospitals, laboratories, clinics, and doctors, who cannot release your health information without prior permission. However, for the most part, employees can ask if an employee is vaccinated because it does not fall under HIPAA.

Furthermore, organizations realize business owners have to keep their workers safe and healthy – which often coincides with hiring only vaccinated people in their workplace. An employer must maintain safety in the workplace, including asking questions about vaccination status or previous history of having Covid-19.

Simply because a business may ask if you have been vaccinated does not mean you are legally tied to tell them the truthful answer or answer at all. However, not answering this question can be a pathway to not being hired by businesses. Since Vodi-19 is so severe and has caused thousands of deaths worldwide, this disease must be taken seriously by everyone in the world.

As we get back to normal, people in charge of shops, stores, restaurants, cinemas, and other businesses are in charge of staffing their physical space and ensuring their staff remains healthy. To do so, most business owners only hire vaccinated people. 

On the other side of the coin, some states have rules regarding employees hired during the pandemic. This means that employers cannot outright deny hiring a person due to their vaccination status if they are not vaccinated – but this still does not prevent businesses from not hiring employees and then citing another reason for the non-hire. 


As you can see, determining if Covid vaccination questions fall under the scope of HIPAA can be a confusing and annoying question for some anti-vaxxers and business owners. Business owners want to keep their employees safe, whereas those who do not wish to be vaccinated want to have the same shot at being hired as an employee.

However, refusing to answer a vaccination status question does not fall under the scope of HIPAA, meaning potential employers can ask you your vaccination status legally and lawfully.

Leave a Reply

Your email address will not be published. Required fields are marked *