Meeting Mentor Magazine
Do Event Vaccine Mandates Violate HIPAA?
While the Omicron variant of COVID-19 is beginning to wane across the U.S. and meeting professionals are feeling much more rosy about the prospects for their 2022 meetings and events, the virus isn’t quite done with us yet. As Anthony Harris, MD, MBA, MPH, CEO of Hfit Health in Chicago told MeetingMentor, while Omicron variant BA.1 is ebbing — cases are at their lowest point in the past 30 days — the variant still has two other subvariants, BA.2 and BA.3, and BA.2 is even more transmissible than BA.1. Omicron BA.2 in fact has overtaken BA.1 in Sweden and Denmark, causing spikes in cases in both nations. While it remains to be seen if any of Omicron’s subvariants will make it across the pond to the U.S., it’s still prudent for planners to stay vigilant, keep their social distancing plans in place, and continue to ensure that all who come to their events are current on their COVID vaccinations which, at this point, Dr. Harris says should include the appropriate boosters.
It’s no secret that vaccine mandates are not popular with many segments of society, as witnessed by the Canadian trucker protests again COVID restrictions and various other demonstrations in the U.S. and around the world. One objection that is often voiced is that requiring attendees to disclose this information is a violation of the Health Insurance Portability and Accountability Act, or HIPAA.
According to the Centers for Disease Control and Prevention (CDC), this is not the case. On its Event Planning FAQs page, CDC explains that HIPAA applies only to covered entities (healthcare providers, healthcare plans) that conduct or engage in certain electronic transactions. It says, “HIPAA ensures a patient’s health information is properly protected while allowing the flow of health information needed to provide high-quality care and to protect public well-being.
“Most event organizers would not fall into the category of a covered entity as defined under the statute. For this reason, HIPAA would not apply to most event organizers attempting to verify an individual’s vaccination status.”
However, a vaccine requirement to attend an event could potentially conflict with local regulations. The CDC recommends that event planners obey all applicable local, state, tribal and territorial laws, regulations and rules as they consider whether or not to require attendees to disclose their COVID-19 vaccination status.
Event organizers who have questions regarding the application of HIPAA and/or other potentially applicable privacy laws to vaccination verification requirements for attendance should consult with legal counsel prior to instituting a vaccine mandate for their meeting or event.
Other COVID Risk Mitigation Strategies
In addition to ensuring the vaccination status of those attending an event, Dr. Harris suggested the following risk-mitigation strategies:
• Continue to require all in attendance to wear a N95, KN95 or surgical face mask. “Masks are an easy and effective way to reduce transmissions for indoor events.”
• Hold events outdoors when possible, especially social and networking events where people will remove masks to eat and drink.
• Maintain COVID-level standards for social distancing and hand hygiene.
• Ensure your venue provides HEPA air filtration in its HVAC system, preferably exchanging the air at least six times an hour, which is the recommended rate of air exchange.
• Offer on-site testing, especially for international attendees who will need a test to board the plane to return home post-event.
• Advise attendees who are planning to stay with friends and family rather than at the host venue to ask those friends or family to take a COVID test prior to their arrival to help minimize the risk of transmission.
Design by: Loewy Design