As businesses reevaluate their public health requirements, such as lifting face mask mandates for customers who are vaccinated against COVID-19, questions about medical privacy are back in the spotlight.

The question of whether it is legal to ask a maskless people if they have been vaccinated has come into focus. Vaccine opponents, including members of the U.S. Congress, are once again claiming that the HIPAA federal privacy law protects individuals from being asked about their vaccination status.

“Business asking for proof of COVID-19 vaccination is a HIPAA violation.” – Marjorie Taylor Greene, May 18, 2021

This claim is absolutely false.

HIPPA does not apply at all in the case of employers, businesses, or other institutions from asking about COVID vaccination status. The confusion was created by rightwing interests that have a complete misunderstanding of what HIPPA covers, and used it to defend their agenda.

Health Insurance Portability and Accountability Act (HIPAA) applies only to healthcare related businesses – including insurance and medical providers. According to the privacy section of the U.S. Department of Health & Human Services website, the entities and the contractors associated with them required to follow the HIPAA rules are health insurance companies, most health care providers, and health care clearinghouses.

“The interpretation of the HIPAA requirements are a good indication of how few people actually understand the specifics of the law, even congressional members. The HIPAA law prevents a third party, must be a health care entity such as a health provider or insurer, from giving out your private health information without your permission. The law establishes the intended covered entities as well as protected health information. HIPAA does not apply to individuals or non-health care related businesses and therefore has no application to businesses who ask patrons if they have been vaccinated. People looking for rights to not be asked about vaccinations will need to seek relief elsewhere.” – Richard Tarpey, Middle Tennessee State University

Many organizations that have personal health information do not have to follow these laws. They include life insurers, business owners, most schools and school districts, many state agencies, most law enforcement agencies, and many municipal offices.

Written By

Crаіg Jоnеs

The Milwaukee Independent began reporting on what was then referred to as the mysterious “Wuhan Virus” in January 2020. Other local media did not picked-up on the story until many weeks later. Our early features focused on the economic impact, social issues, and health concerns long before other Milwaukee news organizations even mentioned the coronavirus. Over the following year, we have published hundreds of articles about the pandemic and how it has affected the lives of Milwaukee residents. This extensive body of work can be found on our COVID-19 Special Report page, a chronological index of links by month. Our editorial voice remains dedicated to informing the public about this health crisis for as long as it persists.
For medical resources, please visit the CDC’s COVID-19 page or the Wisconsin Department of Health Services. All editorial content published by Milwaukee Independent can be found at mkeind.com/COVID19. With a mission of transformative journalism, our staff is free from commercial bias and are not influenced by corporate interests, political affiliations, or a public preferences that rewards clicks with revenue. As an influential publication that provides Milwaukee with quality journalism, our award-winning photojournalism and features have helped to achieve a range of positive social impact that enriches our community. Please join our effort by entrusting us with your contribution. Your Support Matters - Donate Now