Can employers mandate some employees get the vaccine and not others? Is there an obligation to consider requiring a COVID-19 test before coming back to work? What are the potential workers’ compensation claims relating to possible adverse reactions to a vaccine? Should employers mandate vaccinations?
In this article, McDermott partners Carole Spink, Joseph Mulherin, Kathleen Quinn and Troy Van Dongen answer common employer questions about the COVID-19 vaccine.
In this video, McDermott Will & Emery partner Amy C. Pimentel explains the significance of health data transfers from the European Union to the United States in a post-Schrems II world. The recent Schrems II ruling invalidated the EU-US Privacy Shield, holding that the US legal regime on access to personal data does not contain adequate limitations and safeguards. Pimentel and McDermott’s Romain Perray recently also wrote for McDermott’s International News about this topic.
Employers are poised to collect health data from their workforces daily as they adopt temperature checks and other screening protocols to fight the coronavirus, triggering concerns about workers’ privacy and whether the practices will continue beyond the pandemic.
“The temperature checks give employees and customers the feeling of safety and the idea that the company is doing everything possible, even if the screenings don’t protect the workplace,” said Michael Sheehan, a partner with McDermott Will & Emery, in a recent Bloomberg Law article.
With rapid developments in local, state and federal guidance and law, the appropriate approach for each employer in relation to COVID-19 will vary depending on the nature of their work, the industries served and their location and size, among other considerations. This article outlines what employers need to know about employees experiencing symptoms and employee absences.
On Monday March 6, 2017, the House Republican leadership in the Energy and Commerce and Ways and Means Committees unveiled their signature bill to “repeal and replace” the Affordable Care Act (ACA). The “American Health Care Act” (AHCA) is an effort to make good on President Trump’s promise to dismantle the ACA. Democrats are united in their opposition to the AHCA and other stakeholders have also come out against the bill – while the proposed legislation is subject to modification as it is marked up in committee and debated in Congress, certain provisions of the AHCA, if enacted, will be of particular importance to employers and provide the framework for a strategic road map as employers plan and design future health care benefits for their employees.
The US Department of Health and Human Services has recently issued guidance under the Health Insurance Portability and Accountability Act on what covered entities and business associates can do to prevent and recover from ransomware attacks; however, other state data breach notification laws can also be triggered by a ransomware attack. The authors of this article explain the guidance and what to do if you are subject to a ransomware attack.
On July 28, 2016, US Department of Health and Human Services (HHS) issued guidance (guidance) under the Health Insurance Portability and Accountability Act (HIPAA) on what covered entities and business associates can do to prevent and recover from ransomware attacks. Ransomware attacks can also trigger concerns under state data breach notification laws.
Ransomware is a type of malware (malicious software). It is deployed through devices and systems through spam, phishing messages, websites and email attachments, or it can be directly installed by an attacker who has hacked into a system. In many instances, when a user clicks on the malicious link or opens the attachment, it infects the user’s data. Ransomware attempts to deny access to a user’s data, usually by encrypting the data with a key known only to the hacker who deployed the malware. After the user’s data is encrypted, the ransomware attacker directs the user to pay a ransom in order to receive a decryption key. However, the attacker may also deploy ransomware that destroys or impermissibly transfers information from an information system to a remote location controlled by the attacker. Paying the ransom may result in the attacker providing the key necessary needed to decrypt the information, but it is not guaranteed. In 2016, at least four hospitals have reported attacks by ransomware, but additional attacks are believed to go unreported.
Read the full article here to learn about the indications of a ransomware attack, what do in the event of a ransomware attack and what circumstances constitute a HIPAA breach.
On September 29, 2015, the U.S. Department of Health and Human Services Office of the Inspector General (OIG), Office of Evaluation and Inspections, released two studies calling on the HHS Office for Civil Rights (OCR) to strengthen its efforts in both general enforcement of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Standards and enforcement of security breach reporting requirements. OIG commissioned both studies out of concern for the increased risk of an invasion of privacy and exposure to fraud, identity theft and other harm that patients face in an ever-expanding digital health environment.
With no Congressional consensus to adopt a federal data privacy and breach notification statute, states are updating and refining their already-existing laws to enact more stringent requirements for companies. Two states recently passed updated data privacy laws with significant changes.
Read the full post here.
Subscribe
