Healthcare Organizations, Is Your Patient Portal Secure?

While healthcare organizations are embracing new technologies such as patient portals, a recent report shows that organizations’ cybersecurity measures for these technologies are behind the times. A patient portal is a secure online website that allows patients to access their Electronic Health Record from any device with an Internet connection. Many patient portals also allow patients to request prescription refills, schedule appointments, and securely message providers. With this increased access for patients comes the risk that someone other than the patient will gain unauthorized access to the portal, and to the patient’s electronic protected health information (ePHI). Our colleagues in the Privacy, Data and Cybersecurity practice group explains the importance of HIPAA compliance and data security. You can read more about it here.

New California Law Allows Sharing of Home Care Aides’ Contact Information with Unions on Demand

A controversial amendment to the California Home Care Services Protection Act (Home Care Act) requires the state Department of Social Services (DSS) to provide the names, phone numbers, and addresses of new or renewing registered home care aides (HCAs) to labor unions on request, unless the aides opt out. The new law, which raises concerns over privacy rights, became effective on July 1, 2019. You can read more about it here.

New York Expands Telemedicine Regulations

The authorized use of telehealth to deliver mental health services to New Yorkers has been expanded by amendments to the state Office of Mental Health’s (OMH) Telemental Health Services regulations increasing the types of professionals who may provide care and the places where care recipients can be treated. Our colleagues in the Health Law and Transactions practice group offer details on the expanded regulations. You can read more about it here.

Hospital Settles Claim of Religious Discrimination Based on Applicant’s Refusal of Flu Vaccine

The EEOC announced that it reached a $74,418 settlement with a hospital in Owosso, Michigan, to settle a religious discrimination lawsuit the agency had filed under Title VII against the hospital in U.S. District Court for the Eastern District of Michigan. See https://content.govdelivery.com/accounts/USEEOC/bulletins/24d7ec9; and https://www.eeoc.gov/eeoc/newsroom/release/2-14-18.cfm.

The plaintiff in the case, Yvonne Bair claimed she applied to work at Memorial Healthcare as a medical transcriptionist and was offered the position. However, the hospital revoked its employment offer after she informed the hospital that her Christian beliefs required her to forego receiving an influenza shot or spray, which was a requirement of employment at Memorial. Bair, who would eventually have worked from home, had offered to wear a mask while working in the hospital. Significantly, according to the EEOC, the hospital had a policy allowing employees who had medical problems preventing them from receiving a flu shot to use masks, and it had allowed such employees to forego the vaccine.

According to the EEOC, the hospital will pay Bair $34,418 back pay, $20,000 compensatory damages, and $20,000 punitive damages. In addition, Memorial confirmed that it now permits those with religious objections to wear masks in lieu of having a flu shot. The hospital also agreed to train managerial staff on its religious accommodation policy.

Title VII requires that employers accommodate employees’ religious beliefs. It requires an employer, once on notice, to reasonably accommodate an employee whose sincerely held religious belief, practice, or observance conflicts with a work requirement, unless providing the accommodation would create an undue hardship.

Takeaways

First, the legal requirement to accommodate an employee’s “sincerely held” religious belief applies regardless of whether the employer thinks the belief is “illogical,” “unacceptable,” or “incorrect.” See Dettmer v. Landon, 799 F.2d 929, 932 (4th Cir. 1986). As one court noted, “one man’s religion will always be another man’s heresy.” United States v. Meyers, 906 F. Supp. 1494, 1499 (D. Wyo. 1995). An employer’s inquiry must be limited to whether the employee’s belief is sincerely held. The law did not permit Memorial to consider whether Bair’s religious belief prohibiting flu vaccination was logical or medically advisable.

Second, the obligation of religious accommodation applies to prospective employees just as it applies to workers already employed. An employer may not permit an applicant’s need for a religious accommodation to affect its hiring decision, unless the employer can demonstrate undue hardship.

Finally, an employer violates an employee’s religious rights if a more favorable accommodation is provided to other employees for non-religious purposes. For example, an employer may not treat an employee’s requests for leave for religious observance differently than it treats employee requests for leave for non-religious purposes. See Ansonia Bd. of Educ. v. Philbrook, 479 U.S. 60, 70-71 (1986) (“Such an arrangement would display a discrimination against religious practices that is the antithesis of reasonableness.”). In the case of Memorial Hospital, the lawsuit alleged it treated the employee’s request for religious accommodation to wear a mask, rather than receive a flu vaccine, differently than the same request made by employees for medical, rather than religious, reasons.

As healthcare employers continue to grapple with responding to employees’ religious objections to vaccination programs, they should seek legal counsel to ensure they are responding in a manner that is consistent with applicable local, state and federal laws prohibiting religious discrimination. Jackson Lewis attorneys are available to assist you in making prudent decisions for your institution.

Vermont Court Finds Patient Can Sue Hospital and an Employee for Breach of Confidentiality

In a landmark ruling, the Vermont Supreme Court recently held that a patient had standing to sue both the hospital at which she was a patient and the employee who attended to her, for negligent disclosure of her personal health information to a third-party. Neither the Health Insurance Portability and Accountability Act (HIPAA) nor Vermont law provide for a private cause of action for damages arising from a medical provider’s disclosure of information obtained during treatment. Our colleagues in the Privacy, Data and Cybersecurity practice group offer details on the decision. You can read more about it here.

Three Tips to Investigate Harassment Complaints When You Are Not “the Employer”

The healthcare setting involves many potential “joint employer” landmines, as hospitals often have outside vendors providing services (i.e. food service, laundry service) inside their facilities. Employment and labor law is in flux regarding the “joint employer” standard. See (NLRB’s Proposed Rule Adopts Pre-Browning-Ferris Joint-Employer Standard); (Department of Labor Proposes Updated Interpretation of Joint Employer Standard Under the FLSA). The proposed rules published by the National Labor Relations Board and the U.S. Department of Labor indicate it may be more difficult, going forward, for employees and former employees to establish the existence of a joint employer relationship between a hospital and its vendors, but the rules are not final yet. Employers are in a challenging situation when it comes to investigating allegations of harassment that occur in a potential joint employer relationship. If your employee reports that a vendor’s employee has engaged in inappropriate behavior at work, you should consider these key questions as you investigate the report:

1. Who Is Acting Like the Employer? Examine how the working relationship has been managed–who is supervising and controlling the alleged harasser’s conditions of employment?
2. How Is the Investigation Documented? Documentation should clearly state that you employ the complaining party, and not the alleged harasser. Watch for sloppy references now that could lead to liability later.
3. Who Is the Decision-maker? The joint employer tests focus on who has the authority to discipline or terminate the employee. In order to mitigate the risk of a joint employer finding, when discipline is appropriate, the decision-maker should be the actual employer i.e. the vendor, not the hospital.

For more information about how to manage joint employer issues and workplace investigations, contact your Jackson Lewis attorney, or a member of the Healthcare team.

New York City Ban on Pre-Employment Drug Testing Won’t Apply to (most) Healthcare Workers

On May 10, 2019, a bill amending New York City’s administrative code related to prospective employee drug-testing officially became law for New York City employers. While the law does not go into effect until May 10, 2020, it is the first of its kind in the nation. The law prohibits employers from requiring applicants to submit to pre-employment drug testing for the presence of marijuana or THC. Once the law takes effect, employers in New York City will not be permitted to conduct pre-hire marijuana testing as a condition of employment, but employers will still be allowed to screen for other illicit substances such as opiates, amphetamines, etc.

The new law, however, contains an important exception for certain healthcare workers. Specifically, the law does not apply to any individuals applying for work in any position requiring the supervision or care of children, medical patients, or vulnerable persons as defined by Section 488(15) of the New York Social Services Law. The law further excludes employees in positions that “significantly impact the health or safety of employees or members of the public.”

These exceptions come as welcome news for hospitals, nursing homes, and other healthcare providers. While New York City is expected to issue rules for implementing the new law and further guidance on these and other exceptions, the breadth of these exceptions remains uncertain. For healthcare providers, an important question is whether the exceptions apply to non-medical staff working in medical facilities, such as maintenance employees.

The new law will not affect employers’ right to discipline employees reporting to work under the influence. However, while the plain language of the new law applies only to “prospective employees,” it is not yet clear whether the new law will have any impact on an employer’s right to test current employees for the presence of marijuana.

For now, employers will have to wait until New York City provides further guidance. Luckily, the law does not go into effect until next year, so employers will have ample time to implement new pre-hiring procedures. For more information about New York City’s ban on pre-employment drug testing, read our article “New York City Employers Are Barred from Testing Job Applicants for Marijuana Use,” contact your Jackson Lewis attorney, or a member of the Healthcare team.

House Pushes OSHA to Create a Standard Concerning Workplace Violence in the Healthcare Sector

Members of the House of Representatives recently introduced legislation that would require the Department of Labor to promulgate a standard addressing workplace violence in the healthcare and social service industries. Under the bill, the standard would need to include requirements for employers in the healthcare and social service industries to develop comprehensive plans protecting workers from violence, investigate workplace violence incidents, provide training to employees, and prohibit acts of retaliation against an employee who reports violence or threats. Our colleagues in the Workplace Safety and Health practice group discuss the House Appropriations Committee’s concern that OSHA is failing to move forward to develop and issue needed standards on major safety and health problems. You can read more about it here.

Sexual Harassment in Hospitals: Interns, Residents, Students, Attending Physicians: How to Navigate a Troublesome Problem Among a Diverse Workforce

Much has been written lately about the #MeToo movement and its presence in workplaces as diverse as universities, movie and TV studios. Hospitals are no exception. Savvy employers know that hospitals—large facilities that employ people of all educational backgrounds, races, religions, sexual orientations, ages, and more—can be ground zero for sexual harassment at any time. Differences in attitudes towards the surging #MeToo discourse can prove a perfect opportunity to review policies, state, local and federal laws regarding sexual harassment, and discuss sexual harassment with employees at every level.

Moreover, medical students and residents training for their careers are in a unique position: they must accomplish certain training milestones and acquire crucial knowledge in order to graduate from medical school or complete a residency program. Sexual harassment—whether as the perpetrator or victim—can impinge on one’s success, and even derail careers if the perpetrator or victim does not address the attendant fallout from the incident. Hospitals should take the time to train all employees in the institution’s sexual harassment policies, and in some cities and states, including New York, this training is now required by law.

When colleagues work long hours under pressure and in intellectually and emotionally taxing professions such as medicine, misunderstandings can arise. It is also common for colleagues in the medical profession to socialize, or even date each other after hours. Often, sexual harassment allegations in the workplace arise from a once consensual relationship turned sour. A couple breaks up, and the ensuing unpleasantness of seeing one’s former significant other at work is then a daily reality.

Regardless of whether an institution has a policy in place about workplace relationships, it is paramount that hospitals take sexual harassment seriously. All employers should consider implementing an Employee Assistance Program, offered anonymously to employees experiencing difficulty in their personal lives. Also consider the advantage to being a proactive employer—educating your workforce before a problem arises. In recent years, hospitals in New York City, Long Island and nationwide have faced unfortunate scenarios involving physicians or other staff who never sought help for problematic sexual behavior, and later committed harassment or assaults on coworkers and patients. No employer foresees a talented physician behaving in such a way. But chaperones in exam rooms, creating a “just” culture of respect among colleagues and for patients, and preventive training can go far in preventing incidents that cause harm and create liability. As the profession in which the mantra is, “First, do no harm,” a savvy hospital Human Resources executive or General Counsel can create a workplace culture where healing and patient safety are the priorities above all.

When employers address sexual harassment in a way that employees can feel free to report incidents without fear of reprisal, employees trust that aberrant behaviors will be addressed before they become problems that affect careers, and above all, well-being. For more information about sexual harassment prevention, contact your Jackson Lewis attorney, or a member of the Healthcare team.

HIPAA Penalties Change Under HHS Notice of Enforcement Discretion

Today, the Department of Health and Human Services (HHS) issued a notification of enforcement discretion changing its interpretation of the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 resulting in a reduction in the amount of the cumulative annual penalty limit for violations of HIPAA. Our colleagues in the Privacy, Data and Cybersecurity practice group offer details on the new guidance. You can read more about it here.

LexBlog