With mask requirements shifting and COVID restrictions lifting for fully vaccinated people, many are wondering what is and isn’t allowed when it comes to requesting proof of vaccination.

Some are questioning if requiring proof of vaccination violates HIPAA, or the Health Insurance Portability and Accountability Act of 1996.

HIPAA is a federal law that created “national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge,” according to the U.S. Centers for Disease Control and Prevention. Under its privacy rule, health care providers and certain organizations are prevented from being able to share private health information about a person without their consent.

So does that apply to your vaccination status?

“HIPAA governs doctors, hospitals, companies like that,” said Matthew Kugler, associate professor of law at Northwestern University. “If your restaurant says, ‘Hey, show me your medical record,’ that’s something they can say. You don’t have to say ‘yes,’ like you can be like, ‘No, screw you, I’ll go elsewhere.’ But it isn’t a HIPAA problem for them to ask to see it. It’s only a HIPAA problem if they break into your doctor’s office and steal it.”

Read More….