230 - A Tangled Web: Navigating the Complexities of Recordkeeping, Privacy, and Security for Occupational Health Providers

Occupational health providers face constant challenges due to the increasing federal and state recordkeeping, privacy, and security regulations imposed upon them. Whether providers are solely practicing occupational health or also providing other services, or services to dependents of employees, they must understand the privacy and security obligations that apply to their patient's health information. We will explore how providers should categorize records and work through the various statutes and regulations that apply to each type of record, including OSHA's recordkeeping, privacy, and access requirements as well as HIPAA, the Information Blocking Rules, the ADA, FMLA, and EEOC requirements, DOT requirements, and various state laws. We will also touch on: - Special rules related to highly sensitive areas, e.g. drug testing, communicable diseases, mental health records, and reproductive care - Privacy and security concerns and related best practices, including questions that medical directors should be asking vendors who are responsible for the maintenance and security of occupational health records- The role of AI in occupational health programs