Piles of sensitive information crosses paths with HR practitioner’s everyday and managing it all can be a daunting task. The communication comes from all sides and in all forms. Topics dealing with health, compensation, employee investigations, harassment claims and related items must be consistently and appropriately managed. Whether it’s a live discussion, e-mail, or telephone call, be prepared when it happens to you.
Review these slides and learn how to manage highly sensitive information with “an everyday practical approach” presented by G&A Partners' HR Advisor, Brittany Cullison.
5. Medical
and
Health
Informa*on
• Medical
and
health
informa*on
comes
in
many
forms:
• Doctor’s
notes
with
men*on
of
diagnosis
• Worker’s
Compensa*on
informa*on
• ADA
reasonable
accommoda*on
requests
or
ADA
covered
informa*on
• FMLA
requests
or
documenta*on
• HIPAA
covered
informa*on*
6. ADA
• Protects
qualified
individuals
with
disabili*es
• Has
a
physical
or
mental
condi*on
that
substan*ally
limits
one
or
more
major
life
ac*vi*es
• Has
a
record
of
such
an
impairment
• Is
regarded
as
having
such
an
impairment
• Requires
employer
to
make
reasonable
accommoda*ons
UNLESS
doing
so
would
impose
undue
hardship
7. FMLA
• Leave
permi6ed
for:
• Birth,
adop*on,
foster
care
• Employee’s
own
medical
condi*on
• Immediate
family
member’s
medical
condi*on
• To
handle
qualifying
exigencies
• Care
for
family
member
injured
in
ac*ve
military
• service
8. FMLA
• Leave
permi6ed
for
• Birth,
adop*on,
foster
care
• Employee’s
own
medical
condi*on
• Immediate
family
member’s
medical
condi*on
• Care
for
family
member
injured
in
ac*ve
military
service
9. HIPAA
• Provides
rights
and
protec*ons
for
pa*ents,
along
with
par*cipants
and
beneficiaries
in
group
health
plans
• Prohibits
release
of
PHI
without
consent
• Typically
only
applies
to
self-‐insured
10. Medical
and
Health
Informa*on
• You
receive
medical
informa*on
from
an
employee—
• Evaluate
the
informa*on
• Ask
follow
up
ques*ons,
if
necessary
• Determine
next
steps
• Keep
confiden*ality
in
mind
throughout
the
process
• Document
11. Medical
and
Health
Informa*on
Confiden*ality
best
prac*ces
with
medical
informa*on
• Medical
informa*on
in
separate,
confiden*al
file
• Medical
informa*on
released
on
a
need-‐to-‐know
basis:
• Supervisors
or
managers
that
need
to
be
aware
of
accommoda*ons
• Safety
personnel
• State
Worker’s
Comp
office
• Insurance
purposes
12. Inves*ga*ons
• Inves*ga*ons
can
be
for
a
variety
of
reasons,
including:
• Discrimina*on
or
harassment
claims
• Violence
in
the
workplace
reports
• Other
policy
or
procedural
viola*on
13. Inves*ga*on
Best
Prac*ces
• Receiving
the
complaint/report
• Get
wri6en,
signed
statements
when
possible
• Ask
for
witnesses
or
suppor*ng
documents
• Clarify
that
retalia*on
is
not
tolerated
14. Inves*ga*on
Best
Prac*ces
• Prepara*on
• Review
informa*on
sources
• Determine
who
needs
to
be
interviewed
• Determine
ques*ons
• Evaluate
if
interim
ac*on
is
necessary
15. Inves*ga*on
Best
Prac*ces
• Conduc*ng
the
Inves*ga*on
• Keep
thorough
documenta*on
• Introduc*on
• Listen
• Talk
to
everyone
with
relevant
informa*on
16. Inves*ga*on
Best
Prac*ces
• Inves*ga*on
Wrap
up
• Review
the
gathered
informa*on
• Make
determina*on
and
develop
ac*on
plan
• Communicate
decision
• Prepare
report
17. Inves*ga*on
Best
Prac*ces
• Inves*ga*ons
should
be:
• Prompt
• Complete
• Consistent
• Objec*ve
• Credible
• and
handled
with
confiden*ality
best
prac*ces!
18. Employee
Discipline/Termina*on
• Use
discre*on
when
preparing
for
or
conduc*ng
disciplinary/termina*on
mee*ngs
• Informa*on
shared
on
a
need-‐to-‐know
basis
• Mee*ngs
held
with
privacy
and
security
in
mind
19. Employee
Personal
Informa*on
• HR
and
administra*ve
offices
encounter
personal
informa*on
on
employees
in
many
different
forms:
• I-‐9
Documenta*on
• New
Hire
paperwork
containing
personal
data
• Direct
Deposit
• Payroll
files
• Includes
customer
informa*on
as
well
• ID
thea
preven*on
is
cri*cal!
21. ID
Thea
Preven*on
• Evaluate
informa*on
security
and
disposal
• How
easy
is
it
for
someone
to
access
your
office
during
business
hours?
• How
long
documents
stay
at
the
printer
before
some
one
retrieves
them?
• Are
documents
that
contain
personal
informa*on
lea
out
una6ended?
• Are
computer
screens
being
locked
every
*me
someone
leaves
there
desk?
22. ID
Thea
Preven*on
• Are
cabinets
and
drawers
being
locked?
• Are
emails
that
contain
personal
informa*on
being
sent
securely?
• Are
documents
properly
shredded
when
no
longer
needed?
• Who
in
the
office
has
access
to
sensi*ve
informa*on?
23. ID
Thea
Preven*on
• Develop
a
protec*on
plan
• Conduct
a
“walk
through”
• Iden*fy
poten*al
risks
• Create
easy
to
follow
guidelines
and
procedures
• Educate
your
employees
• The
importance
of
protec*ng
personal
informa*on.
• Measure
that
the
company
will
take
to
began
this
process.
• How
the
process
will
be
enforced.
24. ID
Thea
Preven*on
• Have
a
Breach
Plan
• No*fy
employee,
law
enforcement
and
possibly
FTC
• No*fy
credit
bureaus
• Conduct
internal
inves*ga*on
• Take
steps
to
minimize
or
prevent
addi*onal
loss
25. Company
Informa*on
• Employees
will
oaen
come
to
HR
or
Managers
with
ques*on
of
upcoming
changes
• Be
very
careful
of
what
you
pass
to
employees
26. Employee
Files
• Do
you
maintain
a
separate
employee
file
for
confiden*al
informa*on?
• Medical
records
• Pre-‐employment
medical
exam
and/or
drug
screen
results
• Applica*on
for
Employee
Assistance
Program
• Any
Private
Health
Informa*on
(PHI)
as
defined
by
HIPAA
• Any
medical
records
with
personally
iden*fiable
informa*on
(FMLA
requests
forms
if
the
employee
has
disclosed
the
nature
of
his/her
illness)
• Return
to
work
releases
• Workers
compensa*on
records
including
First
Report
of
Injury
27. Employee
Files
• Inves*ga*on
Records
• Discrimina*on
or
harassment
complaints,
including
inves*ga*on
reports
• Legal
case
informa*on
• Complaints
of
conduct/policy
viola*ons,
including
inves*ga*on
notes
and/
or
reports
• Security
Clearance
and
Inves*ga*on
Records
• Background
check
results,
including
any
arrest
and/or
convic*on
records
and
reports
of
criminal
history
• Personal
credit
history
28. Employee
File
Best
Prac*ces
• All
personnel
data
should
be
maintained
securely
• Have
a
locked
file
cabinet
• Manager
access
only
for
normal
file
• Upper
level
manager/HR
access
for
confiden*al
file
29. General
guidelines
• Employee
informa*on
should
always
be
treated
as
sensi*ve
informa*on
• Use
the
“need-‐to-‐know”
rule
when
other
guidelines
are
absent
• Keep
company
confiden*ality
policies
in
mind
• The
best
approach
is
the
ethical
approach