Black Logo

Our site uses cookies to give you the best user experience and to collect and share information for analytics, advertising and personalization on this and other sites. Please select whether you consent to our use of cookies and related technologies (“Cookies”), as described in our Cookie Policy. You can return at any time from the same web browser to update your preferences. Please note that resetting your browser’s cookies will reset your preferences. You can control the use of some types of cookies through the Cookie Settings below, but note that if you choose to disable certain cookies, it may limit your use of certain features or functions on our services and websites.

Privacy Policy
Strictly Necessary Cookies

These cookies are required to enable core site functionality.

Functionality Cookies

Functionality cookies allow us to provide enhanced and more personalized content and features. In order to permit your connection our website, our servers receive and record information about your computer and browser, potentially including your IP address, browser type, and other software or hardware information. All of these features help us to improve your visit and assist in navigation of the sites’ features.

Analytics Cookies

We and our service providers may use analytics cookies, which are sometimes called performance cookies, to collect information about your use of our website, for instance, which pages you go to most. The information allows us to see the overall patterns of usage, help us record any difficulties users may have while using our website and can show us whether or not our advertising is effective.

Advertising And Targeting Cookies

We may use third party advertising and targeting cookies to correlate your use of our website to personal information obtained about you so that we may more clearly target the information we provide you to the specific items we think you will find interesting, based on your prior online activities and preferences. We also may use these cookies to deliver ads that we believe are relevant to you and your interests.

For more information, view our Cookie Policy


As Medical Privacy Limits Blur, the Legal Industry Prepares

Legility 07 / 13 / 21

In early June, new guidance from the U.S. Equal Employment Opportunity Commission (EEOC) stated that employers can now require workers to get COVID-19 vaccines before they are allowed back into the workplace. While it is not clear what will happen if they refuse, employees will, at the very least, have to share information about their vaccine status with their employers should their employers opt to require this information.

The Commission was careful to point out that employers are still required to provide reasonable accommodations or exceptions for employees who cannot get vaccinated for specific reasons based on the Americans with Disabilities Act (ADA), Title VII of the Civil Rights Act, and other federal laws.

The EEOC warns that employers need to be “not coercive” about how they handle the vaccine validation process. However, what is considered “coercive” is widely open to interpretation (the EEOC gave no legal examples). This ambiguity has led to a number of questions as to how these requirements will shape employment in the future. In addition, many employers are formally ending work-from-home initiatives, forcing workers to either come back into the office or voluntarily leave their jobs. Legal experts think there's enough gray area to cause a flurry of litigation as many regions ease pandemic lockdown restrictions or stay-at-home orders.

Why current guidelines say vaccine status is not private

In December, the EEOC published its What You Should Know About COVID-19 and the ADA, the Rehabilitation Act, and Other EEO Laws guidelines, where the Commission stated that a COVID-19 vaccination requirement does not infringe on any current privacy legislation such as the Americans with Disabilities Act (ADA) or HIPAA. HIPAA is the Health Insurance Portability and Accountability Act that regulates how healthcare providers can share patients’ confidential medical information, but it does not cover what employers can require.

The EEOC reasoned that requiring an employee to show proof of vaccination is not a disability-related inquiry because there could be many reasons why an employee has not been vaccinated.

Last September, Legility sponsored a webcast entitled Global Privacy in the Age of COVID-19: Navigating Unprecedented Change where the speakers clearly defined what information is considered private under worldwide laws. Vaccine status was not considered private by most laws, while the reasons for not being vaccinated as well as the actual vaccine records were considered protected.

Legal experts think that there's enough gray area to cause a flurry of litigation as many regions ease pandemic lockdown restrictions and stay-at-home orders.

Pitfalls to avoid for employers – and employment lawyers

According to law firm Gibson, Dunn & Crutcher, authors of a definitive report on data privacy, the full ramifications of COVID-related changes to data privacy and security regulations are likely to be extraordinary and wide-ranging.

The EEOC’s guidance answered some legal questions but could prompt litigation if employers aren’t mindful of myriad pitfalls. For example, employers who follow the U.S. Centers for Disease Control and Prevention (CDC) guidance and allow vaccinated employees to forgo masks but require unvaccinated employees to wear masks, may be placing themselves at risk of inciting issues between workers, or may find themselves policing the workplace and asking employees to disclose their medical information.

Second, the EEOC has also said that employers can provide incentives (like cash rewards) to nudge workers to get vaccinated. If an incentive is high enough, workers may feel pressured to disclose private medical information they would never otherwise divulge to their employers.

Third, although vaccines are fairly widely available in the United States, some groups of people may not have access to medical care and may be unfairly impacted by employer-mandated vaccinations.

Lastly, it is illegal to enforce vaccine mandates in a way that treats employees differently based on race, nationality, religion, sex, sexual orientation or identity, pregnancy, disability, age, or genetic information. Doing so would be a violation of the ADA as well as the employees’ civil rights.

Companies are also required to provide a safe workplace based on U.S. Occupational Safety and Health Administration (OSHA) guidelines. This includes limiting their employees’ risk of virus exposure and making any necessary physical adaptations to the workplace prior to reopening facilities. With COVID-19 vaccines, this could mean requiring the vaccine, providing personal protective equipment like masks or gloves, setting part-time in-office work schedules, or limiting capacity in the physical workplace.

How Legility can help

Employers should reach out to trusted legal counsel before issuing return to work mandates. Legility offers a direct connection to trusted legal advice in handling matters around COVID-19, including employment law, pharmaceutical and healthcare law, and privacy law. Our flexible, knowledgeable legal teams – working with clients on a temporary or long-term basis under the supervision of counsel – will help businesses remain compliant with all the latest regulations and guidelines.

Download our white paper for everything you need to know about global privacy in the age of COVID-19.

Legility is a legal services company providing data hosting and management, technology-enabled services, consulting, flexible legal talent, and managed review services to in-house law departments and law firms. Legility is not, and none of its affiliates are, a law firm and does not provide legal advice as part of its services and nothing contained herein should be construed as such.

Hire qualified employment lawyers today.

About the author


Legility, a leading provider of technology-enabled legal services, provides consulting, technology, managed solutions, and flexible legal talent to corporations and law firms. The company has more than 1,000 lawyers, engineers, consultants, technology and data specialists, and operational experts serving more than one-third of the Fortune 100 and one-quarter of the Am Law 200. Legility helps its clients improve operational efficiency. By combining people, processes, and technology, Legility offers innovative and bundled solutions that align with how the legal market is increasingly looking to engage.

Subscribe to Insights

Your one-stop shop for the Legility logo & more.

Your one-stop shop for the Legility logo, brand guidelines, photography assets, and more.

Subscribe to insights