Kiteworks | Your Private Content Network

Secure File Sharing and Governance Platfform

Free Trial EXPLORE KITEWORKS

Fact Sheet - Managing Employee Vaccination Mandates

What organizations need to do to comply with U.S. vaccine mandates without violating HIPAA.

Download PDF

FACT SHEET

Managing Employee Vaccination Mandates

Protect and Ensure Compliance of Employee Vaccination Records With Kiteworks

In concert with the economic recovery to the COVID-19 pandemic, many businesses around the world must now manage vaccine requirements for their employees. Some of these programs are being voluntarily initiated by individual businesses. For other organizations, participation is mandated by federal, state, and/or local governments.

Records and Compliance Requirements

Kiteworks helps organizations track compliance with the vaccine mandate while securing protected health information (PHI).

Confirming employee vaccination status and enabling them to easily and securely upload that status involves the communication of sensitive protected health information (PHI) in compliance with strict privacy regulations. This presents numerous challenges:

Organizations must build and maintain accurate and updated records of vaccination status, exceptions from vaccination, and COVID-19 testing results for employees, contractors, and others.

Employers must secure this information against compromise and theft by both external cyber criminals and insider threats. Vaccination records, test results, and information that might be submitted in a medical exemption request are all protected PHI.

Organizations must demonstrate compliance with both the vaccine mandate and information protection provisions in laws like the Health Insurance Portability and Accountability Act (HIPAA).

With the relative newness of these requirements, many organizations have not completely mapped out their systems and process for the capture, storage, and auditing of this information. Without an effective and secure system in place, deficient sharing and transfer of PHI can potentially expose these communications to bad actors as well as expose them to HIPAA compliance penalties. Additionally, organizations must log every action associated with the handling of vaccine-related PHI—download, upload, view, send, and permission change.

www.kiteworks.com

FACT SHEET

Managing Employee Vaccination Mandates

The Kiteworks Solution

Kiteworks® provides a comprehensive solution for vaccine mandate compliance:

  • Unifying employee vaccination records communications. Kiteworks enables simple, secure uploads from mobile devices and on the web, providing an easy solution that is scalable, even for agencies with hundreds of thousands of employees. It also ensures that attachments stay private for employees who submit their information through email.
  • Tracking vaccine mandate compliance. Kiteworks automatically logs every action, including uploads, downloads, views, sends, and permission changes. It enables comprehensive tracking of vaccination records to meet and document compliance.
  • Controlling for information protection compliance. Kiteworks enforces compliance controls, such as limiting access to PHI to those with a need to know to comply with PIPEDA. To document compliance for audits, it provides reporting of the control settings and all activities.
  • Securing vaccination and testing records. Kiteworks protects sensitive information using a layered defense model. Whether employees submit their proof of vaccination on the mobile application, the website, or by email, the information is automatically encrypted in every send, upload, download, and save.

For more information on Kiteworks, visit www.kiteworks.com.

 

HIPAA Penalties

  • Category 1: Entity was unaware of and could not have realistically avoided, had a reasonable amount of care been taken to abide by HIPAA rules. Minimum fine of $100 per violation up to $50,000. Maximum $25,000 per year.
  • Category 2: Entity should have been aware of but could not have avoided even with a reasonable amount of care. Minimum fine of $1,000 per violation up to $50,000. Maximum $100,000 per year.
  • Category 3: Direct result of “willful neglect” of HIPAA rules, in cases where an attempt was made to correct the violation. Minimum fine of $10,000 per violation up to $50,000. Maximum $250,000 per year.
  • Category 4: Willful neglect where no attempt was made to correct the violation. Minimum fine of $50,000 per violation. Maximum $1.5M per year.

www.kiteworks.com

December 2021

Copyright © Kiteworks. Kiteworks mission is to empower organizations to effectively manage risk in every send, share, receive, and save of sensitive content. To this end, we created a platform that delivers content governance, compliance, and protection to customers. The platform unifies, tracks, controls, and secures sensitive content moving within, into, and out of their organization, significantly improving risk management and ensuring regulatory compliance on all sensitive content communications.

Get started.

It’s easy to start ensuring regulatory compliance and effectively managing risk with Kiteworks. Join the thousands of organizations who feel confident in their content communications platform today. Select an option below.

Schedule a Demo
Talk to a Rep

Lancez-vous.

Avec Kiteworks, se mettre en conformité règlementaire et bien gérer les risques devient un jeu d’enfant. Rejoignez dès maintenant les milliers de professionnels qui ont confiance en leur plateforme de communication de contenu. Cliquez sur une des options ci-dessous.

VOIR LA DÉMO
CONTACTER UN COMMERCIAL

Jetzt loslegen.

Mit Kiteworks ist es einfach, die Einhaltung von Vorschriften zu gewährleisten und Risiken effektiv zu managen. Schließen Sie sich den Tausenden von Unternehmen an, die sich schon heute auf ihre Content-Kommunikationsplattform verlassen können. Wählen Sie unten eine Option.

DEMO ANSCHAUEN
MIT EINEM MITARBEITER SPRECHEN
Share
Tweet
Share
Get A Demo