Capturing vaccination data for employees is a relatively new concept for most organisations. This article provides some quick facts and helpful links to get you started curated from existing organisations using our Vaccination Register solution.
Q: Am I allowed to ask my employees for their vaccination status?
Yes, but with some caveats. The full explanation of how this works is available on the OAIC’s website but in short, if it’s necessary for you do so and if the employee consents, then you are allowed to collect and store the employees vaccination status.
Q: How do I cater for employees that don’t want to provide their vaccination status?
This depends on your industry rules and mandates, which are a combination of both federal and state requirements. The best option is to use a platform like our Vaccination Register which allows employees to opt-out of the collection process.
For example, in our Vaccination Passport tool, you can enable the opt-out flow and provide custom options such as: don’t intend to vaccinate, have a medical exemption, can’t get a booking, etc.
Q: Will governments offer a vaccination status solution for my workforce?
Yes. It is likely most, if not all, state governments will provide a solution. However, their solution will likely have to adhere to same requirements for their QR Codes meaning there will still be some limitations for you as an employer:
State governments currently have mandates for vaccination status tracking for various sectors that must be adhered to in the absence of a government provided solution, meaning the liability for doing so sits with your business now, not later.
Similar to existing government QR Code solutions, vaccination information is not likely to be accessible by your HR/WHS team.
Similar to existing government QR Code solutions, it is not likely to include other compliance requirements e.g. capacity tracking, health screening questions, etc.
Q: Is capturing and storing employee vaccination status considered Personal Health Information (PHI)?
The short answer is yes. This means that whatever system you use to store employee vaccination status, must comply with Australian Privacy Principles for storing PHI.
Unfortunately this means existing solutions such as spreadsheets stored in the cloud and the majority of HR platforms are not suitable for capturing and storing this type of information.
Q: So how do I securely store Personal Health Information (PHI)?
The easiest approach is to use an easy-to-use, cloud-based platform that is specifically designed to capture and store PHI, like our platform, https://covidcomply.org/vaccinations
Platforms that go above and beyond requirements in Australia will also publicly commit to maintaining parity with the HIPAA Privacy Rule, which is an international gold standard for storing PHI digitally.
Q: Is there someone I can talk to about this?
We’re happy to jump on a call anytime. We work with organisations in every corner of Australia and consequently we are familiar with the various set of rules and regulations depending on the state and industry. Organisations are using our software in so many different ways to meet evolving compliance requirements.
Hit the chat button in the bottom right corner of the screen or email us at [email protected]