In the ETS OSHA has provisions that potentially do not impose fines for companies that are making a good faith effort to be in compliance with the order.  However, this  only addresses OSHA violations, not HIPAA violations.  HIPAA is governed by the department of health and Human Services (“HHS”).  This is an entirely different entity than OSHA and has their own specific enforcement guidelines and task force mandates and staffing.  HIPAA violations are expensive and punitive; sometimes in the millions of dollars. 

What a HIPAA data infrastructure means:

A fully HIPAA compliant data system requires your IT infrastructure to conform to multiple disciplines and structures.  These include, but are without limitation to:

• BAA agreements in place with all entities or persons that interact with your data including internet service providers, software vendors, SAAS providers.  All of which must also maintain HIPAA across all platforms.
• Specific encryption and decryption of data both in transit and at rest
• Specific data biometric access and authentication requirements
• Logs that show data access, management and security
• Storage, back up, security measures, contingency plans for data breaches

You could sign an agreement with SAAS provider to provide you a HIPAA compliant infrastructure, however its likely that you would have to then re architect your entire business workflows onto this platform which is likely a non starter for most organizations.  You could as an alternative, simply use this new SAAS infrastructure to support the HIPAA required portions of your business requirements.  However, this would mean you are running two system at once.  These types of data arrangements cost close to 100K per year in license fees alone.  You could try to upgrade your infrastructure to a HIPAA compliant one, however this takes cooperation from the other entities that you interact with in signing a BAA agreement in conformity to HIPAA.  As well, likely making several changes to your infrastructure that are both costly and take time to implement.  The end result would likely be a significantly increase latency in your system requiring more system resources to bolster your servers and infrastructure, this would likely be costly as well.  

Who bears these costs for required COVID-19 testing and data retention?

The OSHA COVID-19 ETS does not require employers to bear the cost of testing the non-vaccinated workforce, but states that other laws and regulations may require the employer to bear these costs.    However, the ETS does require employers to bear the cost of the data collection, presentation, reporting, storage and reporting in a HIPAA compliant fashion.  

Is my business responsible for the costs of the testing I’m required to do?

Yes.  All businesses that are subject to the OSHA mandate, are responsible for providing a COVID test to their unvaccinated workforce at least once a week and/or pay for the costs of that test without a copay or deductible cost to the unvaccinated employees. 

How can QRMDs provide me a $0 direct cost solution that will satisfy the mandated requirements? 

To understand how you can achieve a $0 direct cost solution you need to first understand the underlying fundamentals of the CARES Act and as further clarified by President Biden’s in February of 2021.  In his address and publication the President delineated the responsibilities of the insurance health plans. First, the CARES Act overall, provides that no patient should have to pay a copay or deductible for COVID-19 testing, whether or not that patient is symptomatic or not.  Any test that is ordered by a licensed physician using a reasonable standard of care to determine medical necessity, qualifies generally for reimbursement under the CARES Act.  The CARES Act mandates that all insurance companies, plans and payers cover without costs or fees to the patient for all costs related to testing.  Further, the CARES Act provides funds to cover the cost of uninsured individuals testing via the HRSA fund.  These funds are reimbursed by the Federal Government.  The CARES Act goes on to say; “However, plans and issuers are not required to provide coverage of testing for public health surveillance or employment purposes”.  So how do we reconcile these two things?  We will try to explain how our program works and how it will benefit your business below.

What qualifies as medical necessity?

Medical necessity is defined by the American Medical Association as: “Health care services or procedures that a prudent physician would provide to a patient for the purpose of preventing, diagnosing or treating an illness, injury, disease or its symptoms in a manner that is in accordance with generally accepted standards of medical practice”.  Currently statistics show us that with the proliferation of variants Omicron and Delta, that both vaccinated and unvaccinated alike are subject to infection.  The CDC coins these as breakthrough infections.  Further, both the vaccinated and unvaccinated alike can pass their infection to others.  Therefore anyone who has documented exposure risks, is a reasonable candidate currently for a COVID-19 test.  This will change over time and our medical professionals will opine accordingly when it does. 

 How to make the program work for you and your business:

All testing should be based on medical necessity and NOT as a condition of employment or work requirement.  Your business may be under city, state or Federal regulations required to do some form of testing, however you should have your own corporate mantra that you are concerned about keeping your workforce safe and productive as well as the safety of your customer base that interacts with your employees.  Set your testing parameters based on this and make the decision for testing solely based on reasonable medical necessity and you will qualify for testing under our program.  To do this take these following steps:

• • Have all of your employees enroll into the QRMDs COVID-19 testing program.  Enter their information and upload their vaccination and insurance information.  
  • Each week make sure every employee (before Saturday) logs into the patient portal and answers the 4 short medical necessity questions.  Whether they are going to test or not, irrespective of vaccination status. 

Enroll all of your employees into the QRMDs COVID-19 program.  Ask that all businesses that interact with your program, have their employees participate in your program and/or provide proof of routine testing as a condition of your engagement of them to interact with your business.  They can even register within your program and test at your location during your testing times. 

Have all employees registered and test those who qualify for medical necessity rather than as a requirement of your business.   All employees, vaccinated and non-vaccinated alike register upload a copy of their insurance cards and vaccination proof and status.  Then, each week all employees complete a medical necessity verification form at least the Saturday prior to the following week.  This takes less than one minute of time and can be done on their mobile device.  The medical necessity verification form will be reviewed by our medical director and medical professionals.  Based on this we will make a recommendation, based on medical necessity, as to whom is qualified to take a test.  All or a portion of your workforce tests based on medical necessity as ordered by our medical staff.  Then the costs of these tests should be covered under the CARES Act at $0 direct costs to your organization.  Note that all insurance plans are different in nature and you should consult your benefits manager to determine the best course of action for your company.  

The advantage of testing in this fashion, is that you save time and money on employee absence for their testing.  Further, if you test your workforce regularly, and identify the infected within your work population before they can infect others, then less staff will be infected which in turn will mean less payroll demands for staff that is in quarantine and not actually working.  Remember, your company is responsible to pay workers that are infected with the virus for their normal salary they would miss by being in quarantine.  

 QRMDs can provide your business at no direct costs:

•  Fully compliant vaccination status reporting and certification copy storage
• On-site self collected testing, both rapid and RT-PCR testing your staff
• A complete end to end solution-  Web based, HIPAA compliant and secure.  
• Full physician guidance, documenting medical necessity via telemedicine
• No specialized staffing required.  Fully FDA EUA approved RT-PCR and rapid testing at $0 dollar direct costs