The simple answer is Cal/OSHA has not clarified if the 30-year retention rule is triggered by requirements of the COVID-19 Emergency Temporary Standards (ETS).

Pursuant to Cal/OSHA’s amended ETS employers are required to document the vaccination status of their employees if the employer intends to allow vaccinated employees to work without a face covering or to determine whether an employee needs to be excluded from the workplace due to a close contact with a COVID-19 case.

Under Cal/OSHA’s Frequently Asked Questions for the revisions to the ETS  three acceptable options are outlined for obtaining this vaccination information:

  • Employees provide proof of vaccination (vaccine card, image of vaccine card, or health care document showing vaccination status), and the employer maintains a copy.
  • Employees provide proof of vaccination. The employer maintains a record of the employees who presented proof, but not the vaccine record itself.
  • Employees self-attest to vaccination status and the employer maintains a record of who self-attests.

Under a separate Frequently Asked Questions page for the ETS generally, Cal/OSHA includes the following:

Q: How long are employers required to maintain documentation of employee vaccination status?

A: Vaccination records created by the employer under the ETS need to be maintained for the length of time necessary to establish compliance with the regulation, including during any Cal/OSHA investigation or appeal of a citation.

In order to encourage documentation using vaccination records, Cal/OSHA has determined that it would not effectuate the purposes of the Labor Code to subject such records to the thirty (30) year record retention requirements that apply to some medical records.

It is unclear if this response is intended to absolve employers from the typical 30-year medical record retention for all methods of vaccination status confirmation or only “employer created” documents such as when an employee’s self-attests to vaccination status.

Under 8 CCR 3204, subdivision (d), employers are mandated to maintain for at least the duration of an employee’s employment plus 30 years, medical records of employees, except for minor exceptions. Under the regulation, a medical record is defined as a “record concerning the health status of an employee which is made or maintained by a physician, nurse, or other health care personnel, or technician.”

Based on the general Cal/OSHA regulation, it would appear if an employer collects a copy of the vaccine card or other proof that was made or maintained by a physician, nurse, or other health care personnel, or technician, the employer would need to maintain those records for the duration of employment plus thirty years.

Hopefully, Cal/OSHA will further clarify their FAQs regarding the maintenance of vaccination records shortly. In the meantime, employers should be sure that if they are requesting documentation of vaccination status from employees it is being maintained in a confidential file.

If you have questions about compliance with the Cal/OSHA ETS or related workplace safety issues contact a Jackson Lewis attorney to discuss.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Sean Paisan Sean Paisan

Sean Paisan is of counsel in the Orange County, California, office of Jackson Lewis P.C. He is the leader of the firm’s Cal/OSHA practice subgroup and co-leader of the firm’s Construction industry group. His practice focuses on assisting employers with Cal/OSHA compliance, investigations…

Sean Paisan is of counsel in the Orange County, California, office of Jackson Lewis P.C. He is the leader of the firm’s Cal/OSHA practice subgroup and co-leader of the firm’s Construction industry group. His practice focuses on assisting employers with Cal/OSHA compliance, investigations, and fighting citations. Additionally, Sean also assists employers in data privacy and traditional employment matters, including litigation and counseling.

Sean’s first exposure to OSHA regulations occurred during his undergraduate studies while working for a construction company that helped build Disney’s California Adventure. After attending law school and working for the Los Angeles County District Attorney’s Office and the United States Attorney’s Office, Sean moved into private practice, where he focused on general liability matters, including serious injuries and fatalities. Through this experience, Sean became very knowledgeable on the myriad of Cal/OSHA regulations imposed on businesses, especially in the construction, manufacturing, and healthcare industries, and the consequences for violations of those regulations. From there, Sean became OSHA 30 certified and began assisting employers with all workplace safety matters, from compliance, to investigations and inspections, to the appeals of citations in California, Arizona, Washington, and Hawaii.

Throughout his career, Sean has been called upon to try cases that cannot be settled. He has handled trials in the United States District Court, California Superior Court, Cal/OSHA Appeals Board, Workers Compensation Appeals Board, and the US Department of Labor OALJ, as well as binding arbitrations. Sean has tried cases involving the following subjects: general employment, wrongful death, premises liability, unfair competition (B&P § 17200), false advertising (Lanham Act), misappropriation of trade secret, restrictive covenants, and whistleblower (AIR21).

In addition to his trial experience, he is routinely called on to assist his clients with workplace crises such as catastrophic injuries, fatalities, data breaches, and ransomware incidents. Drawing on his years of in both civil and criminal law, Sean’s unique background allows him to anticipate and proactively manage issues, rather than simply reacting to requests and inquiries by investigating agencies such as law enforcement, OSHA, Cal/OSHA, California Bureau of Investigations (BOI), Federal Aviation Administration (FAA), National Transportation Safety Board (NTSB), as well as opposing counsel in litigation matters.

In addition to his litigation experience, Sean has earned the CIPP/US credential through the International Association of Privacy Professionals (IAPP). He helps organizations manage rapidly evolving privacy threats and mitigate the potential loss and misuse of information assets. He has an in-depth understanding of how privacy laws can impact business operations. These laws include the Health Insurance Portability and Accountability Act (HIPAA), Federal Trade Commission Act (FTC Act), Health Information Technology for Economic and Clinical Health Act (HITECH), Genetic Information Nondiscrimination Act (GINA), Fair Credit Reporting Act (FCRA), Gramm-Leach-Bliley Act (GLBA), Fair and Accurate Credit Transaction Act (FACTA), Dodd-Frank Wall Street Reform and Consumer Protection Act, California Financial Information Privacy Act, Family Educational Rights and Privacy Act (FERPA), Telemarketing Sales Rule, Telephone Consumer Protection Act (TCPA), Junk Fax Prevention Act, Controlling Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM), Cable Communications Policy Act, Video Privacy Protection Act, Children’s Online Privacy Protection Act (COPPA), California Online Privacy Protection Act (CalOPPA), California Consumer Privacy Act (CCPA), and California Privacy Rights Act (CPRA). With respect to laws affecting the ability of the government to obtain information, Sean can assist employers in understanding their obligations under the Federal Wiretap Act, Electronic Communications Privacy Act (ECPA), Communications Assistance for Law Enforcement Act (CALEA), Right to Financial Privacy Act, Privacy Protection Act, Foreign Intelligence Surveillance Act (FISA), and USA PATRIOT Act.

Before becoming an attorney, Sean earned his bachelor’s degree in accounting from the University of Southern California, where he also played varsity ice hockey in the ACHA. When not practicing law, Sean enjoys spending time with his wife and three young children, playing adult league ice hockey, mountain biking, and motorsports.