Department of Labor FOIA
Apparently the Privacy Act doesn't apply to federal government employees...
It only took a year and half to get the results, but the Department of Labor (DOL) finally answered our Freedom of Information Act (FOIA) request. F4F has been trying to determine wether or not the Federal Government observed federal Privacy Act and Health Insurance Portability and Accountability Act (HIPAA) regulations when they began gathering vaccination and medical information from federal government employees. If you read our recent Substack, “The Litigation That Never Was” you are already aware that the answer was a resounding no. There are no legal cut-outs allowing an emergency to supersede one’s medical rights.
DOL began collecting information on federal government employees prior to completion of a Privacy Impact Assessment (PIA), which they only realized was necessary in December of 2021… About three months after collection began in response to the Executive Orders 14042 and 14043.
As a reminder PIAs and Privacy Threshold Assessment’s (PTA) are used to determine if personal information is being transmitted or stored that might be categorized as Personally Identifiable Information (PII) or Personal Health Information (PHI). These have privacy protections that fall under Privacy Act and HIPAA protections.
We should also recall that most of the vaccine tracking databases being used government-wide, like VaxTrak, had already been implemented on government systems prior to the 9 September 2021 mandate. At the time, attesting to one’s injection status was allegedly a voluntary process, but we all know it was just the Orwellian beta test before they rolled it out in earnest.
You can download the scanned PDF FOIA here, and the PDF conversion to searchable text here.
The results primarily consist of an excel spreadsheet broken into small pieces and spread across about 100 separate pages of a PDF document. Super useful and so easy to simply reconstruct…
This gets to a common factor amongst all F4F FOIA results, requests, and processing. Not only is the whole process designed to deny information to the public, it is often provided in a format that ensures it is almost unintelligible.
With the exception of FOIA results that allegedly produced no results, F4F has waited months and years for answers and those paltry answers always involve restricting the request to cartoonishly small slices of information. We submitted a FOIA to the Department of State in 2021… They responded that they would be unable to answer until 2025…
F4F has decided to litigate a number of the FOIA results and those are still in court. An anonymous donor has offered to pay the legal fees for one of our most costly and important FOIA fights, but barring assistance from angel investors, the government has perfected making administrative burdens extraordinarily onerous and expensive. We will be providing a broad overview on our FOIA efforts in an upcoming Substack, so I will save any additional gems of hard won wisdom for that article.
DOL only started exploring the need for PTA/PIA after data had already been collected. More telling, they hung their decision on the need to conduct a PTA/PIA on the fact that they ultimately determined that they wouldn’t collect the public’s vaccination data. To be clear, they intended to do so, but ultimately determined they might get sideways legally.
They were only collecting information from federal employees and they aren’t real people… So, game on, right?
More important, they are categorically wrong when it comes to their right to collect employee PII without a PTA/PIA. This was discussed in the previously mentioned Substack, “The Litigation That Never Was.” The minute your employer collects health information that is used in adjudication purposes, they have have collected PHI and it is covered under HIPAA’s “other” category of protected data.
One pertinent exert from the FOIA aptly describes DOL’s thinking:
Yes, this was one of the reasons why I mentioned we may get pushback. Additionally, Kirsten Moncada (OIRA Privacy Branch Chief) mentioned in a meeting a couple weeks ago that they strongly discouraged not collecting the public's vaccine information, and stated that we should stick to regular guidelines of social distancing/mask requirements within the buildings.
I get there may be confusion since we collect vaccine information from federal employees. However, federal employees' information is considered public information so the collection or rather the ability to ask/maintain/store their vaccine information does not trigger as many privacy protections as members of the public. This is another reason Vaxtrack (sp) did not require a privacy impact assessment and privacy threshold assessment, since it only collected information from federal employees.
F4F is still in the fight and we are doing our best to hold the government accountable for the egregious violations of trust that occurred over the last three years of COVID madness. Please consider becoming a member or donating through support to this Substack.
 |
|