[hn_throwaway_99]

Note the author updated his post in response to my comment. It originally said "protected health information", which is what I was reacting to. PHI is a very specific thing in US law, and increased legal exposure when handling PHI only applies to very specific entities.

The reason I commented is because there is a ton of misunderstanding in the real world that confuses "Joe isn't on the call today because he's got COVID" with the legal responsibilities that, say, your doctor has when sending you your COVID results.

To be honest, I think there is a lot of unnecessary concern over health information due to this misunderstanding. Obviously there is a ton of information that people prefer to keep private, but in those cases, they keep it private, or would at least tell you not to tell anyone. Due to the misunderstanding about PHI, I think people mistakenly confuse any banal health information as inherently requiring a higher level of protection/discretion, and this isn't really true. Frankly, there is a ton of other info that people probably want to keep more private than whether or not they had COVID (these days, who hasn't?) or whether someone is pregnant (usually makes itself self-evident in any case).