If we are storing a copy of vaccination records for our employees, do we need to be HIPAA compliant?
Can't find anything about storing the cards, just that it is okay to ask to "see" them.
Excellent question and the answer is no, you do not need to be HIPAA compliant to store those records.
"The Privacy Rule does not protect your employment records, even if the information in those records is health-related"
Employers and Health Information in the Workplace | HHS.gov