COVID-19 Mandatory Vaccination and Workplace Safety Policy

A mandatory vaccination policy is one of the most legally complex documents an HR team can write — and one of the most consequential if it's written poorly. This page gives you a complete, editable COVID-19 mandatory vaccination and workplace safety policy template that covers legal requirements, exemption handling, accommodation procedures, and enforcement. The COVID-19 mandatory vaccination policy you implement needs to reflect your specific industry, location, and workforce composition. A healthcare organization's policy will look materially different from a remote software company's, and both need to hold up to legal scrutiny if challenged.

What Is a COVID-19 Mandatory Vaccination and Workplace Safety Policy?

A COVID-19 mandatory vaccination and workplace safety policy formally establishes an organization's requirements for employee COVID-19 vaccination status, the process for requesting medical or religious exemptions, the safety protocols that apply to vaccinated and unvaccinated employees, and the consequences for non-compliance. It may apply to all employees, specific roles, or employees at specific locations.

Mandatory vaccination policies exist on a complex legal landscape. Federal contractors were subject to Executive Order 14042 requirements (subsequently enjoined by courts). CMS mandated vaccination for healthcare workers at Medicare and Medicaid-participating facilities. OSHA's Emergency Temporary Standard covered large employers before being withdrawn. State laws vary dramatically — some states prohibit mandatory vaccination policies for private employers; others permit them broadly. A policy that doesn't reflect this legal landscape is a liability.

What a COVID-19 Mandatory Vaccination and Workplace Safety Policy Should Include

A defensible mandatory vaccination policy needs legal precision on every element. Required sections include:

• Scope and applicability: Specifies which employees, roles, and locations are subject to vaccination requirements, and why.
• Vaccination requirement: States clearly whether vaccination is required, strongly encouraged, or incentivized, and the deadline for compliance.
• Proof of vaccination: Defines what constitutes acceptable documentation of vaccination status.
• Medical exemption process: Describes the procedure for requesting a medical exemption with required documentation, and how exemption requests are evaluated.
• Religious exemption process: Describes the procedure for requesting a religious exemption, consistent with Title VII requirements.
• Accommodation for exempt employees: Specifies what accommodations are available — masking, testing, remote work, reassignment — for employees who receive exemptions.
• Testing requirements: Covers whether and how regular COVID-19 testing applies to unvaccinated employees or those in specific roles.
• Confidentiality of vaccination status: Confirms that vaccination records are treated as confidential medical information under ADA.
• Non-compliance and enforcement: Defines the consequences for failing to comply with vaccination requirements or exemption procedures.
• Right to update: Confirms that the policy may be updated as public health guidance or legal requirements change.

COVID-19 Mandatory Vaccination and Workplace Safety Policy Template

COVID-19 Mandatory Vaccination and Workplace Safety Policy

Effective Date: [DATE]

Approved by: [NAME / TITLE]

Policy Owner: [HR DEPARTMENT / TITLE]

Review Date: [DATE]

Version: [1.0]

Policy Brief and Purpose

[COMPANY NAME] is committed to providing a safe workplace and protecting the health of our employees, patients/customers, and communities. This COVID-19 mandatory vaccination and workplace safety policy establishes the standards and procedures governing employee vaccination requirements, exemption processes, safety protocols, and enforcement. The goal is to reduce COVID-19 transmission risk in our workplace while treating all employees with respect and handling medical and religious information with appropriate confidentiality.

Scope

This policy applies to [all employees / employees in the following roles and locations: SPECIFY] of [COMPANY NAME]. [Note: If your organization operates in a state that restricts mandatory vaccination policies, consult legal counsel before publishing this policy.]

Policy Elements

1. Vaccination Requirement

Effective [DATE], [COMPANY NAME] requires all covered employees to be fully vaccinated against COVID-19 with an FDA-authorized or FDA-approved vaccine, unless granted a medical or religious exemption under this policy. "Fully vaccinated" means [definition consistent with current CDC guidance at the time of implementation — e.g., completion of primary series plus applicable booster doses].

Employees must provide proof of vaccination status to [HR CONTACT / SYSTEM] by [DATE].

2. Acceptable Proof of Vaccination

Acceptable proof of vaccination includes:

• CDC COVID-19 Vaccination Record Card.
• Printed or digital copy of vaccination records from the provider or state immunization registry.
• Documentation from a licensed healthcare provider confirming vaccination status.

Vaccination records will be stored separately from the employee's personnel file, in a confidential medical file accessible only to authorized HR personnel.

3. Medical Exemption Process

Employees who cannot receive a COVID-19 vaccine due to a medical condition may request a medical exemption by:

• Submitting a completed [MEDICAL EXEMPTION REQUEST FORM] to [HR CONTACT] by [DATE].
• Including written documentation from a licensed healthcare provider stating the nature of the medical contraindication and, if applicable, its expected duration.

HR and [MEDICAL REVIEW CONTACT — e.g., occupational health provider] will review the request and notify the employee of the decision within [X business days]. [COMPANY NAME] will engage in an interactive process with the employee to identify reasonable accommodations where an exemption is granted.

4. Religious Exemption Process

Employees who have a sincerely held religious belief that conflicts with COVID-19 vaccination may request a religious exemption by:

• Submitting a completed [RELIGIOUS EXEMPTION REQUEST FORM] to [HR CONTACT] by [DATE].
• Providing a written explanation of the religious belief and how it conflicts with receiving the vaccine.

[COMPANY NAME] will evaluate each request individually. We will not require employees to identify their specific religion or denomination but may ask clarifying questions to assess the sincerity and basis of the belief. Exemption decisions will be communicated within [X business days].

5. Accommodations for Exempt Employees

Employees granted a medical or religious exemption will be considered for reasonable accommodations that reduce COVID-19 transmission risk, which may include:

• Working remotely, where the role permits.
• Regular COVID-19 testing at a frequency determined by HR and occupational health.
• Use of high-filtration face coverings (N95 or equivalent) in shared spaces.
• Physical separation from higher-risk colleagues, patients, or customers.
• Temporary reassignment to a lower-risk role, if available and if no undue hardship results.

Accommodations are evaluated individually. An accommodation that creates undue hardship for the organization or poses a direct threat to others may be denied.

6. Workplace Safety Protocols

All employees — regardless of vaccination status — must comply with the following workplace safety protocols:

• Comply with current masking requirements as established by [COMPANY NAME] and applicable public health orders.
• Self-screen for COVID-19 symptoms before reporting to any company facility.
• Follow the exposure and positive test response procedures in [COMPANY NAME]'s COVID-19 Company Policy.
• Complete required COVID-19 safety training by [DATE].

7. Confidentiality

Vaccination status and exemption documentation are confidential medical and religious information. They will not be shared with managers, coworkers, or clients without the employee's consent, except as required by law. Access is limited to HR personnel with a direct need to administer this policy.

8. Non-Compliance

Employees who do not provide proof of vaccination or an approved exemption by [DATE] will be contacted by HR and given [X additional days] to come into compliance. Employees who remain non-compliant after the extended deadline may be subject to:

• Unpaid administrative leave while the matter is resolved.
• Termination, in accordance with [COMPANY NAME]'s disciplinary policy, if compliance is not achieved.

Employee Responsibilities

• Provide proof of vaccination or submit an exemption request by the stated deadline.
• Notify HR immediately if vaccination status changes.
• Maintain confidentiality of other employees' vaccination status.
• Comply with all workplace safety protocols regardless of vaccination status.
• Cooperate fully with the accommodation interactive process if an exemption is requested.

Manager and HR Responsibilities

• Communicate this policy to all direct reports and ensure acknowledgment is documented.
• Direct employees with questions about exemptions to HR — do not conduct exemption discussions at the manager level.
• Maintain strict confidentiality of vaccination and exemption information.
• Escalate non-compliance concerns to HR within [TIMEFRAME].
• Document all steps taken in the accommodation process.

Disciplinary Action

Non-compliance with vaccination requirements, falsification of vaccination records, or disclosure of another employee's vaccination or exemption status without authorization may result in disciplinary action up to and including immediate termination.

Disclaimer

This template is a starting point and does not constitute legal advice. Mandatory vaccination requirements are subject to significant legal complexity and jurisdictional variation. Consult an employment attorney before implementing or publishing this policy.

How to Customize This Vaccination Policy Template for Your Company

Healthcare organizations subject to CMS conditions of participation must align this policy with those specific federal requirements, which set vaccination standards for staff at Medicare and Medicaid-certified facilities. If you operate in a state that prohibits mandatory vaccination policies for private employers — including Texas, Montana, Florida, and others — you may need to replace the mandatory requirement with a strong encouragement framework, incentive program, or testing alternative. For remote workforces where employees have no in-person contact, a testing or masking alternative to vaccination may be more proportionate than a mandate. Always run the final policy through employment counsel in every state where you have employees before publishing.

COVID-19 Vaccination Policy Best Practices

• Keep the policy date-stamped and version-controlled, since legal requirements in this area have changed frequently and may change again.
• Use a third-party occupational health vendor for medical exemption reviews when your HR team lacks clinical expertise to evaluate contraindication documentation.
• Test your exemption request forms with actual employees before deployment — vague forms generate vague documentation that's hard to evaluate.
• Build in a 30-day compliance window with two reminder touchpoints before escalating to enforcement action. Courts have looked favorably on employers who gave employees reasonable time to comply.
• According to SHRM, clear communication of the rationale behind a vaccination policy — particularly the specific workplace risk factors it addresses — significantly reduces employee resistance and exemption request volume.
• Maintain a tracking log of vaccination status, exemption requests, and accommodation outcomes in a secure, confidential system separate from HRIS.

Common Mistakes in COVID-19 Vaccination Policies

• Ignoring state law. Several states have enacted laws limiting or prohibiting mandatory vaccination policies. Publishing a policy that violates state law exposes you to enforcement action and injunction.
• Applying a blanket exemption denial. Denying exemptions without individual evaluation violates the ADA's interactive process requirement and Title VII's reasonable accommodation obligation.
• Storing vaccination records in personnel files. ADA requires medical information to be stored separately from general personnel files in confidential medical files.
• No defined compliance deadline. An open-ended vaccination requirement with no specific deadline is unenforceable and difficult to audit.
• No process for new hires. The policy needs to address when vaccination requirements apply to employees hired after the original compliance deadline.

Frequently Asked Questions About COVID-19 Vaccination Policies

Q: What should a COVID-19 mandatory vaccination policy include?
A: A complete policy covers the vaccination requirement, proof of vaccination standards, medical and religious exemption processes, accommodation options for exempt employees, testing requirements, confidentiality of vaccination records, non-compliance procedures, and enforcement consequences. Every element needs to align with applicable federal and state law.

Q: Is a COVID-19 mandatory vaccination policy legally required?
A: CMS conditions of participation require vaccination for staff at Medicare and Medicaid-certified facilities. Most private employers are not legally required to mandate vaccination, but they are legally permitted to do so in most states with proper exemption procedures in place. State laws vary significantly and must be checked before implementation.

Q: How often should a COVID-19 vaccination policy be updated?
A: Review it whenever CDC guidance on vaccination definitions changes (primary series, boosters), when federal or state legal requirements change, or when your organization's risk profile changes significantly. Keep a version history so you can demonstrate what was in effect at any given point in time.

Q: What happens if an employee refuses vaccination and does not qualify for an exemption?
A: Follow the non-compliance procedure defined in the policy — typically an extended compliance window, then unpaid leave, then termination if compliance is not achieved. Document every step carefully. Consult employment counsel before terminating an employee for vaccination non-compliance to assess jurisdiction-specific risk.

Q: How do you communicate a COVID-19 vaccination policy to employees?
A: Send a detailed company-wide communication from senior leadership explaining the policy rationale, the compliance deadline, and the exemption process. Hold Q&A sessions for employees with questions. Provide the exemption request forms alongside the policy so employees can act immediately. Don't rely on a single email for a policy with this level of personal impact.

Q: Can a COVID-19 vaccination policy be customized per department?
A: Yes — in fact, differentiating by role risk level is often legally stronger than a blanket policy. Patient-facing clinical staff carry materially higher transmission risk than fully remote employees, and a policy that reflects that distinction is both more defensible and more proportionate.

Q: Are exemption request reasons confidential?
A: Yes. The specific nature of a medical condition or religious belief is confidential and should be accessible only to the HR personnel evaluating the exemption request. Managers should be told only whether an employee has an approved accommodation, not the basis for it.

Q: What accommodations must be offered to employees who receive exemptions?
A: The ADA requires reasonable accommodations for medical exemptions unless they create undue hardship or pose a direct threat. Title VII requires the same for religious exemptions. Common accommodations include remote work, regular testing, enhanced masking, and physical distancing. There is no legal requirement to create a new position or fundamentally alter job duties.