I’m not sure it really matters in practice at this point.
As a condition of getting a flu and covid vaccine, CVS made me agree to give them
permission to share my medical history, test results, etc. with my employer and their affiliates.
Just thinking here: is it possible that's a catch-all disclosure agreement aimed at employers who require certain vaccinations (I know CVS offers TB shots, for example, which are mandatory for working with some older/vulnerable populations), and this agreement lets CVS send those records to employers when requested?
Either way, it's still a too-broad agreement, but my assumption is that CVS thinks it's easier to opt everyone in by default than to ask patients to opt in as needed, and then inevitably have some patients not opt in when they should have, and then deal with the resulting bureaucratic nightmare when the nursing home they work for calls and demands to see immunization records.
