Skip to main content
Skip global navigation and go to main content

With employee medical records, safeguards and confidentiality are key

Posted October 19, 2018

By Judy Kneiszel, associate editor, J. J. Keller & Associates

When an employee is hired, the first few days on the job are a flurry of paperwork, or perhaps a frenzy of online fillable forms. In order to get to the real work they were hired to do, employees may zip through this mundane task, perhaps not really considering all the sensitive information they are handing over to their new employer, from social security and bank account numbers to medical information.

As a human resources (HR) professional, part of your job is keeping all employees’ information safe. And while you may have systems in place to do that, it’s crucial that you take extra precautions with employees’ medical records.

Medical information must be filed separately

Any employment-related documentation containing medical information must be maintained in separate, confidential files, completely independent from the general personnel file. That way, medical information won’t be inadvertently shared with individuals who don’t have a legitimate business need to see it.

What is included in medical files?

Anything related to an employee’s health or medical condition should be stored in a medical file separate from any other personnel information. It could be the results of a pre-employment physical exam, information the employee provided about medications or medical history, or even information obtained through a wellness program. It could also include:

  • Health insurance applications and forms;
  • Life insurance applications and forms, including designated beneficiary information;
  • Applications for other employee benefits that include medical information, such as dental or vision insurance;
  • Requests for paid or unpaid medical leaves of absence;
  • Family and Medical Leave Act (FMLA) paperwork;
  • Physician’s examinations, notes, correspondence, and recommendations;
  • Medically related excuses for absenteeism or tardiness from a physician;
  • Medical job restrictions with documentation from the recommending physician;
  • Accident and injury reports, including documents required under the Occupational Safety and Health (OSH) Act;
  • Workers’ compensation reports of injury or illness;
  • Any other form or document that contains private medical information about an employee.

Contrary to popular belief, the most significant law for employers with regard to medical privacy is the Americans with Disabilities Act (ADA), not the Health Insurance Portability and Accountability Act (HIPAA). The ADA’s recordkeeping requirements also intersect with other laws. For example, medical certifications under the FMLA or occupational exposure records under the OSH Act qualify as medical information under the ADA, and, therefore, must be kept confidential and separate from personnel files.

Take care when you share

There will be times when employers need to share information from employee medical files. Under the ADA, disclosure of employee medical information is limited to the following:

  • Supervisors and managers may be informed regarding necessary restrictions on the work or duties of an employee and necessary accommodations (but they may not need to know the underlying condition which brought about the need for the accommodation).
  • First aid and safety personnel may be informed if an employee’s condition might require emergency treatment.
  • Government officials investigating compliance must be provided relevant information upon request.
  • Workers’ compensation insurance carriers may receive information in compliance with state workers’ compensation provisions.

Note that nonsupervisory employees will almost never have a need to be informed of other employees’ medical information.

About the author:

Judy Kneiszel

Judy Kneiszel is an associate editor with J. J. Keller & Associates, a nationally recognized compliance resource firm. The company offers a diverse line of products and services to address the broad range of responsibilities held by human resources and corporate professionals. Kneiszel specializes in business topics such as recruiting and hiring, onboarding and training, team building, employee retention, and labor relations. She is the editor of J. J. Keller’s SUPER adVISOR newsletter and Essentials of Employee Relations manual. For more information, visit and