Confidentiality of your medical information in the workplace

As a general rule employers are not supposed to reveal medical information about employees unless there is a legitimate business reason to do so. However, with this standard being so general it provides little guidance for real-world workplace transactions. In an attempt to prevent leaks of medical information in the workplace, the Americans with Disabilities Act (ADA) imposes strict requirements on how and where employers must keep medical information on employees.

ADA’s requirements

Under the ADA medical information must be kept in a secure location, separate from non-medical information and access to it should be limited to a single, designated individual. The law also limits those entitled to learn about medical information in the workplace to:

  • Supervisors or employees whose work duties are limited to, or who require, some accommodation because of a medical condition
  • First aid and safety workers who may need to administer emergency treatment or respond during an evacuation, and
  • Government and insurance officials who require the information for official business purposes

Information still leaks

Despite the confidentiality measures imposed by the ADA, information still leaks and abuses still occur. If you are concerned about keeping your medical information confidential and out of the workplace, you must take active steps to do so. If you confide any medical information about yourself to other workers, ask them not to tell others. Inform all doctors who treat you that they should not reveal anything about your health or treatment to another person without getting a release, or written permission, from your first.

Medical examinations

A number of insurers require employees to undergo evaluations before coverage will begin. Beyond that, and often in addition to that, employers may require specific physicals and mental examinations to ensure a qualified workforce. However, there are strict rules on when and how those exams can be conducted and who can learn of the results.

Courts have ruled that the constitutional right to privacy covers medical information and that honesty is the only policy when it comes to medical tests for prospective and existing employers. Thus, employers must identify what conditions they are testing for and get individual consent to perform the tests first.


Medical records and information in the workplace is protected by the ADA, but leaks will still occur. Thus it is up to the individual to take affirmative actions to ensure that their information is protected. Also, sometimes employers can make you submit to medical testing, but there are also limits to how and when those medical tests can be conducted. Inquire with an employment attorney near you if you believe that your medical records have been unfairly released or you private medical examination info has been released.[1]

[1] Repa, Barbara K., Your Rights in the Wokplace, Nolo (8th ed. 2007).