Employers obtain employees’ medical information for various reasons, such as verifying a reasonable accommodation request, certifying leave, or confirming eligibility for disability benefits. At the federal level, there are several laws restricting when employers can ask for employees’ medical information and requiring employers to keep such information confidential. These laws include the Americans with Disabilities Act (ADA), the Family and Medical Leave Act (FMLA), the Genetic Information Nondiscrimination Act of 2008 (GINA), and the Health Insurance Portability and Accountability Act (HIPAA).
The ADA is the main federal law that protects employees’ medical information in the workplace. The ADA limits when covered employers can request employees’ medical information (or require medical examinations) and broadly requires all employee medical information to be kept confidential, regardless of why the information was provided. To comply with the ADA, employees’ medical information should be maintained separately from personnel files and only accessible to authorized individuals.
State and local laws may impose stricter confidentiality requirements on employees’ medical information. To help employers become familiar with the laws for their work locations, we recently released the following Compliance Overview – Protecting Employees’ Medical Information in the Workplace.
