Careers Succeeding at Work What Information Is Stored in Employee Medical Records? HR's Legal Obligation to Protect Medical Information About Employees Share PINTEREST Email Print Reza Estakhrian / Getty Images Succeeding at Work Human Resources Glossary Job Search Resources Hiring Best Practices Employment Law Employee Motivation Employee Management Management Careers Management & Leadership Employee Benefits By Susan M. Heathfield Susan M. Heathfield Susan Heathfield is an HR and management consultant with an MS degree. She has decades of experience writing about human resources. Learn about our Editorial Process Updated on 02/06/20 The employee medical file is the repository for everything that has to do with health, health benefits, employee health-related leave, and benefits selections and coverage for the employee. The employer keeps a medical file separately for each employee. The contents of these files are never intermingled with any other employee file such as the personnel file. Since the medical file contains sensitive and confidential information, it must reside in a safe, locked, inaccessible location. The file cabinet that houses employee medical files should also lock and HR staff should have the only keys. Access to employee medical files is restricted to Human Resources staff only. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires employers to protect employee medical records as confidential; medical records should be stored separately and apart from other business records. Never store employee medical records in the employee’s general personnel file. Because of the confidentiality of the information, records must be isolated from files that employees such as supervisors or managers may access. (Actually, this is also recommended for personnel files in general—give only HR staff access.) Contents of the Employee Medical File These are the types of items that should be stored safely away in the employee’s medical file. If in doubt, err on the side of protecting the medically related information of your employees. Health insurance applications and formsLife insurance applications and formsDesignated beneficiary informationApplications for any other employee benefit that might require medical information such as vision insuranceRequests for paid or unpaid medical leaves of absenceFamily Medical and Leave Act (FMLA) reports and related applications and paperworkPhysician-signed FMLA paperworkDocumentation about the illnesses of a family member or child for whom you apply for FMLA time to provide ongoing careMedically related leave documentation for employees who are ineligible for FMLA time off workPhysician’s examinations, notes, correspondence, and recommendationsMedically-related excuses for absenteeism or tardiness from a physicianMedical job restrictions with documentation from the recommending physicianAccident and injury reports, including OSHA-required documentsWorkers' compensation reports of injury or illnessAny other form or document that contains private medical information about an employee If you keep these files confidential, your employees will trust you and you will uphold the spirit and significance of the law. Please note that the information provided, while authoritative, is not guaranteed for accuracy and legality. The site is read by a world-wide audience and employment laws and regulations vary from state to state and country to country. Please seek legal assistance, or assistance from State, Federal, or International governmental resources, to make certain your legal interpretation and decisions are correct for your location. This information is for guidance, ideas, and assistance.