The Definitive 2025 Guide to Protecting Your Medical Information in Federal Employment
Medical privacy is one of the least understood — and most frequently violated — areas of federal employment law.
Federal employees are routinely asked for:
-
Full medical records
-
Medication lists
-
Family medical history
-
Mental health details
-
Therapy notes
-
Childhood health conditions
-
Unrelated diagnoses
-
Entire psychiatric files
-
Genetic information
And employees often comply because they don’t know that much of this is illegal.
This guide explains:
-
What federal agencies and supervisors may NOT ask for
-
What information is legally protected
-
How to respond when an agency crosses the line
-
How to protect your confidentiality under the Rehabilitation Act, ADA, GINA, and the Privacy Act
-
How to avoid giving up unnecessary or damaging medical information
-
What to do when HR demands too much documentation
For deeper guidance on medical documentation, RA, telework, leave, OWCP, and medical removals, visit the Federal Employment Defense Hub — your central survival library as a federal employee.
National Security Law Firm: It’s Our Turn to Fight for You.
Understanding the Legal Framework That Protects Your Medical Information
Four major legal systems protect federal employees:
1. The Rehabilitation Act / ADA confidentiality rules
Medical info must be:
-
Kept confidential
-
Requested only when necessary
-
Stored separately from personnel files
-
Shared only on a strict need-to-know basis
2. GINA (Genetic Information Nondiscrimination Act)
Prohibits requesting:
-
Family medical history
-
Genetic test results
-
Information about inherited risks
3. The Privacy Act
Protects federal personnel records and restricts disclosure.
4. EEOC guidance on reasonable accommodation
Limits medical documentation requests to what is relevant and necessary to the accommodation or leave at issue.
Together, these create powerful — but often ignored — medical privacy protections.
What Federal Agencies Can NOT Ask For
Here is the ultimate list of medical information that your agency is legally forbidden from requesting.
❌ 1. Your Complete Medical Records or Entire Medical History
Agencies cannot ask you to:
-
Provide all records from all providers
-
Authorize a blanket release of your entire medical file
-
Turn over years of charts, test results, or treatment notes
Why it’s illegal:
Requests must be narrowly tailored to your accommodation or leave need. Anything beyond that violates EEOC rules and the Privacy Act.
What to say:
“Under the Rehabilitation Act, medical inquiries must be limited to documentation directly relevant to my accommodation request. I cannot provide a full medical history.”
❌ 2. Family Medical History (GINA Violation)
Under GINA, agencies may NOT ask:
-
“Does this condition run in your family?”
-
“Do your parents have heart disease?”
-
“Has anyone in your family been diagnosed with X?”
This is illegal anywhere in the employment process.
❌ 3. Genetic Information or Genetic Test Results
Agencies cannot request:
-
DNA test results
-
Genetic markers
-
Predisposition analysis
GINA flatly prohibits this.
❌ 4. Therapy Notes or Psychotherapy Records
Therapy notes are among the most private medical records in existence.
Federal agencies cannot ask for:
-
Notes from therapy sessions
-
Detailed psychological treatment records
-
Mental health history beyond what is needed to describe functional limitations
What they may request:
-
A statement from your provider confirming the condition
-
Functional limitations
-
Work impact
They may not pry into the content of your counseling.
❌ 5. Medication Lists (Except Rare Circumstances)
Agencies generally cannot demand:
-
All medications you take
-
Dosages
-
Side-effect profiles
-
Pharmacy printouts
The only narrow exception is safety-sensitive jobs where a medication may affect fitness (e.g., law enforcement, armed roles).
For 99% of federal employees, medication names are off-limits.
What they can ask:
Whether you experience certain side effects that affect work.
Example allowed question:
-
“Does the employee experience drowsiness that affects ability to operate a vehicle?”
❌ 6. Diagnoses Unrelated to Your Request
If you request telework for migraines, they cannot ask about:
-
Past mental health diagnoses
-
Old injuries
-
Pregnancy history
-
Other medical conditions
-
Anything not tied to the request
Agencies must keep inquiries strictly limited.
❌ 7. All Medical Conditions You’ve Ever Had
This includes:
-
Past surgeries
-
Substance abuse history
-
Hospitalizations
-
Any prior diagnosis not directly relevant
These inquiries violate both the Rehabilitation Act and the Privacy Act.
❌ 8. The “Cause” of Your Disability
Example illegal questions:
-
“How did you become disabled?”
-
“Was this from childhood?”
-
“Was it your fault?”
-
“Did this happen at work?”
Causation is irrelevant except in workers’ comp — and even then, agencies must not access OWCP medical files without strict procedures.
❌ 9. Daily Medical Routines and Personal Life Information
Agencies cannot ask:
-
How often you go to therapy
-
Sexual health information
-
Reproductive health details
-
Details about psychiatric symptoms
-
Symptoms that don’t affect work
Again, only functional limitations matter.
❌ 10. Frequent Updates for a Permanent Condition
If your condition is permanent, agencies cannot demand:
-
Monthly updates
-
Endless re-certifications
-
Constant check-ins
EEOC has repeatedly ruled that excessive updates for stable conditions are discriminatory.
❌ 11. Copies of OWCP Records for RA Purposes
OWCP (workers’ comp) records are separate and protected.
Your agency cannot demand:
-
OWCP medical reports
-
Injury claims
-
Doctor notes submitted to OWCP
OWCP ≠ RA
OWCP ≠ fit-for-duty
OWCP ≠ personnel file
❌ 12. Medical Information Shared With Supervisors
Supervisors should be told only:
-
Restrictions
-
Work limitations
-
Needed accommodations
They should NOT be told:
-
Diagnosis
-
Medical details
-
Treatment information
-
Medication
-
Prognosis
If a supervisor says:
“I need to know what condition you have.”
You respond:
“Under the Rehabilitation Act, supervisors are not entitled to my diagnosis — only my work restrictions.”
What Agencies Can Ask For (So You Know Where the Line Is)
They can ask for:
-
Functional limitations
-
How the condition affects work
-
Medical justification for an accommodation
-
Whether you are medically able to return to duty
-
Duration of limitations
-
Whether your condition is permanent or temporary
They cannot go beyond that scope.
How to Respond When an Agency Requests Something Illegal
Use this script:
“I am happy to provide reasonable medical documentation relevant to my request. However, federal law limits medical inquiries to information that is directly related to my functional limitations and the accommodation or leave requested. Please clarify which specific functional limitations you need addressed.”
This:
-
Establishes you know your rights
-
Pushes HR to back off
-
Creates a perfect paper trail
-
Strengthens any later EEO claim
Hypos: Realistic Scenarios & How Employees Win
Hypo 1 — The Medication List Demand
Supervisor:
“You must list all medications you take.”
Employee:
-
Provides a note listing relevant functional restrictions only
-
Cites privacy law
-
HR acknowledges supervisor overreach
Outcome: Note accepted.
Hypo 2 — The Full Medical Record Request
HR:
“Please provide all medical documentation from the past year.”
Employee:
-
Responds with targeted documentation
-
Asks HR to clarify relevance
-
HR backs off
Outcome: RA approved.
Hypo 3 — The Family History Inquiry (GINA Violation)
RA Coordinator:
“Does this condition run in your family?”
Employee:
-
Cites GINA
-
Refuses to answer
-
Facility apologizes
Outcome: Request withdrawn.
Hypo 4 — The Mental Health Overshare Trap
Supervisor:
“Tell me what actually causes your PTSD symptoms.”
Employee declines and directs communication to HR.
Provides only functional limitations.
Outcome: Accommodation approved; retaliation claim preserved.
FAQs: Medical Privacy for Federal Employees
Do I have to give them my diagnosis?
No — only functional limitations.
Can they ask for therapy notes?
Never. Illegal.
Can they ask what medications I’m on?
Only in safety-sensitive jobs.
Can supervisors see my medical documents?
No — HR must keep them confidential.
Can they ask for updates every month?
Not for permanent or long-term conditions.
Can they deny my RA if I withhold irrelevant information?
No — they may only deny for actual lack of relevant documentation.
Why You Should Bookmark the Federal Employment Defense Hub
Medical privacy issues rarely come alone. They usually accompany:
-
Telework denials
-
RA disputes
-
Sick leave battles
-
AWOL threats
-
Performance issues
-
Hostile supervision
-
Medical inability removal cases
The Federal Employment Defense Hub connects all these problems and shows you how they interact — and how to survive them.
Federal workers tell us they reference the Hub weekly.
Why Federal Employees Hire National Security Law Firm
-
Former federal agency counsel, JAG, DOJ, DHS, CBP, TSA, intelligence legal advisors
-
National RA & medical privacy experts
-
Leaders in defending medical removal, RA denial, and medical documentation cases
-
Flat-fee billing
-
Financing through Affirm
-
Collaborative Attorney Review Board for maximum strategy
We don’t just know the law — we know the bureaucracy inside federal agencies.
Book a Free Consultation
If your agency is demanding irrelevant or illegal medical information, or if you’re unsure what you must provide, we can help.
We will:
-
Review your documentation
-
Tell you exactly what to give — and what to withhold
-
Protect you from illegal medical inquiries
-
Fix any RA or leave documentation issues
-
Defend you from retaliation or AWOL threats
Schedule your free consultation:
👉 Book a Free Case Plan
National Security Law Firm: It’s Our Turn to Fight for You.
