Human Resource Blog

Where HR Professionals Seek Answers

A Practical Source For Your Daily HR Needs.Lets Build An HR Blog Community Together! Want To Share Your HR Knowledge Or Gain Knowledge Through Other Professionals?Lets Discuss HR!



During training on the ADA, an employee’s medical information was shared by their supervisor to everyone in the training. The supervisor felt this individual was abusing their FMLA time. The supervisor was made aware of the medical condition by the employee; however, it was not shared by the employee to the other individuals in the training. The employee was not mentioned by name, the details of the employee’s title and specifics of their FMLA request were enough that others in the training could figure out who was being discussed and now know what medical condition this individual has. 1) Is this a HIPAA violation? 2) Is this an ADA violation? and 3) Is everyone in the training liable for not stopping the discussion or just the supervisor that shared the medical information, the ADA information and the FMLA information? Thanks

HIPAA’s privacy regulations cover protected individually identifiable health information employers obtain about employees through a group health plan. The regulations don’t extend to employer-related medical information such as that acquired as part of workers’ comp claims, FMLA leaves, ADA accommodations, or sick leave.

So, if the employer is a covered entity (doctors, clinics, company health plans and government programs that pay for healthcare) then a HIPAA violation may have occurred. It really depends on the details the supervisor provided during the training. Even if the employer is not subject to HIPAA, a supervisor disclosing so much personal information about an individual’s situation that others can identify the individual is inappropriate.

Under the ADA and FMLA, any information relating to accommodations or leaves may only be disclosed to supervisors who need to know the employee’s restrictions and accommodations. Disclosing such records to unauthorized persons is a violation under both laws. Whether a true violation occurred in your situation again really depends on the details of the information provided.

To answer your last question: In some cases, an individual can be held personally liable for a HIPAA or FMLA violation, not usually for ADA violations. If violations truly occurred, the supervisor, as an agent of the employer, would be at fault not the trainees.

It sounds like the supervisor was trying to provide a real example of a FMLA violation that trainees may encounter. Whether such an example was even necessary depends on the nature of the training. Still, the supervisor may have provided a few too many details. He/She should be counseled on the requirements of privacy under applicable federal laws and company policy, and be encouraged to use fictitious examples in future trainings.


This entry was posted on Thursday, April 20th, 2017 at 8:41 pm and is filed under
Labor Laws.
You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.

Leave a Reply

  • [ Back ]
  • WP-SpamFree by Pole Position Marketing

Home Ask a Question Archives

© 2008, All Rights Reserved