In Ontario, an employee’s medical information is highly sensitive and legally protected. Employers must keep sick notes, doctor’s letters, and WSIB Functional Abilities Forms (FAF) in a locked, separate medical file away from the general personnel file, accessible only to HR or designated privacy officers.
When an employee falls ill, requests a medical leave, or gets injured on the job, a flurry of paperwork usually follows. For an employer or HR manager, receiving doctors’ notes and medical accommodation requests is a standard part of doing business. However, how you handle, store, and share that information can expose your company to massive legal liabilities. In Canada, health information is guarded by strict privacy laws, and casually leaving a sick note on a manager’s desk is a major compliance breach.
Whether your business operates in a small office in Kitchener or a large manufacturing plant in Mississauga, protecting your workers’ privacy is not optional. 📈 The Ontario Human Rights Code, along with privacy statutes, dictates that general management does not have the right to know an employee’s specific diagnosis. They only need to know the employee’s functional limitations and expected return-to-work date. To ensure your business avoids costly privacy complaints and human rights tribunals, setting up a secure, compliant filing system is critical. If you are unsure of your current practices, consulting an employment lawyer from our directory can help you perform a privacy audit.
Step-by-Step Guide to Securely Storing Medical Records
Properly managing medical information requires a proactive approach. You must separate general employment data (like payroll, performance reviews, and tax forms) from anything relating to an employee’s physical or mental health. Here is the best-practice process for Ontario employers.
Step 1: Implement a Dual-File System
The golden rule of HR is to never mix medical data with regular HR files. 🗂 You must create a “dual-file” system. File A is the standard personnel file containing the employment contract, disciplinary notes, and vacation requests. File B is the confidential medical file. File B should contain all sick notes, WSIB Functional Abilities Forms (FAF), independent medical examination (IME) reports, and requests for disability accommodations.
Step 2: Secure the Physical and Digital Files
Medical files must be kept under lock and key. If you use physical paper, File B must be kept in a locked filing cabinet in a secure room, not sitting open behind the reception desk. If your company uses digital HR software (like BambooHR or Workday), you must use role-based access control (RBAC). Ensure that only specific HR personnel can open the “Medical” tab on an employee’s profile.
Step 3: Train Front-Line Managers
Your floor supervisors and department managers are usually the first to receive a sick note. 👤 You must train your managers to immediately place the note in a sealed envelope and hand it directly to HR. Managers must be explicitly told that they cannot demand a diagnosis from the employee, nor can they gossip about the employee’s health condition with other team members.
Step 4: Control Internal Information Sharing
HR acts as the gatekeeper of medical information. When an employee returns to work with physical restrictions (e.g., “cannot lift over 10 lbs”), HR should only share the restrictions with the employee’s direct manager. The manager does not need to know that the restriction is due to a specific surgery or chronic illness. Share only what is absolutely necessary to fulfill the legal duty to accommodate.
Step 5: Follow Proper Retention and Destruction Rules
You cannot keep medical information forever. 🗑 Once an employee leaves the company, or once the medical information is no longer relevant to an ongoing accommodation or WSIB claim, it must be securely destroyed. You should hire a professional, certified document shredding service to handle the physical destruction, and ensure digital records are permanently purged from your servers according to your corporate retention policy.
How Much Does a Privacy Breach Cost?
Mishandling medical information can lead to severe financial penalties. 💲 If an employee’s privacy is breached or if they face discrimination because a manager improperly accessed their medical file, the costs to the business are immense. Here is an overview of potential liabilities in CAD:
| Type of Liability / Service | Estimated Cost (CAD) | Details |
|---|---|---|
| HR Software Upgrade | $500 – $2,000 / month | Investing in secure, cloud-based HR systems with advanced permission controls. |
| Human Rights Damages | $10,000 – $35,000+ | Potential damages awarded by the HRTO for injury to dignity if privacy is breached. |
| Lawyer Retainer (Defence) | $5,000 – $15,000+ | Legal fees to defend the company against a formal privacy or discrimination complaint. |
| Secure Document Shredding | $100 – $300 / visit | Hiring a certified mobile shredding truck to destroy old medical records safely. |
How Long Does the Process Take?
Auditing and fixing your HR filing system should be an immediate priority. Separating existing physical files into a dual-file system typically takes an HR department 1 to 2 weeks of dedicated administrative work, depending on the size of your workforce.
If a privacy breach has already occurred, responding to a formal complaint at the Human Rights Tribunal of Ontario (HRTO) or addressing a union grievance can drag the company into a legal battle lasting 1 to 2 years. It is always faster and cheaper to be proactive about privacy.
Frequently Asked Questions (FAQ)
Can an employer demand to know my exact diagnosis?
Generally, no. Under Ontario human rights principles, an employer only has the right to know your prognosis (when you will return) and your functional limitations (what tasks you cannot do). They do not have the right to know the specific name of your illness, disease, or mental health condition.
Can I put my sick note directly on my manager’s desk?
While you can, it is highly discouraged. To protect your own privacy, you should hand the note directly to the Human Resources department or send it to them via a secure corporate email, bypassing general management entirely.
Who is allowed to see my WSIB Functional Abilities Form (FAF)?
The FAF is specifically designed to outline your physical limitations without revealing your diagnosis. It should be seen by HR, your immediate supervisor (so they know how to assign safe work), and the WSIB case manager. It should not be posted publicly or shared with coworkers.
What happens if a manager gossips about my health?
If a manager improperly accesses your medical file and discloses your condition to other staff, this is a severe breach of privacy and a potential violation of the Ontario Human Rights Code. You can file a formal complaint with HR, or consult an employment lawyer to explore legal action against the company.
Does a doctor’s note have to explain why I was off?
No. A standard sick note for a brief absence only needs to state that you were seen by a medical professional, that you were unfit for work for a specific period of days, and the date you are cleared to safely return to full duties.
Leave a Reply