Medical records

- Employers must maintain a confidential medical record for each employee who has occupational exposure.
- These records should be kept for 30 years after the employee’s term of employment ends, unless that term is less than a year.
Employers must maintain a confidential medical record for each employee with potential for exposure, according to the Occupational Safety and Health Administration (OSHA) standard governing access to employee exposure and medical records at 1910.1020.
This record shall include:
- The name of the employee;
- A copy of the employee’s hepatitis B vaccination status, including: dates of all hepatitis B vaccinations, any medical records related to the employee’s ability to receive vaccination, and documentation of any claim of vaccination exemption;
- A copy of all results of examinations, medical testing, and follow-up procedures;
- The employer’s copy of the healthcare professional’s written opinion; and
- A copy of the information provided to the healthcare professional.
Records storage
The employer shall maintain the required records for at least the duration of the employee’s employment plus 30 years. The requirements of 1910.1020, the Access to Employee Exposure and Medical Records Standard, apply.
The medical records of employees who have worked for less than one year don’t need to be retained beyond the term of employment if they are provided to the employee at the end of employment.
If an employer contracts for the services of a healthcare provider, the medical records may be kept at the provider’s worksite.
Confidentiality and availability
The employer shall ensure that the required employee medical records are kept confidential and not disclosed or reported without the employee’s express written consent to any person within or outside the workplace, except as required by 1910.1030 or by law.
Medical records should be kept confidential in accordance with 1910.1020. If recordkeeping is carried out by another party on the employer’s behalf, the employer is responsible for exercising reasonable diligence to make sure that party fulfills the preservation and access requirements.
All medical records required to be kept under the Bloodborne Pathogens Standard must be made available to OSHA.