Strategy-Backed. People-First. — Statewide, Texas
Free Employer Checklist • HR File Compliance

Medical Documentation Storage Checklist

What goes in the personnel file, the confidential medical file, the supervisor file, and the investigation file — and what never mixes.

Most employers fail this audit in the first five minutes: one folder per employee, and inside it — performance reviews stapled to FMLA certifications, a doctor's note behind a written warning, drug test results next to the W-4. The ADA and FMLA both require medical information kept in separate, confidential files with restricted access. A mixed file isn't a technicality; it's discoverable proof that decision-makers had access to medical information.

This checklist implements the five-file system: what belongs in the general personnel file, what must live in the confidential medical file, the narrow rules for supervisor working files, payroll records, and investigation files kept apart from everything — plus an access-and-retention table and a quarterly audit to keep the discipline from decaying.

Who should use this checklist

  • Small employers with 'one folder per employee' filing
  • HR teams migrating paper files into an HRIS
  • Anyone preparing for a records request, audit, or agency charge
  • Organizations where supervisors keep their own employee files

What it helps prevent

  • ADA/FMLA confidentiality violations from mixed files
  • Medical details visible to supervisors making promotion and discipline calls
  • GINA exposure from family medical history sitting in personnel files
  • Records requests that expose the whole mess at once
  • Retention failures that delete records still legally required

What’s inside

  • File 1 — General Personnel File (supervisors may see)
  • File 2 — Confidential Medical File (restricted access)
  • File 3 — Supervisor Working File (tightly limited)
  • File 4 — Payroll File
  • File 5 — Investigation Files (separate from all personnel files)
  • Access and Retention
  • Quarterly Audit

Before you process payroll, terminate, classify, deduct, or respond to a claim, get the decision reviewed.

Faulkner HR Solutions helps Texas employers, nonprofits, municipalities, and growing businesses fix the people systems behind recurring workplace problems. If this resource raised a risk flag, do not guess your way through the next step.

Frequently asked questions

Why can't medical notes stay in the personnel file?
Because the ADA and FMLA require medical information to be maintained separately and confidentially — and because a supervisor who saw the diagnosis before recommending termination has just connected the dots for a plaintiff. Separation protects the employee's privacy and the employer's defense at the same time.
What can we tell a supervisor about an employee's condition?
The work-relevant restriction, not the diagnosis: 'no lifting over 20 pounds through March,' not 'herniated disc.' Supervisors need to manage the limitation; they never need the medical story behind it.
Do these rules apply to digital files too?
Completely. An HRIS that attaches the FMLA certification to a profile every manager can open replicates the mixed-file violation at scale. The audit section checks that digital permissions mirror the paper rules.
How long do we keep medical records?
It varies by record: ADA and FMLA documents generally three years, workers' comp per state rules, and OSHA exposure records far longer. The retention table gives the working guide — and nothing gets purged while a claim is pending or anticipated.
Disclaimer. This resource is provided for general employer education and planning purposes. It is not legal advice and does not create an attorney-client relationship. Employment laws, agency guidance, and local requirements may change. Employers should review the facts of each situation before acting and consult appropriate HR or legal counsel when needed.