An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  1. Home
  2. What redress do I have if my private medical information is disclosed to other employees who do not have a need to know?

What redress do I have if my private medical information is disclosed to other employees who do not have a need to know?

Under the Privacy Incident Handling Guidance (PIHG), CBP must take mitigating action depending on the nature of the incident to try to reduce the risk of harm.  In an instance of a single disclosure of one employee’s medical information beyond those with a need to know, mitigation could include having extra copies of medical records destroyed and other measures designed to limit further dissemination.  Although it does not help to mitigate the disclosure, the review and/or investigation of the circumstances of disclosure may also result in counseling, discipline, or, in the instance of an intentional disclosure, referral of a criminal violation pertaining to the person who caused the disclosure.

Last Modified: Mar 10, 2016