DOT Physicals and HIPAA: What Information Is Shared and What Stays Private

DOT Physical Examination Requirements

Who needs a DOT physical and why

A Department of Transportation (DOT) physical confirms that you meet the Driver Medical Qualification Standards to operate a commercial motor vehicle safely. If you drive in interstate commerce under Federal Motor Carrier Safety Administration (FMCSA) rules, you must be examined by a professional listed on the National Registry of Certified Medical Examiners.

What the exam includes

• Health history review, including medications, surgeries, and conditions relevant to safe driving.
• Vital signs and a head-to-toe physical examination focused on cardiovascular, neurological, musculoskeletal, and respiratory systems.
• Vision testing (acuity and peripheral vision) and color recognition sufficient for traffic signals.
• Hearing evaluation using a whisper test or audiometry; hearing aids may be noted as a restriction when applicable.
• Urinalysis for specific gravity, protein, blood, and glucose to screen for underlying medical issues; this is not a DOT drug test.

Depending on your medical history, the examiner may request documentation from your treating clinician or order additional testing to ensure you meet qualification standards.

Outcomes and certification periods

If you qualify, the examiner may certify you for up to 24 months. Shorter terms are common when a condition needs monitoring. If you do not meet standards on the day of the exam, you may be temporarily disqualified until additional evaluation or treatment is completed.

HIPAA Privacy Rule Compliance

What HIPAA protects during a DOT physical

Your medical details from a DOT physical are protected health information (PHI). The Health Insurance Portability and Accountability Act (HIPAA) requires examiners to use and disclose only the minimum necessary information and to safeguard your records against unauthorized access.

Disclosures permitted without your authorization

HIPAA permits disclosures that are required by law. For DOT physicals, that includes reporting results to the FMCSA through the National Registry of Certified Medical Examiners and sharing limited information needed to issue or verify your Medical Examiner’s Certificate. These disclosures do not open your full medical file to your employer.

When a HIPAA Authorization is needed—and how to limit it

Your employer generally receives only the certification decision, not diagnoses or test values. To release your detailed Medical Examination Report or other PHI to an employer or third party, the examiner needs a signed HIPAA Authorization from you. You can limit an authorization to specific documents (for example, only the Medical Examination Report MCSA-5875) and set an expiration date or revoke it in writing.

Medical Examination Report Handling

What is the Medical Examination Report (MCSA-5875)?

The Medical Examination Report MCSA-5875—often called the “long form”—captures your health history, examination findings, vital signs, vision and hearing results, urinalysis values, medications, and the examiner’s medical decision. It supports the final qualification determination but is not routinely shared outside the clinic.

Storage, retention, and your access

• The examiner completes and retains the MCSA-5875 and supporting notes as part of your medical record.
• Examiners must keep these records for the period required by FMCSA Reporting Requirements and their professional recordkeeping rules.
• You may request a copy for your records; many clinics provide one at checkout or upon request.
• The report is disclosed to others only with your HIPAA Authorization or when the law specifically requires it.

Medical Examiner's Certificate Distribution

What the MCSA-5876 shows

The Medical Examiner’s Certificate MCSA-5876—often called the “medical card”—documents that you are medically qualified, the certification expiration date, and any restrictions such as “corrective lenses” or “hearing aid.” It does not list diagnoses, medications, or lab values.

Who receives a copy and how it is used

• You receive the original MCSA-5876 if you are qualified to drive.
• Your employer keeps a copy in the Driver Qualification File as evidence that you meet Driver Medical Qualification Standards.
• State driver licensing agencies and FMCSA may verify certification status as part of compliance oversight.

Because the certificate contains only job-relevant conclusions and restrictions, it is the document employers typically request and file—not your detailed medical report.

Employer Access to Driver Medical Information

What employers typically see

Without your HIPAA Authorization, employers normally receive only the Medical Examiner’s Certificate MCSA-5876 and confirmation of the qualification decision. This limited disclosure shows whether you are fit for duty and any restrictions the examiner imposed.

Requests for more detail and your options

• If an employer wants the Medical Examination Report MCSA-5875 or other medical records, they must obtain your written HIPAA Authorization specifying what to release.
• You can restrict the authorization to only what is necessary (for example, a clearance note addressing a particular condition) instead of your entire chart.
• Refusing to authorize broader disclosure may have employment implications, but it does not change HIPAA’s baseline protections.

Remember, the goal is to share only what is necessary to confirm that you meet safety-sensitive requirements.

Reporting Obligations for Medical Examiners

National Registry participation

Only professionals listed on the National Registry of Certified Medical Examiners may perform DOT physicals. They must maintain training, testing, and certification to remain in good standing.

FMCSA Reporting Requirements and recordkeeping

• Examiners must transmit examination results—qualified, not qualified, or incomplete—through the National Registry as required by FMCSA Reporting Requirements.
• They must retain examination records for the applicable period, including the MCSA-5875 and a copy of the MCSA-5876 when issued.
• They must cooperate with audits and investigations designed to ensure the integrity of driver medical qualification determinations.

These reporting duties are “required by law,” so they fit within HIPAA’s permitted disclosures and do not depend on your separate authorization.

Drug and Alcohol Testing Disclosure Rules

DOT physical urinalysis versus DOT drug testing

The routine urine test during a DOT physical screens for medical conditions; it is not a DOT drug test. Drug and alcohol testing is conducted under separate rules, specimen custody procedures, and result pathways.

Who receives drug and alcohol results under 49 CFR Part 40

• Under 49 CFR Part 40, laboratories send results to a Medical Review Officer (MRO) for verification.
• The MRO reports verified results to the employer’s Designated Employer Representative. Results are limited to what the regulations require and do not include unrelated medical information.
• Certain outcomes—such as positives, refusals, or test cancellations—must be handled and documented exactly as Part 40 prescribes.

Consent, confidentiality, and FMCSA Reporting Requirements

Part 40 strictly controls who may receive results and when. Releases to parties beyond those named in the regulations generally require your written consent, while disclosures specifically required by federal law fall under FMCSA Reporting Requirements. Drug and alcohol testing records are kept separate from general medical files and are shared on a need-to-know basis for DOT compliance.

Summary

In short, DOT physicals and HIPAA work together to protect your privacy while assuring road safety. The detailed Medical Examination Report MCSA-5875 stays private unless you authorize release or the law requires it. What your employer typically sees is the Medical Examiner’s Certificate MCSA-5876—proof that you meet Driver Medical Qualification Standards and any restrictions—while drug and alcohol testing disclosures follow the confidentiality rules in 49 CFR Part 40.

FAQs.

What information does the Medical Examination Report contain?

The Medical Examination Report MCSA-5875 includes your health history, medications, vital signs, physical exam findings, vision and hearing results, urinalysis values, notes from any additional testing, and the examiner’s medical decision. It supports the certification decision but does not itself grant qualification to drive.

How does HIPAA protect DOT physical exam information?

HIPAA safeguards your DOT physical details as protected health information. Examiners must disclose only the minimum necessary information, secure your records, and obtain your HIPAA Authorization to share detailed data with an employer or third party, except when a disclosure is required by law—such as reporting through the National Registry of Certified Medical Examiners.

Can employers access detailed medical records without consent?

Generally, no. Employers usually receive the Medical Examiner’s Certificate MCSA-5876, which confirms you are medically qualified and lists any restrictions. Access to the full Medical Examination Report MCSA-5875 or other detailed records requires your signed HIPAA Authorization unless a specific law mandates disclosure.

What are the drug and alcohol testing disclosure requirements?

DOT drug and alcohol testing is governed by 49 CFR Part 40. Laboratories report to a Medical Review Officer, who then provides verified results to the employer’s Designated Employer Representative. Disclosures are tightly controlled, limited to what the regulations allow, and certain reportable events must follow FMCSA Reporting Requirements. Broader releases generally require your written consent.