re: #32 lawhawk
HIPAA would specifically limit the kinds of information that could be shared with employers. Employers are noncovered entities, but insurers, doctors, hospitals are. For instance, health information cannot be used or shared without your written permission unless this law allows it. For example, without your authorization, your provider generally cannot: Give your information to your employer; Use or share your information for marketing or advertising purposes; or Share private notes about your health care.
I wonder if a similar situation could arise as with providing a social security number on a job application. The potential employer cannot force you to provide it, but they can simply refuse you employment if you don’t (distinct from terminating you if you don’t). Employers can simply provide a HIPAA waiver as a condition for a job application. Same as, for instance, a waiver for conducting background checks.