Recent reports on the widespread misuse of medical certificates (MCs) in Malaysia have raised serious concerns across employers, regulators, and the health care community.
According to findings reported by Utusan Malaysia and highlighted by BFM, “over four million out of 17.49 million workers in Malaysia have faked being sick and purchased medical certificates,” while “57 per cent of employers report facing situations where employees took sick leave without reasonable cause.”
The same report further revealed that “MCs can be obtained for as little as RM20 from private clinics, while fake government hospital MCs with official stamps are sold for as low as RM30.”
These figures are troubling, not only for what they represent in terms of misconduct, but for what they reveal about the underlying fragility of the system.
While the misuse of MCs constitutes, as Malaysian Employers Federation (MEF) president Syed Hussain noted, “serious misconduct and fraud against employers,” it would be overly simplistic to view this issue purely through a disciplinary lens. The reality is more complex.
What we are witnessing is a breakdown of trust across multiple layers between employers and employees, between health care providers and administrative systems, and within the broader framework that governs medical certification itself.
The current system places pressure on all stakeholders. Employers struggle with verification and managing absenteeism fairly.
Employees, in some instances, face rigid or opaque leave processes, with one case reportedly highlighting the use of fake MCs to extend festive leave due to limited approved time off, while another individual resorted to MCs because leave applications were frequently questioned.
Health care providers, meanwhile, must navigate the tension between clinical judgment and administrative expectations. When these pressures intersect within a system that is not sufficiently robust, vulnerabilities inevitably emerge.
A key issue lies in the continued reliance on fragmented and largely paper-based MC processes. In an increasingly digital and hybrid health care environment, documentation systems have not kept pace.
The challenge is not whether MCs are issued physically or digitally, but whether they are verifiable, traceable, and governed under consistent standards. Without these elements, both physical and digital systems remain open to misuse.
This brings into focus the longstanding concerns raised by the Malaysian Medical Association (MMA) and the Malaysian Medical Council (MMC) regarding digital MCs.
As previously highlighted in CodeBlue, the position taken emphasised that issuing MCs without proper clinical assessment, particularly in purely digital settings, risks undermining the duty of care and professional accountability.
These concerns are valid and reflect the importance of safeguarding clinical integrity and patient safety.
However, Malaysia already has a working precedent for secure, digitally governed clinical documentation in the form of electronic prescriptions.
Following regulatory developments under the Poisons (Amendment) Act 2022, electronic prescriptions in Malaysia are required to be digitally signed by authorised medical practitioners using certificates issued by recognised certification authorities.
This framework ensures that prescriptions are authenticated, tamper-evident, and legally attributable to the issuing doctor.
Every digitally signed prescription carries verified doctor identity, non-repudiation where the issuer cannot deny authorship, integrity protection where any alteration invalidates the document, and a clear audit trail.
This model has significantly strengthened trust in digital prescribing, particularly in settings involving controlled medications and pharmacy dispensing.
It demonstrates that digital systems, when properly governed, can enhance rather than weaken clinical accountability and patient safety.
In this context, the question is no longer whether digital documentation can be trusted, but how similar principles can be extended to medical certificates.
The absence of a structured, secure digital MC framework may inadvertently be contributing to today’s challenges.
When legitimate and verifiable digital pathways are limited, informal or fraudulent alternatives can emerge to fill the gap. There is therefore an opportunity to revisit this conversation constructively.
A properly designed digital MC framework, anchored in the same principles used for e-prescriptions, can incorporate authenticated practitioner identities, secure issuance protocols, audit trails, and clear clinical governance guidelines.
Such a system would not replace the duty of care, but reinforce it through greater transparency and accountability.
At the same time, broader reforms should be considered. Employers may need to explore more flexible and transparent leave policies to reduce over-reliance on MCs for non-medical needs.
Health care providers would benefit from clearer and standardised guidance on MC issuance across both physical and teleconsult environments. Regulators can play a central role in defining interoperable verification standards that protect all stakeholders while enabling efficiency.
Technology, in this context, should serve as an enabler of trust rather than merely a convenience.
Ultimately, this issue is not about enforcement alone, nor is it about loosening controls.
It is about building a system where integrity is embedded by design, where medical certificates are easy to verify, difficult to falsify, and consistently governed across the ecosystem.
The scale of MC misuse highlighted in recent reports should not only be seen as a compliance concern, but as a catalyst for reform.
Malaysia already has the foundations of a trusted digital health infrastructure. By extending these principles to medical certification while upholding the duty of care championed by the MMA and the MMC, there is an opportunity to modernise the system in a way that restores confidence, strengthens professional standards, and better serves both employers and the workforce.
Dr Raymond Choy is founder and CEO of Heydoc Health, as well as secretary of the Association of Digital Health Malaysia.
- This is the personal opinion of the writer or publication and does not necessarily represent the views of CodeBlue.
