Can I View My Outlook Calendar as Someone Else? (w/Examples) + FAQs

Yes, you can view someone else’s Outlook calendar as that person, but only when the calendar owner (or a tenant administrator) grants you the right permission, delegate access, or a full mailbox permission through Microsoft 365. The governing rules come from Microsoft Exchange Online’s role-based access model, reinforced by federal privacy laws like the Electronic Communications Privacy Act, the Stored Communications Act, and industry-specific statutes like HIPAA, GLBA, SOX, and FERPA.

The immediate consequence of viewing a calendar without the right permission is severe. You can trigger civil liability under 18 U.S.C. § 2701, trigger disciplinary action from your employer, or, in regulated industries, trigger mandatory breach notifications under rules like the HIPAA Breach Notification Rule. Even viewing free/busy data can leak confidential information about client meetings, medical appointments, or deal timing.

According to Microsoft’s 2024 Work Trend Index, 75% of knowledge workers now use AI-assisted scheduling, and calendar sharing has jumped more than 40% year over year in Microsoft 365 tenants. That rise means more permissions, more delegate relationships, and more chances for mistakes.

Here is what you will learn in this guide:

• 📅 How to open another person’s Outlook calendar in Classic Outlook, New Outlook, Outlook on the Web, Outlook for Mac, and Outlook Mobile.
• 🔐 The full permission ladder from Free/Busy to Owner, including Delegate Access and Full Access Mailbox rights.
• ⚖️ The U.S. federal and state laws that control whether an employer or coworker can view your calendar.
• 🧑‍💼 Real named-person scenarios for executive assistants, IT admins, and healthcare staff.
• 🚫 The seven most common mistakes that lead to privacy breaches, audit findings, and lost permissions.

How Outlook Calendar Sharing Works

Outlook calendar sharing runs on top of Microsoft Exchange Online, the cloud mail platform inside Microsoft 365. Exchange Online stores every user’s calendar as a folder inside that user’s mailbox, and each folder carries an access control list that decides who can open it. When you “view a calendar as someone else,” you are really asking Exchange to check that access list and then render the folder in your Outlook client.

The rules that govern this sit in three layers. The first layer is the calendar folder permission, which the calendar owner controls from inside Outlook. The second layer is Delegate Access, a special rule set that also lets a delegate respond to meeting requests on the owner’s behalf. The third layer is Full Access Mailbox Permission, an admin-only setting configured through the Microsoft 365 admin center or PowerShell.

Each layer has a different consequence if misused. A folder permission leak exposes only that folder. A delegate leak exposes the calendar plus the power to send meetings “on behalf of” the owner, which can create contract or fiduciary problems. A full mailbox leak exposes every email, contact, note, and task, which can trigger a reportable breach under HIPAA, GLBA, or state data-breach statutes like the California Consumer Privacy Act.

A common misconception is that sharing a calendar is the same as sharing a mailbox. It is not. Sharing a calendar grants a narrow, folder-level right. Sharing a mailbox through Full Access grants a much wider right that most employees never need.

The Three Access Methods

Microsoft exposes three distinct ways to see another user’s calendar inside Outlook. You can pick the one that matches the trust level between the owner and the viewer.

The first method is Share Calendar, a user-driven invitation that sends a sharing message and sets a folder permission. The second method is Delegate Access, a richer relationship where the delegate can also send and accept meetings on behalf of the owner. The third method is Open Another User’s Folder, which works only when the owner (or an admin) has already granted at least Reviewer permission or higher.

The consequence of picking the wrong method is wasted time and security risk. A coworker who only needs to see free/busy does not need delegate access. An executive assistant who must RSVP on a CEO’s behalf needs more than a simple share. An IT admin investigating a former employee’s calendar needs full mailbox permission, not a share invitation.

For example, Maria Alvarez, an executive assistant at a Dallas law firm, needs Delegate Access to her managing partner’s calendar because she books client meetings and sends invites in his name. A shared calendar alone would not let her send meetings on his behalf.

Calendar Permission Levels Explained

Outlook uses a permission ladder that Microsoft has carried forward since Exchange 2003. Each rung grants a different mix of read, write, and delete rights. The current ladder is documented in Microsoft Learn’s permissions reference.

The consequence of picking the wrong rung can be serious. Granting Owner to a temp worker lets that worker delete every meeting. Granting only Free/Busy to a delegate who must accept meetings blocks the delegate from doing the job. The right rung matches the viewer’s actual task.

Here is a plain-English map of every rung, its rights, and a typical use case.

The Permission Ladder

The consequence of each rung stacks. Editor lets someone erase an important board meeting. Reviewer lets someone see a sensitive client name in the subject line. Free/Busy-only hides the subject, which is why regulated industries often cap external sharing at that level.

A common misconception is that “Reviewer” is safe because it is read-only. It is not fully safe, because Reviewer can still read subjects, locations, attendees, and meeting bodies, which often contain privileged information.

Delegate Access vs. Shared Calendar

Delegate Access and shared calendars look similar in the client, but they are different under the hood. Delegate Access is a richer relationship defined in Microsoft’s delegate documentation.

A delegate can receive copies of meeting invites, respond to them, and send messages “on behalf of” or “as” the owner when Send As is also granted. A shared-calendar viewer cannot. The consequence is that a delegate’s click carries legal weight, while a shared-calendar viewer’s click usually does not.

For example, James Park, a chief of staff at a Seattle tech firm, has Delegate Access to his CEO’s calendar. When James accepts a board meeting invite, Exchange marks it as accepted by the CEO. If James only had a shared calendar, he could not accept at all, and the board meeting would sit unanswered.

A common misconception is that granting Delegate Access also grants Send As. It does not. Send As is a separate permission set by an admin through the Microsoft 365 admin center or through Add-RecipientPermission in Exchange Online PowerShell.

Step-By-Step: Classic Outlook for Windows

Classic Outlook for Windows, sometimes called “Outlook Desktop,” is the MAPI-based client most enterprises still use in 2026. Microsoft has confirmed support for Classic Outlook through at least 2029, per the Microsoft 365 roadmap.

The consequence of doing this wrong is that Outlook will throw a “Cannot display the folder” error and log an event in the Windows application log. The error usually means the permission was never set, the Autodiscover record is broken, or the viewer is still cached with an old token.

Here is the clean path.

Opening a Shared Calendar

Go to the Calendar module in Classic Outlook. Click Home, then Open Calendar, then Open Shared Calendar. Type the owner’s display name or SMTP address, and click OK. Outlook will add the calendar under Shared Calendars in the navigation pane.

If the owner has not granted at least Free/Busy, Outlook will show only a gray block. If the owner has granted Reviewer or higher, Outlook will render the subjects and locations.

For example, Priya Shah, a project manager at a Boston biotech, opens her director’s calendar this way every morning. She has Reviewer rights, so she can see meeting subjects but cannot edit them.

Setting Up Delegate Access

The owner, not the viewer, sets up Delegate Access. The owner goes to File, Account Settings, Delegate Access, and clicks Add. The owner picks the delegate, chooses a permission level per folder, and decides whether to send meeting invites only to the delegate.

The consequence of checking “Delegate receives copies of meeting-related messages sent to me” is that the owner’s inbox stops receiving those messages by default. This trips up many executives who later wonder where their invites went.

A common misconception is that the delegate can grant themselves access. Only the owner or a tenant admin can.

Step-By-Step: New Outlook and Outlook on the Web

The New Outlook for Windows and Outlook on the Web share the same rendering engine. Microsoft plans to make New Outlook the default in commercial tenants by late 2026.

The consequence of skipping the New Outlook path is that your steps will fail for users who have already migrated. Many large tenants pushed the switchover in 2025.

The click path is slightly different from Classic Outlook.

Adding a Calendar in New Outlook

Click the calendar icon in the left rail. Click Add calendar, then Add from directory. Pick the owner’s account from the tenant directory, then pick which calendar to add. Click Add.

If the owner has granted at least “Can view when I’m busy,” the calendar will appear under People’s calendars. If the owner has granted higher permissions, you can also edit events.

For example, Daniel Owusu, a sales operations analyst in New York, adds his VP’s calendar this way each quarter to plan pipeline reviews. He uses the “Can view titles and locations” permission so he can see deal names without full edit rights.

Requesting Access From the Web

If the owner has not shared the calendar yet, you can still request access. Click Add calendar, Add from directory, pick the owner, and click Request access. Outlook on the Web sends an email asking the owner to grant permission.

The consequence of this flow is that the owner sees a formal request, which creates an audit trail. This is useful in regulated industries where calendar sharing must be logged.

Step-By-Step: Outlook for Mac and Outlook Mobile

Outlook for Mac and Outlook Mobile share most of the same sharing features, but the click path is different. Microsoft ships them from a different codebase than the Windows client.

The consequence of following a Windows-only guide on a Mac is wasted time and confused users. The Mac client, for example, uses File, Open, Other User’s Folder instead of Home, Open Calendar.

Here is the mobile and Mac path.

Outlook for Mac Path

Open Outlook for Mac. Click File, Open, Shared Calendar. Type the owner’s name and click Open. The calendar will appear under Shared Calendars.

For example, Luisa Romero, a creative director in Los Angeles, uses a MacBook and opens her producer’s calendar this way. She has Editor rights, so she can drag production meetings onto his schedule.

The consequence of the Mac flow is that some permissions (notably Free/Busy-with-subject) render differently. A meeting that looks private on Windows may show a subject on Mac.

Outlook Mobile Path

Open Outlook Mobile. Tap the calendar icon, tap the menu, tap Add Shared Calendars. Search the tenant directory, pick the owner, and tap Add.

The consequence of using mobile is that some advanced permissions (like delegate “send on behalf of”) do not work from the phone. You can view the calendar and create events, but you cannot send invites on behalf of another user until you are on a desktop client.

PowerShell for Admins

IT admins use Exchange Online PowerShell to set calendar permissions at scale. This is the only way to grant permission when the owner is unavailable, such as after termination.

The consequence of using PowerShell carelessly is that you can break permissions across an entire org. A typo in Set-MailboxFolderPermission can overwrite a legitimate delegate relationship.

Admins should test every cmdlet in a sandbox tenant first.

Key Cmdlets

The core cmdlet is Add-MailboxFolderPermission -Identity user:\Calendar -User delegate -AccessRights Reviewer. This grants a named user Reviewer rights on the calendar folder. Microsoft documents the full syntax in its cmdlet reference.

A related cmdlet is Add-MailboxPermission -Identity owner -User admin -AccessRights FullAccess -AutoMapping $false. This grants Full Access Mailbox Permission, which lets the admin open the entire mailbox, not just the calendar. Setting AutoMapping $false prevents Outlook from auto-loading the mailbox on the admin’s desktop.

For example, Kwame Johnson, an IT admin at a Chicago accounting firm, uses PowerShell to grant the HR director Reviewer access to a departing employee’s calendar so HR can reassign meetings. He logs every change for SOX audit purposes.

Audit and Logging

Every permission change in Exchange Online writes to the unified audit log. Admins should run Search-UnifiedAuditLog -Operations Add-MailboxFolderPermission each month.

The consequence of skipping audit review is that malicious insiders can add themselves as delegates and read sensitive calendars for months before detection. Regulated firms under SOX, GLBA, or HIPAA can face penalties for inadequate monitoring.

A common misconception is that audit logs are on by default forever. Microsoft changed the default retention in 2023, and many tenants still keep only 90 days unless they upgrade to an E5 license.

Legal Framework for Viewing Another Person’s Calendar

Federal law sets the floor. The Electronic Communications Privacy Act and the Stored Communications Act make it a crime to intentionally access stored electronic communications without authorization. A calendar item in Exchange Online is stored electronic communication under the statute.

The consequence of violating the Stored Communications Act can include fines, civil damages, and up to five years in prison for a first offense involving commercial advantage. Even honest mistakes can trigger civil suits.

State law often adds more protection. California’s Invasion of Privacy Act and New York’s Civil Rights Law § 52-c add employer-specific rules.

Employer Monitoring Rights

Employers generally own the Microsoft 365 tenant and can grant themselves Full Access Mailbox Permission to any employee mailbox. Courts have largely upheld this right when the employer has a clear written policy, per the Supreme Court’s ruling in City of Ontario v. Quon.

The consequence for employees is a reduced expectation of privacy in work calendars. But the consequence for employers is that without a clear policy, courts can still side with the employee, as in Stengart v. Loving Care Agency from New Jersey.

A common misconception is that employers can freely read personal calendars on a work device. Personal Google or iCloud calendars synced onto a company laptop may fall outside the employer’s authorization under the Stored Communications Act, as discussed in Lazette v. Kulmatycki.

Industry-Specific Rules

Healthcare calendars often contain patient names, which makes them Protected Health Information under HIPAA. Granting a nonclinical staffer Reviewer access to a provider’s calendar can itself be a HIPAA violation if the staffer has no treatment, payment, or operations role.

Financial calendars fall under GLBA’s Safeguards Rule, which requires covered firms to restrict access to customer information. Public-company calendars may touch on material nonpublic information, which makes improper sharing a potential SOX Section 404 control failure. Education calendars that list student names may fall under FERPA.

For example, Dr. Elena Martinez, a cardiologist in Miami, cannot let her non-clinical receptionist see patient names on her calendar without a HIPAA-compliant Business Associate Agreement and a documented treatment/operations purpose. The consequence of ignoring this rule can be fines up to $1.5 million per violation category per year under the HHS penalty tiers.

Three Common Scenarios

Outlook calendar sharing touches nearly every industry. The three scenarios below cover the patterns that Microsoft Support sees most often, per its published guidance.

Each scenario shows the action the viewer takes, followed by the consequence that flows from that action under Exchange Online rules and U.S. law.

Scenario Table 1: The Executive Assistant

Scenario Table 2: The IT Administrator

Scenario Table 3: The Healthcare Coworker

Mistakes to Avoid

Most Outlook calendar-sharing problems trace back to a small set of repeat mistakes. The list below is drawn from Microsoft Support’s top-issue telemetry and from HHS OCR enforcement actions.

Fix each mistake as soon as you spot it. Every one of them has a clear legal or operational consequence.

• Granting Editor when Reviewer is enough. The consequence is that the viewer can delete meetings you need, and the audit log will show the deletions as the viewer’s action, not yours.

• Confusing Delegate Access with a shared calendar. The consequence is that a shared-calendar viewer cannot RSVP on your behalf, and meeting invites sit unanswered.

• Leaving AutoMapping on when granting Full Access. The consequence is that the admin’s Outlook auto-loads the target mailbox, which can embarrass the admin in front of coworkers and log unintended reads.

• Forgetting to remove access when the viewer leaves the team. The consequence is a stale permission that can later be used by the former viewer’s account, which is a common finding in SOX audits.

• Sharing a calendar that contains PHI without a Business Associate Agreement. The consequence is a HIPAA violation with fines up to $1.5 million per category per year.

• Using Send As when Send on Behalf is appropriate. The consequence is that recipients cannot tell the message came from a delegate, which can mislead them in contract or fiduciary settings.

• Skipping the unified audit log review. The consequence is that malicious insider access goes undetected for months, which regulators treat as an independent control failure.

• Granting Free/Busy plus subject and location to external tenants. The consequence is that subjects often leak client names, deal names, or patient names to outsiders.

• Assuming the New Outlook UI matches the Classic UI. The consequence is that users follow the wrong click path, open a help-desk ticket, and waste admin time.

• Failing to document the business reason for each share. The consequence is that auditors cannot tie the permission to a legitimate need, which is a SOX and GLBA finding.

Do’s and Don’ts

Calendar-sharing discipline is easier when you follow a short list of habits. The list below comes from Microsoft’s security best practices and from common audit findings.

Do’s

• Do grant the lowest permission that fits the task, because least-privilege is the core principle of all modern access-control frameworks.
• Do document every delegate relationship in a ticket or HR record, because regulators expect a paper trail.
• Do use Delegate Access for executive-assistant relationships, because it is the only method that supports “send on behalf of.”
• Do review the unified audit log each month, because unexpected entries can indicate insider abuse.
• Do remove access within 24 hours of a role change, because stale permissions are the most common finding in internal audits.

Don’ts

• Don’t share a calendar externally without encryption or redaction, because subjects often leak confidential information.
• Don’t grant Full Access Mailbox Permission except for a specific, time-boxed investigation, because it exposes every folder, not just the calendar.
• Don’t rely on the client UI for permission accuracy, because PowerShell sometimes shows permissions that the UI hides.
• Don’t let AutoMapping stay on for admin accounts, because it exposes mailboxes accidentally.
• Don’t treat calendar subjects as non-sensitive, because they frequently contain names, deal codes, or patient identifiers.

Pros and Cons of Viewing as Someone Else

Opening another person’s calendar is useful, but it carries costs. Balance both sides before you request or grant access.

Pros

• Faster scheduling across teams because viewers can see real availability, per Microsoft productivity research.
• Lower meeting conflict rates because executive assistants can coordinate on behalf of leaders.
• Continuity during leave because a backup can keep meetings running when the owner is out.
• Better audit trails because Exchange Online logs every delegate action.
• Smoother onboarding because new hires can see team calendars quickly.

Cons

• Privacy risk because subjects and attendees leak sensitive information.
• Legal exposure under the Stored Communications Act if access exceeds authorization.
• Regulatory risk under HIPAA, GLBA, SOX, or FERPA when calendar items contain protected data.
• Operational risk because delegates can delete or move meetings by mistake.
• Insider-trading risk because calendar items can contain material nonpublic information.

Court Rulings and Precedent

Courts have shaped the rules around calendar and mailbox access over the last 25 years. The cases below are the ones most often cited in employer-employee calendar disputes.

The consequence of ignoring these rulings is that an organization can design a policy that fails in court. Each case below changes how employers should set calendar permissions.

City of Ontario v. Quon (2010)

In City of Ontario v. Quon, the U.S. Supreme Court held that a public employer’s search of an employee’s text messages was reasonable because the employer had a written policy and a work-related purpose. The case applies by analogy to calendar searches.

The consequence is that employers who write clear acceptable-use policies have strong grounds to review employee calendars for work reasons. Employers without such policies may lose in court.

Stengart v. Loving Care Agency (2010)

In Stengart v. Loving Care Agency, the New Jersey Supreme Court ruled that an employer could not read an employee’s personal web-based emails accessed on a company laptop. The case warns employers that personal content on work devices may still be protected.

The consequence is that employers should avoid mining calendar data tied to personal accounts, even if those accounts were accessed on corporate hardware.

Lazette v. Kulmatycki (2013)

In Lazette v. Kulmatycki, a federal court in Ohio held that a manager who read an employee’s personal Gmail on a returned company phone violated the Stored Communications Act. The case shows that the SCA reaches calendar and mail data alike.

The consequence is that admins should not open mailboxes tied to personal accounts on corporate devices without specific authorization.

Key Entities and Their Roles

Several entities shape Outlook calendar sharing. Understanding each role helps you design the right permissions and avoid legal trouble.

Each entity below has a specific job in the access-control chain. Misunderstanding any one of them leads directly to mistakes.

• Microsoft Corporation ships Outlook, Exchange Online, and the Microsoft 365 admin center, and publishes the permission reference that governs sharing.
• The tenant administrator controls tenant-wide sharing policies through the Microsoft 365 admin center and PowerShell.
• The calendar owner grants folder permissions, delegate access, or requests that an admin grant full mailbox access.
• The viewer or delegate receives a specific permission level and acts within that scope.
• The compliance officer oversees policy, audit logs, and regulatory reporting under HIPAA, GLBA, SOX, or FERPA.
• The U.S. Department of Justice enforces the Stored Communications Act.
• The U.S. Department of Health and Human Services Office for Civil Rights enforces HIPAA and publishes breach reports.
• The Securities and Exchange Commission enforces SOX Section 404 internal-control requirements.
• State attorneys general enforce state-specific privacy statutes like California’s CCPA and New York’s Shield Act.

Forms, Fields, and Options in the Share Dialog

The Outlook Share Calendar dialog contains several fields that most users click past. Every field has a specific effect on the resulting permission.

The consequence of ignoring these options is an over-broad or under-broad share. Review each field before you click Send.

The Permissions Drop-Down

The permissions drop-down contains the 11 rungs listed earlier. Microsoft documents each rung in its permissions roles reference. Pick the rung that matches the viewer’s task.

The consequence of picking too high a rung is exposure of sensitive data. The consequence of picking too low a rung is that the viewer cannot do the job.

The “Let Recipient View Your Calendar” Checkbox

This checkbox, present in Outlook on the Web, lets the recipient open the calendar directly from the sharing email. Unchecking it forces the recipient to add the calendar manually.

The consequence of unchecking is a small amount of extra friction for the viewer. The consequence of checking is that the share takes effect immediately.

The “Request Permission to View Recipient’s Calendar” Checkbox

This checkbox sends a reciprocal request back to the recipient. It is useful when two people must see each other’s calendars.

The consequence of checking it is that the recipient gets a clear ask, which creates an audit trail. The consequence of not checking is that you must ask separately.

FAQs

Can I view my Outlook calendar as someone else without that person knowing?

No. Outlook notifies the owner when a delegate is added and logs every permission change in the unified audit log, which the owner and admins can review at any time.

Can my boss read my Outlook calendar?

Yes. Your employer generally owns the Microsoft 365 tenant and can grant Full Access Mailbox Permission to managers or admins, subject to a written acceptable-use policy and state privacy laws.

Can I view a former employee’s Outlook calendar after they leave?

Yes. An IT admin can grant Full Access Mailbox Permission on the departed user’s mailbox through the Microsoft 365 admin center or PowerShell, provided the request is documented for audit purposes.

Can a delegate send meetings on my behalf in Outlook?

Yes. A delegate with Editor rights can send meetings “on behalf of” the owner, and with additional Send As permission can send meetings that appear to come directly from the owner.

Can I view another person’s Outlook calendar from my iPhone?

Yes. Outlook Mobile supports adding shared calendars from the tenant directory once the owner has granted at least Free/Busy access, but delegate “send on behalf of” still requires a desktop client.

Can HR view employee Outlook calendars during an investigation?

Yes. HR can request IT to grant Reviewer or Full Access for an investigation, provided the company has a written monitoring policy consistent with City of Ontario v. Quon.

Can I view a coworker’s calendar if they have not shared it with me?

No. Outlook will show only the default Free/Busy block until the owner grants a higher permission, and attempting to bypass this can violate the Stored Communications Act.

Can I see meeting subjects if I only have Free/Busy permission?

No. The basic Free/Busy rung hides subjects, locations, and attendees, and Outlook displays only blocks of busy or out-of-office time to the viewer.

Can healthcare staff share calendars containing patient names?

No. HIPAA treats patient names in scheduling data as Protected Health Information, so a share requires a valid treatment, payment, or operations purpose and proper documentation.

Can I view my spouse’s work Outlook calendar?

No. The employer owns the tenant, and granting outside access without the employer’s consent violates the company’s acceptable-use policy and likely the Stored Communications Act.

Can I view a shared calendar offline in Outlook?

Yes. Classic Outlook for Windows caches shared calendars in the offline OST file when the Download Shared Folders setting is enabled in the Exchange account options.

Can I block someone from viewing my Outlook calendar?

Yes. The owner can set that user’s permission to None in the calendar’s permissions tab, and the change takes effect after the client refreshes its access token.

Can I view an Outlook calendar from a non-Microsoft tenant?

Yes. The two tenants must enable external calendar sharing through Exchange federation or Microsoft 365 B2B, and the owner must grant the external viewer a specific permission.

Can my calendar show as “private” to a delegate?

Yes. Marking a meeting Private hides the subject, attendees, and body from most delegates, unless the owner has specifically granted the delegate the “Can see private items” option.