diff --git a/changelog/@unreleased/pr-295.v2.yml b/changelog/@unreleased/pr-295.v2.yml
new file mode 100644
index 00000000..b99df172
--- /dev/null
+++ b/changelog/@unreleased/pr-295.v2.yml
@@ -0,0 +1,5 @@
+type: improvement
+improvement:
+  description: If user is unauthorized to view health checks return an unauthorized error health check rather than no health check.
+  links:
+  - https://github.com/palantir/witchcraft-go-server/pull/295
diff --git a/status/routes/routes_test.go b/status/routes/routes_test.go
index db17d97e..6f99eeb8 100644
--- a/status/routes/routes_test.go
+++ b/status/routes/routes_test.go
@@ -26,6 +26,7 @@ import (
 
 	"github.com/palantir/pkg/refreshable"
 	"github.com/palantir/witchcraft-go-health/conjure/witchcraft/api/health"
+	"github.com/palantir/witchcraft-go-health/sources"
 	healthstatus "github.com/palantir/witchcraft-go-health/status"
 	"github.com/palantir/witchcraft-go-server/v2/status"
 	"github.com/palantir/witchcraft-go-server/v2/witchcraft/wresource"
@@ -224,7 +225,9 @@ func TestAddHealthRoute(t *testing.T) {
 			expectedChecks := test.metadata
 			// 401 does not return any health check data
 			if test.expectedStatus == 401 {
-				expectedChecks.Checks = map[health.CheckType]health.HealthCheckResult{}
+				expectedChecks.Checks = map[health.CheckType]health.HealthCheckResult{
+					"HEALTH_STATUS_UNAUTHORIZED": sources.UnhealthyHealthCheckResult("HEALTH_STATUS_UNAUTHORIZED", "unauthorized to access health status; please verify the health-check-shared-secret", map[string]interface{}{}),
+				}
 			}
 			assert.Equal(t, expectedChecks, gotObj)
 		})
diff --git a/status/status.go b/status/status.go
index 32e859a8..d8b446af 100644
--- a/status/status.go
+++ b/status/status.go
@@ -21,9 +21,16 @@ import (
 	"github.com/palantir/conjure-go-runtime/v2/conjure-go-server/httpserver"
 	"github.com/palantir/pkg/refreshable"
 	"github.com/palantir/witchcraft-go-health/conjure/witchcraft/api/health"
+	"github.com/palantir/witchcraft-go-health/sources"
 	"github.com/palantir/witchcraft-go-health/status"
 )
 
+var healthStatusUnauthorized = health.HealthStatus{
+	Checks: map[health.CheckType]health.HealthCheckResult{
+		"HEALTH_STATUS_UNAUTHORIZED": sources.UnhealthyHealthCheckResult("HEALTH_STATUS_UNAUTHORIZED", "unauthorized to access health status; please verify the health-check-shared-secret", nil),
+	},
+}
+
 // HealthHandler is responsible for checking the health-check-shared-secret if it is provided and
 // invoking a HealthCheckSource if the secret is correct or unset.
 type healthHandlerImpl struct {
@@ -66,7 +73,7 @@ func (h *healthHandlerImpl) computeNewHealthStatus(req *http.Request) (health.He
 	if sharedSecret := h.healthCheckSharedSecret.CurrentString(); sharedSecret != "" {
 		token, err := httpserver.ParseBearerTokenHeader(req)
 		if err != nil || sharedSecret != token {
-			return health.HealthStatus{}, http.StatusUnauthorized
+			return healthStatusUnauthorized, http.StatusUnauthorized
 		}
 	}
 	metadata := h.check.HealthStatus(req.Context())