Simple as GINA’s general rules might sound, their application to specific factual circumstances can be baffling and counterintuitive. The fundamental challenge for employers lies in the definition of “genetic information,” which is far broader than what common sense would advise, i.e., that genetic information is limited to the results of tests that reveal an employee’s genetic composition or a heightened risk of an inherited disease.
The 10 tips below address those aspects of GINA and the EEOC’s implementing regulations that employers likely will find most challenging and encounter on a recurring basis, and provides practical recommendations on how to handle those challenges.
As noted above, “genetic information” encompasses far more than the results of a genetic test. Genetic information includes family medical history, and that term is very broadly defined.
Family members include: a spouse; children (natural and adopted); siblings and half-siblings; aunts, uncles, nieces and nephews; grandparents and grandchildren; great- and great-great-grandparents and grandchildren; and first cousins and first cousins once removed. Medical history includes information concerning any disease or disorder that any of these individuals has suffered — whether or not hereditary — as long as the disease or disorder has been diagnosed or the symptoms have sufficiently manifested themselves that the disease or disorder could reasonably be diagnosed.
The fact that an employee’s adopted child has the chicken pox, father was deaf, grandmother died of breast cancer or great-great grandfather died of gangrene after being shot in the Spanish-American War constitutes “genetic information under GINA and the EEOC’s implementing regulations.”
2) Warn Health Care Providers Not to Share Family Medical History
Doctors are trained to collect family medical history. Employers routinely request from doctors health information about employees, for example, for purposes of evaluating a request for a reasonable accommodation or for leave, or in connection with a workers’ compensation claim. An employer who asks a physician to provide health information about an employee runs the risk of violating GINA’s prohibition against requesting genetic information — even if the employer does not expressly ask for genetic information.
According to the EEOC, employers generally should anticipate that health care providers may disclose genetic information in response to a general request for health information related to an employee. The regulations, however, provide employers with a “safe harbor” if they include in their request to the provider the following instruction found in the EEOC’s implementing regulations (or similar language):
"The Genetic Information Nondiscrimination Act of 2008 (GINA) prohibits employers and other entities covered by GINA Title II from requesting or requiring genetic information of an individual or family member of the individual, except as specifically allowed by this law. To comply with this law, we are asking that you not provide any genetic information when responding to this request for medical information. 'Genetic information' as defined by GINA, includes an individual's family medical history, the results of an individual's or family member's genetic tests, the fact that an individual or an individual's family member sought or received genetic services, and genetic information of a fetus carried by an individual or an individual's family member or an embryo lawfully held by an individual or family member receiving assistive reproductive services."
3) Instruct Health Care Providers Not to Take Family Medical History When Conducting a Fitness-For-Duty Exam
The regulations take it one step further when a health care provider is performing a medical examination to determine an applicant’s or employee’s ability to perform a job. These situations would include a pre-hire physical examination of an applicant who has received a conditional job offer, a fitness-for-duty exam of a current employee or an examination to determine whether a current employee poses a direct threat to himself or others. In these circumstances, the regulations require that employers instruct the health care provider not even to collect family medical history or other genetic information.
4) Be Polite But Not Overly Inquisitive
GINA contains an exception to its prohibition against acquiring genetic information for the “inadvertent acquisition of genetic information.” The EEOC’s strained efforts in its regulations to highlight the distinction between unlawful and permissible acquisition demonstrates that most employers will need to provide “genetic etiquette” lessons to their managers.
According to the EEOC’s regulations, managers need not be heartless. They can ask a subordinate recently diagnosed with cancer, “How are you?”, and “Did they catch it early?”, or if the subordinate’s child is the subject of the diagnosis, “Will your daughter be OK?” However, managers who do not cut the conversation short run the risk of crossing the line by asking, for example, “Do you have cancer in your family?”, or “Are you worried that your other children might have cancer?”
In other words, managers will need to distinguish between generalized questions and what the EEOC characterizes as “probing” questions to avoid GINA’s prohibition against acquiring genetic information.
5) Overhear But Don’t Actively Listen
Identifying yet another social pirouette for managers, the EEOC regulations explain that managers who happen to overhear a conversation between employees about genetic information, such as a discussion about their respective families’ history of cancer, does not violate GINA.
However, a manager who “actively listens” to such a conversation does violate GINA. In other words, the regulations implicitly direct managers either to remove themselves from the area where the employees are engaging in the hypothetical discussion or to ask the employees to stop discussing genetic information where the manager can “actively listen” to the discussion.
6) Beware of Social Media
GINA excepts from its prohibition against acquisition of genetic information for obtaining genetic information that is publicly and commercially available. Under the EEOC’s regulations, this exception does not apply to the acquisition of genetic information from “social networking sites and online media sources which require permission to access from a specific individual.”
In other words, such sites are not publicly available. As applied to real life, this regulation means that a manager who reads about an employee’s family medical history on the employee’s Facebook page will not be able to invoke the “commercially and publicly available” exception if the employee has set the privacy settings for his or her Facebook page to “friends only” so that the manager was able to access the page only because the employee previously had accepted a “friend request,” from the manager.
Fortunately, the EEOC regulations also state that this manager still could benefit from the “inadvertent acquisition” exception described above. For example, if the employee previously “friended” a manager who happens to view family history on the employee’s Facebook page, that acquisition of genetic information would be considered inadvertent and, therefore, not in violation of GINA.
The same manger might be at risk of violating GINA, however, if the employee’s Facebook wall suggests an ongoing discussion about family medical history among coworkers who are the employee’s Facebook friends. The employees might argue that because the manager could anticipate future posts about genetic information, his or her acquisition was not inadvertent. In short, managers who have social media relationships with subordinates must be wary of collecting too much information (TMI).
7) Tightly Control Access to Genetic Information
Genetic information, when acquired in paper or electronic form, must be placed in a confidential medical file that is separate from the personnel file but could be the same file where other employee medical information is retained. Genetic information received by an employer before GINA went into effect on Nov. 21, 2009, does not have to be removed from the general personnel file if filed there, but it still must be treated as a confidential medical record with access limited to those with a need to know. Managers who acquire genetic information by hearing or reading it are not required to document what they have heard or read, but they are prohibited from using or disclosing the information in a manner that violates GINA.
8) Do Not Disclose Genetic Information in Response to a Subpoena or Civil Discovery Request
Employers routinely receive subpoenas and discovery requests that call for the production of employees’ medical information. GINA and the EEOC’s implementing regulations prohibit disclosure of genetic information in litigation except in response to a court order that specifically calls for its disclosure.
Given the broad and counterintuitive definition of “genetic information,” compliance with this requirement may be easier said than done. For example, an employee’s Family and Medial Leave Act (FMLA) certification for leave to care for the serious health condition of a family member would contain genetic information about the employee if the certification reveals the family member’s manifested disease or disorder.
Given the above, employers should consider a) permitting only designated employees to disclose information in response to a subpoena or discovery request calling for the production of an employee’s medical information, and b) training those employees on how to distinguish genetic information from other types of medical information.
9) Reevaluate Your Wellness Program
The “health risk assessment” (HRA) has become a standard weapon in employers’ battle to reduce the cost of health benefits. To motivate employees to complete an HRA, employers frequently offer financial inducements, such as a cash prize or a reduction in the employee’s monthly premium contribution.
The EEOC’s implementing regulations allow the inclusion in an HRA of questions seeking family medical history (or other genetic information) but prohibit employers from offering any financial inducement to employees to encourage them to disclose genetic information.
Thus, the regulations state that an employer may offer a financial inducement to complete the portion of the HRA that does not request family medical history as long as the HRA explicitly informs employees that they are eligible for the inducement even if they do not respond to the questions that request genetic information.
10) Be Cautious During Corporate Transactions
Neither GINA nor the EEOC’s implementing regulations address corporate transactions, yet both sets of rules pose risks to each side of the transaction. For example, neither GINA nor its implementing regulations contain an exception to the general prohibition against disclosing genetic information that would permit disclosure to a party conducting due diligence in a corporate transaction. Similarly, neither GINA nor its implementing regulations permit an acquiring company in an asset purchase transaction who will offer jobs to the target company’s employees to obtain those employees’ genetic information from the target company.
In fact, the EEOC’s regulations implicitly suggest that the acquiring company in this example should specifically tell the target company not to disclose the genetic information of its employees even if the acquiring company will become their employer. Arguably, the target company could avoid potential liability for disclosing genetic information to the acquiring company by requesting and obtaining each employee’s consent to the disclosure.
Significantly, neither GINA nor the EEOC’s implementing regulations expressly permit disclosure of genetic information with the employee’s consent. Given GINA’s very tight restrictions on disclosure of genetic information, the EEOC may take the position that a disclosure of genetic information even with the employee’s consent violates the act.
Conclusion
Complying with GINA and the EEOC’s implementing regulations will require some significant changes to “business as usual.” Given the difficult distinctions that these rules require employers to draw, employers should consider providing training to all affected employees before the EEOC’s regulations go into effect on Jan. 9, 2011.
This article was written by Philip L. Gordon for Law 360. Reprinted with express permission from the publisher.
Copyright © Portfolio Media, Inc. Content may not be shared or redistributed in any fashion without the express permission of Portfolio Media. For inquiries regarding rights and reprints, please contact reprints@law360.com.
Photo credit: Michael Siegmund
In the decade since the HIPAA Privacy Rule went into effect, human resources professionals and employment counsel have increasingly grappled with medical confidentiality issues. While HIPAA certainly has heightened awareness of the need to handle employees’ health information with care, HIPAA (perhaps ironically) protects only a very narrow subset of such information, i.e., individually identifiable health information created or received by, or on behalf of, a HIPAA-covered health plan. By contrast, the EEOC has taken the position for years that the Americans with Disabilities Act’s (“ADA”) medical confidentiality provision protects all employee health information received by an employer other than the narrow subset of health benefits information subject to HIPAA. In a ruling handed down just two days before Thanksgiving, the Seventh Circuit rejected the EEOC’s interpretation of the ADA as overbroad, giving employers something to be thankful for.
On Tuesday, July 26, 2011, the Equal Employment Opportunity Commission (EEOC) held its latest meeting on the topic of protections for job applicants with arrest and conviction records under Title VII of the Civil Rights Act of 1964. The full Commission heard remarks from the panelists related to three areas: "Best Practices From Employers," "An Overview of Local, State and Federal Programs and Policies" and "Legal Standards Governing Employers' Consideration of Criminal Arrest and Conviction Records."
Effective October 1, 2011, employers in Connecticut will face new restrictions on the use of credit reports regarding current or prospective employees as a result of the recent enactment this month of Connecticut Public Act 11-223. In enacting the new law, Connecticut becomes the sixth state limiting employers' use of credit reports, following Hawaii, Washington, Oregon, Illinois, and Maryland. Similar laws are pending in several other states and at the federal level. The Equal Employment Opportunity Commission (EEOC) is also conducting related investigations and pursuing at least one disparate impact claim based on the use of credit reports. Thus, employers who use credit history information to inform hiring or personnel decisions in states that have enacted credit check laws should review their policies for compliance, and employers everywhere should continue to monitor developments in this evolving area of the law. To learn more about the Connecticut law and its implications for employers, please continue reading Littler's ASAP, 
Close on the heels of the EEOC’s October 20, 2010, public meeting on the use of credit checks by employers, Loudy Appolon 
regulations implementing those portions of the Genetic Information Non-Discrimination Act of 2008 (GINA) applicable to employers. GINA prohibits employers from discriminating on the basis of genetic information and generally prohibits employers from acquiring or disclosing genetic information. GINA applies to all employers subject to Title VII of the Civil Rights Act of 1964 and adopts Title VII’s enforcement schemes except that disparate claims are not permitted.