On November 9, 2010, the Equal Employment Opportunity Commission (“EEOC”) issued regulations implementing Title II of the Genetic Information Nondiscrimination Act of 2008 (“GINA”), which prohibits discrimination in employment on the basis of genetic information. GINA applies to employers with 15 or more employees, labor unions, and employment agencies, among other entities (referred to in this alert as “covered entities”). The regulations become effective on January 10, 2011.
Most significantly, GINA bans covered entities from “requesting, requiring, or purchasing genetic information” of job applicants, current and former employees, labor union members, and apprentices and trainees (referred to in this alert as “covered persons”). GINA defines “genetic information” as information regarding an individual’s genetic tests, the genetic tests of a family member, or the manifestation of a disease or disorder. Examples of prohibited “requests” include: performing an internet search on an individual in a way that is likely to result in the covered entity obtaining genetic information; actively listening to third-party conversations or searching an individual’s personal effects for the purpose of obtaining genetic information; and making requests for information about an individual’s current health status in a way that is likely to result in a covered entity obtaining genetic information.
The regulations provide for an exception to GINA when a covered entity “inadvertently” requests, requires, or receives genetic information from employees or their family members. Examples of “inadvertent” receipt include receiving genetic information as part of a covered person’s lawful request for medical information under the Americans with Disabilities Act and the Family and Medical Leave Act; gaining access to such information through “social media” (such as Facebook) where access has been granted by the creator of the profile at issue; and acquiring such information from documents that are publicly or commercially available in print or on the internet. To fall within the medical request exception, the employer must give notice to the employee that he or she should not provide genetic information when making such requests. The regulations provide model language that will satisfy this notice requirement.1 Another exception provides that GINA is not violated when a covered entity offers health or genetic services, such as a wellness program, to a covered person, and such person voluntarily discloses genetic information after providing a GINA-compliant written authorization.
An employer that does inadvertently obtain an individual’s protected genetic information must keep such data private in the same manner that an employee’s medical information is kept private under the ADA, i.e., in confidential medical files that are maintained separately from personnel files. Although the regulations are effective January 10, 2011, the requirement that genetic information be kept in separate medical files has been effective since November 21, 2009.
GINA incorporates by reference the definitions, procedures, and remedies found in Title VII of the 1964 Civil Rights Act. In its final rule, EEOC said court interpretations of Title VII definitions that are incorporated by GINA generally should apply under GINA as well.
STEPS COVERED ENTITIES SHOULD TAKE:
- Update forms used to obtain medical information to include the required notice regarding genetic information;
- Add language to EEO and discrimination policies to clearly state that you do not discriminate on the basis of genetic information;
- Ensure that your federal EEO postings are updated to include language informing employees of their rights under GINA;
- Update separation and severance agreements to include releases of GINA-related claims;
- Review application forms to ensure that they do not directly or indirectly request information that could expose or reveal an applicant’s genetic information;
- Include disclaimers in your lawful requests for employees’ medical information;
- Ensure that you are using GINAcompliant authorization forms when necessary in connection with wellness programs or OSHA monitoring;
- Ensure that genetic information is kept in confidential medical files and that any genetic information that may have been placed in personnel files since November 21, 2009, is removed and placed in confidential medical files;
- Train supervisors and managers in GINA compliance; and
- Review any hiring processes and practices that incorporate internet or social media searches for compliance with the social media and publicly-available information exceptions discussed above.