President Bush signed into law the Genetic Information Nondiscrimination Act (“GINA”), HR. 493, on May 21, 2008. The act is designed to do what it says: prevent discrimination against employees and prospective employees on grounds of genetic information.
From the employment perspective, the act makes it unlawful for employers with 15 or more employees to base employment-related decisions on genetic information or to seek out genetic information about employees or prospective employees.
From the insurance perspective, the act makes it unlawful to alter premiums or contributions based on genetic information, to use genetic information for underwriting or enrollment purposes, or to compel genetic testing from plan participants or their families.
The act is particularly complicated for self-funded employers since they essentially fall into both categories—first as employers and second as “insurers.”
But the new regulations are perilous for all employers because there are many ways in which they can inadvertently become aware of genetic information and thereby become at risk for GINA violations. For example, there is a constant flow of information in the daily lives of most offices about medical affairs of employees and their families. When employees miss work for doctor’s appointments, when they take sick days, when they chat at the water cooler, when they take leave under the Family and Medical Leave Act (“FMLA”)—all are situations that can inadvertently convey information to employers about their employees’ genetic background and heritage.
Notably, the definition of genetic information in GINA is very broad:
IN GENERAL—The term “genetic information” means, with respect to any individual, information about —
(i) such individual’s genetic tests,
(ii) the genetic tests of family members of such individual, and:
(iii) the manifestation of a disease or disorder in family members of such individual.
There is a grace period before these provisions take effect: 18 months after the date of enactment for the employment-related provisions and one year after the date of enactment for the insurance-specific ones. Self-funded employers would be wise to use that time to ensure that they and/or their third-party administrators put procedures into place to comply with the act’s requirements.
Not only would such procedures provide protection from exposure to claims of GINA violations, it would also guard against claims for violations of Sarbanes-Oxley.
Among other things, these procedures should ensure that, as required by GINA, any genetic information that is necessarily obtained by employers is kept on separate forms, in separate medical files, and is treated as confidential medical records.
For most self-funded employers, the procedures also should require that third-party administrators, or TPAs, certify that they are aware of GINA and accept full responsibility for complying with its provisions. For the rare employer that is self-administered in addition to being self-funded, the establishment of GINA may warrant an even more sweeping set of protections.
For the self-funded employer, the challenges presented by GINA are not exactly new. Prudent self-funded employers have long appreciated the tension between choosing to provide health plans to their employees, while needing to protect themselves, as employers, from knowing too much about their employees’ health needs.
GINA just raises the stakes a little higher. It offers one more reason for employers to appreciate that health care can be a minefield when mishandled, and to treat health-related information about their employees with the tremendous sensitivity that it deserves.