Today the Equal Employment Opportunity Commission (EEOC) today issued final regulations implementing the Genetic Information Nondiscrimination Act of 2008 (GINA).  The goal of GINA is to protect employees (including former employees), applicants, union members, apprentices and trainees from discrimination based on genetic information.  Title II of the bill gives regulatory authority to the EEOC.  The new rules become effective on January 10, 2011.

Among the regulations’ items are definitions for six terms that do not exist in any other EEOC regulations or statutes.  The regulations contain language that prohibits discrimination in a wide range of employment practices including hiring, termination, promotion, seniority, etc.  Covered entities are also prohibited from limiting, segregating or classifying employees based upon genetic information.

Labor unions, employment agencies and apprenticeship programs are affected as they are expressly barred from providing genetic information to covered entities that may allow them to  discriminate.  Retaliation is also prohibited.

In addition to prohibiting discrimination, EEOC’s GINA regulations prohibit “covered entities from requesting genetic information from applicants, employees, or other individuals; from requiring that applicants or employees provide genetic information; or from purchasing genetic information about an applicant or employee.”  While there are certain exceptions to these prohibitions, employers should err on the side of caution and only request such information if permissible and necessary.


Entities covered by GINA should treat genetic information in the same way and with the same confidentiality as medical information.  While genetic information that is kept in writing must be stored separately from other personnel information, it could be kept in the same file with other medical information.

The GINA regulations stipulate that they do not apply to protected health information subject to the HIPAA Privacy Rule.  In other words, entities that are subject to the HIPAA Privacy Rule must apply those requirements, and not the GINA requirements, to genetic information that is protected health information.  See page 20 of the GINA Final Rule for an example.  However, any entities covered by the HIPAA Privacy Rule “must follow the requirements of GINA when they are acting as employers.”

It is worth noting that the definition of “covered entity” in GINA is not the same as it is in HIPAA. Coverage under one does not necessarily indicate coverage under the other.

For the full text of the rule go to: