Skip to main content
NCBI home page
NIHPA Author Manuscripts logoLink to NIHPA Author Manuscripts
. Author manuscript; available in PMC: 2026 Jan 8.
Published in final edited form as: Public Health Genomics. 2025 May 3;28(1):190–195. doi: 10.1159/000546189

Workplace genomic testing: What do company websites say about federal privacy and anti-discrimination laws?

Betty Cohn a, Anya ER Prince b, Katherine Callahan c, J Scott Roberts d, Alyx Vogle e, Debra JH Mathews f,*, on behalf of The INSIGHT @ Work Consortium
PMCID: PMC12776532  NIHMSID: NIHMS2131465  PMID: 40319871

Abstract

Introduction: Employees considering participation in workplace genetic and/or genomic testing (wGT) as part of workplace wellness programs should be aware of legal protections of their personal genetic information. Given the relevance of the Health Insurance Portability and Accountability Act (HIPAA) and the Genetic Information Nondiscrimination Act (GINA) for informed decision making, employers offering wGT should ideally inform employees of these health policies prior to collecting any genetic data. It is unclear, however, whether and to what extent such information is being provided. Company websites provide one important resource for making employees—and the public at large—aware of important health policies governing workplace wellness programs in general, and wGT services in particular. Method: We therefore sought to systematically review the websites of 420 companies offering wGT services to determine if they included reference to HIPAA and GINA. Results: We found 32/50 (64%) mentions of HIPAA and no mentions of GINA. Conclusions: Ultimately, it is imperative that HIPAA and GINA are upheld by both vendors and employers, and findable, accessible, and understandable by the public for employees to analyze the benefits and risks of participating in wGT.

Keywords: GINA, HIPAA, workplace wellness, genetic testing

Introduction

As of 2023, over 53% of the United States (U.S.) population received health insurance through their employer [1]. Many employers, particularly large ones, offer self-funded plans, meaning that the employer directly pays for their employees’ health care services [2]. Thus, employment and health are inextricably intertwined and for employers, increased health costs of their workforce equates to more spending and decreased profits. Workplace wellness programs offer one theoretical solution to help lower employers’ healthcare costs [3]. While some research suggests that these workplace wellness programs do not offer significant benefit [3,4], they continue to be offered to employees, and thus it is important to understand their operation and impact [5].

Workplace wellness programs are advertised as an effective way to decrease costs and improve employee health by offering voluntary services such as health risk assessments, biometric screening, smoking cessation, fitness, and nutrition programs [3,4,6]. Over the past decade, genetic testing has also been offered within workplace wellness programs, defined here as workplace genomic testing (wGT) [7]. While some companies have publicly identified themselves as offering wGT, public facing company websites either do not make it clear that this service is offered [8] or have not updated website information since 2015 [7]. Such testing could, for example, identify employees at elevated risk for common, preventable conditions such as cancer and heart disease. Some companies offer other testing, such as ancestry, nutrigenetic, and other non-medical results. However, it is still unclear how many U.S. companies have added wGT to their wellness programs or how many employees choose to undergo such testing [8,9].

Several federal-level policies promote and regulate the use of workplace wellness programs in the U.S., while also prohibiting genetic discrimination by employers and health insurers. For example, the 1996 Health Insurance Portability and Accountability Act (HIPAA), the 2008 Genetic Information Nondiscrimination Act (GINA) and the 2010 Affordable Care Act (ACA), collectively limit discriminatory use of genetic information in the contexts of employment and health insurance, but have also altered their policies to encourage workplace wellness programs [10]. States such as Florida have begun to enact legislation to limit the ability of life, long-term care, and disability insurers to deny coverage or charge higher premiums based on genetic information [11]. Most states, however, still allow these insurers to deny coverage or charge higher premiums based on genetic information, although it is unclear whether and to what extent insurers are using genetic information for these purposes [11]. HIPAA protects one’s private health information and prohibits discriminatory premium differences in group health premiums based on one’s health information, including genetic information and including family history information [12,13]. The ACA expands upon HIPAA’s discrimination protections for both individual and group health plans [14]. Thus, while HIPAA has provided some protection against premium differences in the group market for those with a pre-existing condition, the ACA provides broader premium protections.

Despite these broad anti-discrimination protections, both HIPAA and the ACA make an exception for workplace wellness programs—employers may offer different health insurance premium amounts based on employee participation in a wellness program. The ACA, for example, permits workplace wellness programs to offer incentives to employees who complete the program. Potential incentives include a 30% reduction of an employee’s health care premium costs. Generally, GINA forbids employers from collecting genetic information; however, there is an exception for workplace wellness programs, provided they are voluntary. GINA has been interpreted as prohibiting workplace wellness programs that include wGT from offering any incentives for program completion, as offering incentives could unduly influence employees’ participation [10,15,16]. However, given recent regulatory updates and case law, the allowable amount of incentives is in limbo, making it uncertain whether employers wishing to offer wGT would be able to offer any incentives to participate[17]. More recently, H.R. 1313 attempted to eliminate the cap on the use of incentives as well as permit employers to collect individual wGT results from workplace wellness programs or wGT vendors [10]. This bill was never voted on in either chamber of Congress, despite making it out of the relevant House Committees in December 2017.

Employees considering participation in wGT as part of workplace wellness programs should be aware of legal protections of their personal genetic information and how it can and cannot be used. Given the relevance of HIPAA and GINA for informed decision-making, employers offering wGT should ideally inform employees of these health policies prior to collecting any genetic data. It is unclear, however, whether and to what extent such information is being provided. A prior study investigated whether the vendors themselves displayed information about HIPAA or GINA [18], but not whether the companies offering wGT to their employees themselves display information regarding HIPAA or GINA. Company websites provide one important resource for making employees—and the public at large—aware of important health policies governing workplace wellness programs in general, and wGT services in particular. We therefore sought to systematically review the websites of companies offering these services to determine if they included reference to HIPAA and GINA.

Methods

This study is part of a larger NHGRI-funded study the US landscape, and employee and employer perspectives regarding wGT. [9] The goal of the specific aim of which the current research is a part is to identify companies (and the genetic testing vendors with whom they contract) that offer wGT to their employees through a systematic, search based landscaping study. The first phase of this study was to examine which vendors and which employers are offering wGT to employees in the context of wellness programs [8]. Our sampling strategy included a range of private and public sector employers, selected through both systematic and search-based methods. We analyzed the websites of 420 companies, which included a) 140 privately-held companies (systematically sampled from the 2019 Forbes list of largest privately-held companies), b) 140 publicly-held companies (systematically sampled from the 2019 Forbes list of largest publicly-held companies), c) 104 hospitals/hospital systems by state (top 2 in each state, plus the District of Columbia and Puerto Rico), and d) 36 companies that had evidence that they offer/have offered wGT based on press releases and other publicly available information from vendors of wGT [8]. As part of the landscaping work, we analyzed publicly available websites of a broad sampling of employers and utilized search strings in Google and business databases [8] to identify whether HIPAA or GINA were mentioned on either vendor or employer websites in the context of wGT. The inclusion criteria for companies are: a) having a U.S. headquarters, and b) publicly available evidence of offering wGT to their employees. The inclusion criteria for vendors are: a) having a U.S. headquarters, and b) publicly available evidence of offering wGT to companies for company employees. This search was conducted from February 2021-October 2021. We used several search strings to identify whether HIPAA or GINA was mentioned (Table 1). The method of using search strings to identify whether HIPAA or GINA was mentioned on company websites was implemented for all 420 companies.

Table 1:

Search strings used during data collection

Law Search string
HIPAA
[company name] AND [vendor name] AND HIPAA
[company name] AND HIPAA
[vendor name] AND HIPAA
GINA
[company name] AND [vendor name] AND GINA
[company name] AND GINA
[vendor name] AND GINA
Applicable to both laws
[company name] AND privacy policy
[vendor name] AND privacy policy
[company name] AND [vendor name] AND privacy policy
[company name] AND [vendor name] AND terms and conditions
[company name] AND terms and conditions
[vendor name] AND terms and conditions
Open in a new tab

Results

Our search for wGT programs on company websites found that 32 of 50 companies (64%) offering wGT in wellness programs mentioned HIPAA and none of the companies mentioned GINA as it relates to wGT in their wellness programs. As seen in Figure 1, 75% (27/36) of the vendor identified companies mentioned HIPAA, whereas none (1/4) of the systematically sampled privately held companies mentioned HIPAA in the context of their wellness programs that offer wGT. Additionally, of the 10 systematically sampled publicly held companies that offer wGT, 4 mentioned HIPAA within the context of their wellness programs. No hospital/hospital systems had evidence of offering wGT as part of wellness programs. GINA was not mentioned on any of the company websites including within the available terms and conditions for wGT.

Figure 1:

Figure 1:

Open in a new tab

The proportion of companies that mention HIPAA or GINA on their website or in their publicly available Terms and Conditions of wGT in the context of wellness programs

Discussion

We found very little publicly available evidence that GINA was mentioned in the context of company website descriptions of wellness programs offering wGT. However, there is also little evidence that companies are offering wGT within the context of wellness programs in the first place [19]. Of the companies we identified as offering wGT to their employees, very few publicly outline the protections afforded by HIPAA or GINA. In contrast, previous research identified 15 wGT vendors, of which 9 mentioned HIPAA on their websites and only 2 mentioned GINA [18]. The relative absence of HIPAA and GINA related information from company curated documentation is evidence of how companies communicate with their employees regarding wGT and what information they prioritize for their employees’s consideration. This data shows that companies are not prioritizing employee knowledge of legal protections for wGT. This lack of transparency limits researchers’ and policymakers’ ability to evaluate whether employees know that they are protected under HIPAA and GINA. Education about GINA in particular would be important to provide given the general lack of public knowledge about protections afforded under this legislation [19]. Greater transparency would enable advocates, researchers, and government enforcement agencies to assess the risks and benefits of such programs and to proactively identify potentially problematic program designs. Knowledge about legal protections could be an important factor in employee decision-making, as there is evidence from other contexts that individuals have declined testing or decided not to participate in genetic research for fear of genetic discrimination [20]. Additionally, at a large biomedical research institution, employees specified that before making their decision to participate in wGT they would want to know about the relevant laws and policies to protect their privacy and confidentiality of their genetic test results [5,21]. It is possible that employees undergoing wGT are receiving information about HIPAA and GINA through information sources that were beyond the scope of this review. Nevertheless, it seems likely that more transparency from U.S. companies is necessary for employees to make more informed decisions about wGT.

Like direct-to-consumer genetic testing, wGT can offer individual benefits, but can also result in privacy concerns as one’s genetic information can be shared by the vendor that is conducting the testing, depending on what is stated in user agreements [18]. However, with wGT, the stakes are perhaps even higher, given that aggregate genetic information can be shared with one’s employer and, depending on the state, affect one’s life insurance, long-term care insurance, and disability insurance. These effects can be in the form of using genetic information to set higher premiums or decline applications for non-health insurance [11]. Such concerns are understandable given prior legal cases in which employers sought to use genetic information for potential discrimination in the workplace, such as in Bloodsaw v. Lawrence Berkeley Labs (1998) and Equal Employement Opportunity Commission (EEOC) v. Burlington Northern Railway Company (2001) [9]. Furthermore, even if HIPAA and GINA were mentioned on the vendor or company websites or within the terms of conditions, it is unclear whether the employee would read or understand this information. Recent research shows that although public concerns about genetic discrimination are common, many do not know that GINA exists or about the protections that it provides [20]. Indeed, if individuals have knowledge of GINA, they often tend to assume that GINA is more protective than it actually is [19].

An important limitation of this study is that analyses were limited only to information provided on public-facing company websites. It is likely that companies offering wellness programs provide additional information for employees to consider before undergoing wGT, and we do not know how often HIPAA and GINA are being addressed in these materials, during genetic counseling (if offered), or within informational sessions. However, company provided materials are indicative of how the company chooses to frame the service for their employees. Another limitation of our study is that we only assessed for whether or not HIPAA and GINA were explicitly stated on company websites, rather than whether the protections they afford were actually explained.

Conclusion

Ultimately, it is imperative that these policies are discussed and upheld when offering wGT in the context of wellness programs. The U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), is responsible for enforcing HIPAA, while the EEOC is responsible for enforcing the employment provisions of GINA. To improve transparency, it would be helpful if these bodies created additional stipulations for companies and vendors that offer wGT to disclose that they are compliant with both HIPAA and GINA regulations, in addition to offering employees a brief description of what these federal policies protect. For example, the Office of Human Research Protections developed guidance for explaining GINA during the informed consent process in research settings [22].Similar guidance for workplace wellness programs could be helpful. Such practices would serve not only to enhance informed decision-making, but also for the continued protection of employees’ genetic information. The legal landscape of wGT should be findable, accessible, and understandable by the public in order for employees to assess the benefits and risks of participating in wGT.

Supplementary Material

Supplemental Table_final.docx

Acknowledgements

The INSIGHT @ Work Consortium includes the following core team members, in addition to the named authors: Nicole Crumpler, W. Gregory Feero, Rebecca Ferber, Veda N. Giri, Katherine Hendy, Amy Leader, Charles Lee, Sarah McCain, Alexandra McClellan, Kerry Ryan, Kunal Sanghavi, Kayte Spector-Bagdady, and Wendy R. Uhlmann..

The consortium is supported by the advisory board members Kyle Brothers, Ellen Wright Clayton, Patricia Deverka, Thomas Ellis, Aaron Goldenberg, Susan Mockus, Cynthia Casson Morton, Jens Rueter, and Brett Witham, along with stakeholder workgroup members Ethan Bessey, Erynn Gordon, LaTasha Lee, Jessica Roberts, and Fatima Saidi.

Funding Sources

This work was supported by grants from the National Human Genome Research Institute (R01HG010679, K01HG010496).

Footnotes

Statement of Ethics

A Statement of Ethics is not applicable because this study is based exclusively on publicly available data.

Conflict of Interest Statement

The authors have no conflicts of interest to declare.

Data Availability Statement

The authors confirm that the data supporting the findings of this study are available within the article [and/or] its supplementary materials. Further enquiries can be directed to the corresponding author.

References

  • 1.Statista Research Department. Employment-based health insurance U.S. share 1987–2023 [Internet]. Statista. 2024. Sep [cited 2024 Dec 3]. Available from: https://www.statista.com/statistics/323076/share-of-us-population-with-employer-health-insurance/ [Google Scholar]
  • 2.Kaiser Family Foundation. 2020 Employer Health Benefits Survey - Section 10: Plan Funding [Internet]. KFF. 2020. Oct [cited 2021 Jun 8]. Available from: https://www.kff.org/report-section/ehbs-2020-section-10-plan-funding/ [Google Scholar]
  • 3.Hendricks-Sturrup RM, Cerminara KL, Lu CY. A Qualitative Study to Develop a Privacy and Nondiscrimination Best Practice Framework for Personalized Wellness Programs. J Pers Med. 2020. Dec;10(4). DOI: 10.3390/jpm10040264 [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 4.Hull G, Pasquale F. Toward a critical theory of corporate wellness. BioSocieties. 2018. Mar;13. DOI: 10.1057/s41292-017-0064-1 [DOI] [Google Scholar]
  • 5.Charnysh E, Pal S, Reader J, Uhlmann WR, McCain S, Sanghavi K, et al. Healthcare utilization and behavior changes following workplace genetic testing at a large U.S. healthcare system. Genetics in Medicine. 2024;Accepted for publication. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 6.Song Z, Baicker K. Effect of a Workplace Wellness Program on Employee Health and Economic Outcomes: A Randomized Clinical Trial. JAMA. 2019. Apr;321(15):1491–501. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 7.Businesswire. Color Genomics Introduces Benefits Program [Internet]. 2015. Sep [cited 2022 Aug 4]. Available from: https://www.businesswire.com/news/home/20150930006272/en/Color-Genomics-Introduces-Benefits-Program
  • 8.Cohn B, Ryan KA, Hendy K, Callahan K, Roberts JS, Spector-Bagdady K, et al. Genomic testing in voluntary workplace wellness programs in the US: Evidence and challenges. Molecular Genetics & Genomic Medicine. 2023;11(11):e2245. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 9.Sanghavi K, Cohn B, Prince AER, Feero WG, Ryan KA, Spector-Bagdady K, et al. Voluntary workplace genomic testing: wellness benefit or Pandora’s box? npj Genom Med. 2022. Jan;7(1):1–6. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 10.Hudson KL, Pollitz K. Undermining Genetic Privacy? Employee Wellness Programs and the Law. N Engl J Med. 2017. Jul;377(1):1–3. [DOI] [PubMed] [Google Scholar]
  • 11.Anderson JO, Lewis ACF, Prince AER. The Problems with Patchwork: State Approaches to Regulating Insurer Use of Genetic Information. DePaul J Health Care L. 2022;23:1. [Google Scholar]
  • 12.42 U.S.C. § 300gg-4(b)(1). 1994.
  • 13.Prince AER, Uhlmann WR, Suter SM, Scherer AM. Genetic testing and insurance implications: Surveying the US general population about discrimination concerns and knowledge of the Genetic Information Nondiscrimination Act (GINA). Winter 2021. 2021 Nov [cited 2022 Jul 21].; 24(4):341–65. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 14.The Patient Protection and Affordable Care Act. 2010.
  • 15.42 U.S.C.A. § 2000ff-2(b)(2). 2008.
  • 16.H.R. 493 — 110th Congress: Genetic Information Nondiscrimination Act of 2008. 2008.
  • 17.Prince AER. Hidden Trade-Offs in Insurance Wellness Programs. Mich St L Rev. 2021;2021:341. [Google Scholar]
  • 18.McDonald WS, Wagner JK, Deverka PA, Woods LA, Peterson JF, Williams MS. Genetic testing and employer-sponsored wellness programs: An overview of current vendors, products, and practices. Molecular Genetics & Genomic Medicine. 2020;8(10):e1414. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 19.Willard L, Uhlmann W, Prince AER, Blasco D, Pal S, Roberts JS, et al. The Genetic Information Nondiscrimination Act and workplace genetic testing: Knowledge and perceptions of employed adults in the United States. Journal of Genetic Counseling. 2024;00:1–9. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 20.Lenartz A, Scherer AM, Uhlmann WR, Suter SM, Anderson Hartley C, Prince AER. The persistent lack of knowledge and misunderstanding of the Genetic Information Nondiscrimination Act (GINA) more than a decade after passage. Genetics in Medicine. 2021. Dec;23(12):2324–34. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 21.Sanghavi K, Feero WG, Mathews DJH, Prince AER, Price LL, Liu ET, et al. Employees’ Views and Ethical, Legal, and Social Implications Assessment of Voluntary Workplace Genomic Testing. Front Genet. 2021. Mar;12. DOI: 10.3389/fgene.2021.643304 [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 22.Office for Human Research Protections (OHRP). Genetic Information Nondiscrimination Act (GINA): OHRP Guidance (2009) [Internet]. 2010. Nov [cited 2024 Dec 3]. Available from: https://www.hhs.gov/ohrp/regulations-and-policy/guidance/guidance-on-genetic-information-nondiscrimination-act/index.html

Associated Data

This section collects any data citations, data availability statements, or supplementary materials included in this article.

Supplementary Materials

Supplemental Table_final.docx
NIHMS2131465-supplement-Supplemental_Table_final_docx.docx (23.5KB, docx)

Data Availability Statement

The authors confirm that the data supporting the findings of this study are available within the article [and/or] its supplementary materials. Further enquiries can be directed to the corresponding author.

RESOURCES