In recent years, increasing attention has been paid to the promise of genetic testing in medicine. However, individuals considering genetic testing must weigh the benefits of receiving personal genetic information against the possible psychological and/or societal risks.In particular, there is concern regarding the potential for insurance and/or employment discrimination based on the results of genetic testing.

To date, a few federal privacy and anti-discrimination protections have been put into place. However, gaps exist.In an attempt to fill these gaps, some states have implemented their own protections.To understand the implications of offering genetic testing to a patient, or of choosing to undergo genetic testing oneself, it is important to be informed about the extent of the available legal protections.

How Do Laws Define 'Genetic Information'?

There has been a great deal of debate about what information should be deemed 'genetic' and therefore covered under federal and state laws.Broad definitions of genetic information include "all tests of human DNA, RNA, chromosomes, and DNA products used for the purposes of identifying hereditary and family history information".On the other end of the spectrum are laws that choose to cover only specific genetic tests.For example, Alabama’s law prohibiting genetic discrimination in the workplace only covers genetic tests related to cancer.

Laws Addressing Genetic Discrimination

The issue of genetic discrimination is important in terms of insurance (including health, life, disability, and long-term care insurance) and employment.In the absence of laws, any one of these groups could choose to avoid hiring or covering individuals who are identified as being at higher risk of developing costly conditions based on genetic information.

Insurance

Federal Laws: In 1996, the Health Insurance Portability and Accountability Act (HIPAA) included "gnetic information" in its list of items that were off limits to group health insurers. It prohibited group health plans from using genetic information as a basis for denying or limiting eligibility for coverage, or for charging an individual more for coverage, and it explicitly provided that genetic information in the absence of a current diagnosis of illness shall not be considered a "pre-existing condition."

Although HIPAA provides protection against the use of genetic information for the purpose of discrimination, it does not limit the collection of such information. It also fails to offer protection for persons who receive their health insurance from individual health plans. Additionally, HIPAA does nothing to address the genetic discrimination issue in other types of insurance, such as life insurance or disability insurance.

Since the passage of HIPAA, numerous efforts have been made in Congress to pass more comprehensive laws. So far, no bills have made it out of discussion in Congressional sub-committees.

State Laws: Because of the limitations of the federal legislation, 38 states have enacted their own laws concerning genetic discrimination in the insurance industry.These laws vary in terms of the definitions used for ‘genetic information’.They also vary in terms of coverage for group health plans versus individual plans and in the provisions made for non-health insurers (life, disability, and long-term care insurers).In addition, some states do not specifically prohibit discrimination, but instead require insurers to justify any use of genetic information.

Although many states have been proactive in terms of anti-genetic discrimination legislation in health care, it is still unclear how well these provisions will hold up in a court of law. One potential problem lies within the 1974 Employee Retirement Income Security Act (ERISA).ERISA gives the federal government power over the issues related to employer-sponsored group health insurance plans, and may prevent state laws from being effective in these cases.

Employment protections

Federal Laws: The Equal Employment Opportunity Commission (EEOC) attempted to address the issue of genetic discrimination in the workplace in 1995. The EEOC suggested that the Americans with Disabilities Act (ADA) covers individuals who have received genetic information that provides evidence for high risk of future illness. The ability of the ADA to cover individuals at risk for developing inherited conditions depends upon a broad interpretation of the term ‘disability’, which allows for the inclusion of conditions that have not yet become apparent. The specific protections offered by the ADA are not yet clear. The EEOC does not have a systematic way of handling genetic discrimination cases. In addition, the ability of the ADA to offer protections has only been tested on a limited basis within the court system.

In February 2000, former President Clinton signed an executive order meant to provide limited federal workplace protections. This executive order prohibited discrimination based on genetic information in any federal workplace. He further encouraged the development of similar legislation for non-federal employees.

State Laws: Currently, 28 states have adopted some version of a genetic anti-discrimination law in employment.As with the state-level legislation on discrimination in insurance, these laws vary both in the definition of ‘genetic information’ and in the scope of protections provided. Twenty-two of these states contain provisions that not only limit employers’ use of genetic information in decision-making, but also limit their access to such information.As of August 2001, only ten states included specific penalties for employers who violate genetic discrimination laws.

Laws Addressing the Privacy of Genetic Information

The privacy of information contained within medical records has been a hot political topic in recent years.Because of the sensitive nature of genetic information and its potential implications for individuals other than the patient himself (ie: family members), the argument has been made that genetic information deserves its own set of privacy protections.

Federal laws

HIPAA required that federal legislation be developed to protect the privacy of health information (including genetic information). In the absence of such a law, the Department of Health and Human Services (DHHS) recently issued a rule (‘Standards for Privacy of Individually Identifiable Health Information’) meant to affect all health care providers and insurers by April 2003. According to this rule, patients must provide written permission for their identifiable health (including genetic) information to be shared with third parties, except in emergency situations. The DHHS rule also provides patients the rights to be educated about privacy provisions and to have access to their own health information. Some room is left within this ruling for exceptions under the conditions of research, public health needs, law enforcement, and commercial marketing.

One of the strengths of the ruling is that it allows for civil and criminal penalties in the absence of compliance. However, individual patients will not have the right to pursue private action in the court system. In addition, the rule only applies to health insurers and providers. It does nothing to protect the privacy of health care or genetic information once it leaves the hands of the insurer or provider (for example, when the information has been provided, with permission, to an outside party). In this respect, the responsibility for privacy protection is placed on the health care insurer or provider who delivers the information to a third party.

State laws

Several states have laws that affect the privacy of genetic information. Some even offer greater protections than those offered under the DHHS ruling. Currently, 21 states have laws requiring informed consent prior to the disclosure of the results of genetic testing. States differ in terms of their specific requirements for the need for informed consent, in terms of the consideration of genetic information as personal property from a legal standpoint, and in terms of requirements for personal access to a patient’s own health (genetic) information. Only 16 states currently specify penalties for those who are found to be in violation of genetic privacy laws.

Still to Come

Although some legislative progress has been made, it is evident that holes remain in existing protections against genetic discrimination and breaches of patients’ genetic privacy. A new bill, the Genetic Nondiscrimination in Health Insurance and Employment Act (S.318/ H.R.602), was recently introduced in the Senate by majority leader Tom Daschle(D- SD) and in the House of Representatives by Rep. Louise M. Slaughter(D-NY). To date, hearings have been held, but no action has yet been taken. With recent world events, the bill is unlikely to receive much attention in the near future. However, changes are sure to be on the horizon. For up to date information on this legislation, visit http://thomas.loc.gov, choose 'Bill Summary and Status', and search under the key words 'genetic discrimination'.

For more information on laws in your particular state, visit the website of the National Conference of State Legislatures at http://www.ncsl.org.

References

1. Annas G (2001) The limits of state laws to protect genetic information. NEJM 345(5): 385-388.
2. Gostin L (2001) National health information privacy: Regulations under the Health Insurance Portability and Accountability Act. JAMA 285(23): 3015-3021.
3. Jeffords J, Daschle T (2001) Policy issues: Political issues in the genome era.Science Magazine 291(5507): 1249-1251.
4. National Conference of State Legislatures(2001) Information on genetics. http://www.ncsl.org/programs/health/genetics.

Lori Hamby, ScM

© 2001-2 Mid-Atlantic Cancer Genetics Network

Privacy Statement

Questions/Comments bmay@jhmi.edu