This year, the Cook County docket has seen an influx of class action claims seeking redress under an older Illinois privacy statute, the Genetic Information Privacy Act (GIPA), no doubt due to the statute’s extreme statutory damage provisions. GIPA, enacted in 1998, provides a private right of action and permits recovery for actual damages or for statutory damages of $2,500 per negligent violation and $15,000 per intentional or reckless violation of the statute. The potential for massive awards has clearly caught the eye of the plaintiff’s bar. Indeed, despite sporadic filings over the past decade, nearly 30 cases have been brought under GIPA in 2023 in Cook County alone, the majority of which have been filed in the last two months.
GIPA contemplates even greater damage awards than another oft-litigated Illinois privacy statute, the Biometric Information Privacy Act (BIPA), which allows statutory damages of up to $1,000 for each negligent violation, and up to $5,000 for each intentional or reckless violation.[1] The stated goal of GIPA is to “facilitate voluntary and confidential nondiscriminatory use of genetic information” and encourage the exchange of records to improve patient health care and care coordination. 735 ILCS 513/5(4) and (5). As a means to this end, the statute proscribes the transfer and disclosure of genetic information without explicit written consent. Additionally, and significantly, the statute prohibits insurers from using genetic testing for non-therapeutic or underwriting purposes and prohibits employers from soliciting or requiring genetic testing as a condition of employment and/or using genetic testing to affect terms of employment.
The term “genetic testing” in the statute is extracted from HIPAA and includes: the individual’s genetic tests; genetic tests of family members; the manifestation of a disease or disorder in family members; and requests for or receipts of genetic services by the individual or the individual’s family member.
The lawsuits filed in the past year follow the same general format and allege that certain employers requested family medical histories as a part of hiring processes in which physicals are required. One plaintiff’s firm compares these hiring practices to the dystopia portrayed in the 1997 film “Gattaca,” in which individuals are classified as “valids” or “in-valids” depending on their individual genetic profiles. In the film, these genetic profiles determine what type of employment each individual can pursue. These lawsuits ask the courts to view family histories taken as part of an employer-mandated physical as propelling society toward this dystopian future.
As dramatic as this claim may be, the potential for annihilating damages could make these cases equally dramatic for employers in Illinois.
Takeaways:
- Class action filings seeking damages under GIPA have increased drastically in the past year.
- Employers should evaluate whether they are collecting genetic information of employees, including through physicals required for certain positions.
- Take caution: disregarding the provisions of GIPA could subject employers to fines of up to $15,000 per violation of the statute.
[1] BIPA specifically excludes “biological materials regulated under” GIPA. See 740 ILCS 14/10.