DISCLAIMER: The information provided in this article, other knowledge base articles, and the Compliancy Group website do not, and are not intended to, constitute legal advice; instead, all information, content, and materials in the Knowledge Base and on the Compliancy Group website are for general informational purposes only.
The HIPAA Privacy Rule regulates the use and disclosure of genetic information. This article discusses how the use and disclosure of genetic information is regulated.
Under the Privacy Rule, health plans are generally prohibited from using or disclosing PHI that is genetic information for underwriting purposes.
"Genetic information" means, with respect to an individual:
(i) The individual's genetic tests;
(ii) The genetic tests of family members of the individual;
(iii) The manifestation of a disease or disorder in family members of such individual; or
(iv) Any request for, or receipt of, genetic services, or participation in clinical research which includes genetic services, by the individual or any family member of the individual.
Genetic information "concerning an individual or family member of an individual" is defined under the Privacy Rule to include the genetic information of:
(i) A fetus carried by the individual or family member who is a pregnant woman; and
(ii) Any embryo legally held by an individual or family member utilizing an assisted reproductive technology.
Under the Privacy Rule, the term "genetic information" excludes information about the sex or age of
With respect to a health plan, "underwriting purposes" means:
1. Rules for, or determination of, eligibility (including enrollment and continued eligibility) for, or determination of, benefits under the plan, coverage, or policy (including changes in deductibles or other cost-sharing mechanisms in return for activities such as completing a health risk assessment or participating in a wellness program).
2. The computation of premium or contribution amounts under the plan, coverage, or policy (including discounts, rebates, payments in kind, or other premium differential mechanisms in return for activities such as completing a health risk assessment or participating in a wellness program).
3. The application of any pre-existing condition exclusion under the plan, coverage, or policy.
4. Other activities related to the creation, renewal, or replacement of a contract of health insurance or health benefits.
"Underwriting purposes" does not include determinations of medical appropriateness where an individual seeks a benefit under the plan, coverage, or policy.
"Genetic information" is included within the definition of "health information" and therefore can constitute protected health information if it meets the definition of protected health information. Use and disclosure of genetic information by healthcare providers is subject to the same general PHI use and disclosure rules that use of other PHI is subject to.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article