Final regulations make clear that the inadvertent acquisition exception applies in the workplace as well as incidents that take place online such as on Facebook or other social media avenues. They provide for a specific situation where a manager or supervisor inadvertently learns of a genetic condition of an employee or their family member via a social media platform where the manager or supervisor has been given permission to access the profile (i.e., friends on Facebook).
An employer would not violate GINA if a supervisor and employee are friends on a social media site and the employee posts about money being raised for his father’s Alzheimer’s. However, this exception (employer protection) would not apply if the employer needed special permission to access a profile and the employer went around those privacy safeguards to get the information. If the employer sought out that information it could be a GINA violation. In this case the inadvertent exception would not apply.
As an HR best practice, it is not recommended to “friend” employees or applicants on social media sites. While it is not illegal, the implications can be complex and can potentially place your city at unnecessary exposure.
According to the EEOC this depends on the nature of the situation. If the employer inadvertently requests information about a genetic health issue in a casual conversation it may not violate GINA.
For instance, a supervisor may make general health inquiries such as “How are you?” “How do you feel today?” Those kinds of questions are acceptable and are generally not a GINA violation. But if the employer goes further by probing for information such as asking if other family members have the condition, or if the employee has been tested for a condition, then according to the regulations the employer has crossed the line and is likely to be in possession of protected genetic information acquired illegally. The outer limits of this water cooler exception will surely be tested in the courts. Be cautious!