Is it legal for my job to require a biometric health screening?

Your employer just announced a new "wellness initiative." As part of the program, you're being asked to participate in a biometric health screening, which could involve measuring your blood pressure, cholesterol, glucose, and body mass index (BMI). You might be offered a discount on your health insurance premiums for participating, or conversely, face a penalty for opting out. This raises a critical and common question for millions of American workers: Is it actually legal for your job to require a biometric health screening? The short answer is yes, but with significant legal limitations and protections for employees. The legality hinges on federal laws designed to prevent discrimination and protect your sensitive health data.

"In 2023, 83% of large firms (200 or more workers) and 54% of small firms offered a wellness program of some kind. Many of these include biometric screening."

• Kaiser Family Foundation, 2023 Employer Health Benefits Survey

The legal framework for employer biometric health screenings

The question of a legal employer biometric health screening sits at the intersection of several major federal laws. Primarily, the Americans with Disabilities Act (ADA), the Genetic Information Nondiscrimination Act (GINA), and the Health Insurance Portability and Accountability Act (HIPAA) work together to create the rules of the road. While employers are generally prohibited from asking for employee health information, they are allowed to do so as part of a voluntary wellness program. The definition of "voluntary" is where the legal complexity lies.

Under the ADA, a wellness program that includes medical examinations or asks for health information must be "reasonably designed to promote health or prevent disease." It cannot be a subterfuge for discrimination. For a program to be considered voluntary, employers cannot require participation, deny health coverage to non-participants, or take adverse action against them.

GINA adds another layer of protection. It specifically forbids employers from requesting, requiring, or purchasing genetic information. This includes not just genetic tests but also an employee's family medical history. A key point under GINA is that while an employer can ask an employee about their own health status in a screening, they cannot offer a financial incentive for an employee to provide the genetic information (including family history) of themselves or a spouse.

Finally, HIPAA's privacy rules require that any personally identifiable health information collected by a third-party vendor running the screening must be kept confidential. The employer should only ever receive aggregated, de-identified data that doesn't allow them to single out individual employees.

The Equal Employment Opportunity Commission (EEOC) is the agency responsible for enforcing these laws. The EEOC's position, clarified through various rules and legal actions, is that incentives can be used to encourage participation, but they cannot be so large as to be coercive, which would render the program involuntary. The incentive limit has been a point of legal debate, but it generally cannot exceed 30% of the total cost of self-only health coverage.

Feature	Participatory Wellness Program	Health-Contingent Wellness Program
Requirement	No health standard required. Employees earn rewards simply for participating (e.g., attending a screening or a seminar).	Employees must achieve a specific health outcome (e.g., a certain BMI or blood pressure) or perform a health-related activity to get a reward.
Incentive Limits (ACA)	Generally not limited, as long as participation is open to all similarly situated employees.	Limited to 30% of the cost of employee-only coverage (can be up to 50% for tobacco cessation programs).
Legal Scrutiny	Lower. Easier to administer and less likely to face legal challenges under HIPAA and the ACA.	Higher. Must be "reasonably designed," offer a "reasonable alternative standard" for those who can't meet the goal, and be available to all.
ADA/GINA Interaction	If the program collects health data (like a screening), it must still be voluntary and comply with ADA/GINA incentive and confidentiality rules.	The program is by nature medical, so ADA and GINA rules apply directly. The need for "reasonable alternative standards" aligns with the ADA's accommodation requirements.

Industry applications and employee rights

Employers use biometric screening data for several purposes. The most common is to design health and wellness programs tailored to the workforce's needs. For example, if aggregate data shows high rates of pre-hypertension, an employer might introduce programs focused on nutrition and exercise. They are also used to stratify risk for insurance purposes and to encourage employees to become more aware of their own health status.

Here are your rights as an employee:

• Your participation must be voluntary. You cannot be fired or disciplined for not participating.
• Your data is confidential. Your individual results should not be seen by your manager or HR. They should only be seen by you and the third-party screening company.
• You must be given a notice. The notice should clearly explain what information is being collected, who will see it, and how it will be used.
• You have a right to a reasonable alternative. If the program is health-contingent, and you have a medical condition that makes it unreasonably difficult to meet the standard, the employer must provide an alternative way to earn the reward, such as completing an educational program.

Current research and evidence

The effectiveness of these programs is a subject of ongoing research. Studies commissioned by the Department of Labor have examined the impact of workplace wellness programs. For instance, a 2014 study by the RAND Corporation, sponsored by the DOL, found that while wellness programs can generate savings, the majority of savings come from disease management components rather than lifestyle management. Researchers like Al Lewis, a frequent critic of wellness ROI claims, argue that many programs fail to deliver on their promised financial returns and can lead to over-screening and unnecessary medical tests. Conversely, organizations like the Kaiser Family Foundation continue to track the adoption of these programs, with their 2023 survey showing widespread implementation, suggesting employers still see value in them, whether for health promotion or as a cost-containment mechanism. The legal framework continues to evolve based on court cases and new regulations from agencies like the EEOC and the Department of Health and Human Services.

The future of legal employer biometric health screening

The future of workplace screening is moving away from physical, onsite events and toward digital, remote solutions. This shift introduces new legal and privacy considerations. As employees use smartphone cameras or home-based kits to perform screenings, questions arise about data security, the accuracy of the technology, and the potential for new forms of discrimination. The law is often slow to catch up with technology. We can expect to see new regulations and court cases that address the unique challenges of digital biometric screening. For employees, this means it will be more important than ever to understand how their data is being collected, stored, and used. For employers, it offers a path to reach a wider, more distributed workforce, but it also requires a greater emphasis on digital security and clear communication about privacy.

Frequently asked questions

Q: Can my employer see my individual biometric screening results? A: No. Under HIPAA privacy rules, your employer is only permitted to receive aggregated, de-identified data. Your specific results should be confidential between you and the screening vendor.

Q: Can my job penalize me if I don't participate in a biometric screening? A: Your job cannot take adverse action against you, like firing you. However, if the screening is part of a voluntary wellness program that offers an incentive, you may forgo that reward (like a lower insurance premium) if you choose not to participate. The legality of the "penalty" depends on whether the incentive is within the legal limits (typically 30% of self-only coverage).

Q: What if I have a medical condition that prevents me from meeting the health goals in a wellness program? A: If the program is a "health-contingent" program, the law requires that your employer offer a "reasonable alternative standard." This means you must be given another way to earn the reward, such as completing a health education course or working with your doctor.

Q: Are these biometric screenings even accurate? A: The accuracy can vary depending on the equipment, the vendor, and the method of collection. Traditional venous blood draws analyzed in a lab are the gold standard. Finger-stick tests and new digital methods are generally reliable for screening purposes but may have wider error margins. It's always a good idea to share your results with your primary care physician for interpretation and follow-up.

As technology evolves, companies are moving beyond the logistical challenges and privacy concerns of traditional, onsite screening events. Circadify is at the forefront of this shift, developing solutions that allow for secure, remote health assessments. To see how this new generation of wellness technology works for enterprise health systems, learn more at circadify.com/industries/health-systems.