In the wake of countless biometric privacy class action lawsuits that have inundated court dockets in recent years, Illinois employers stand to face yet another round of privacy-based civil action. This time, the legal crosshairs are redirected towards alleged violations under the Illinois Genetic Information Privacy Act (GIPA). The threat isn’t limited to firms engaged in direct-to-consumer genetic testing either.
This observation forms part of the legal landscape analysis conducted by Bryan Cave Leighton Paisner, as reported by JD Supra. Companies operating in Illinois and beyond should take heed of this imminent escalation in legal concerns, particularly if they handle or process any form of genetic information from their clients or employees.
The GIPA, which is similar to the Illinois Biometric Information Privacy Act (BIPA), imposes stringent obligations on firms to protect the genetic information of individuals. Just like BIPA lawsuits that have targeted biometric information-related breach, the GIPA presents plaintiffs with the possibility of taking legal action against companies that fail to properly handle genetic information.
The concept of genetic privacy has gained added significance in recent years, further fuelled by the increasing popularity of consumer genetic testing. As genetic data has the potential to provide a wide array of personal information beyond mere medical predispositions, the importance of proper handling and privacy protections of such data cannot be understated.
However, a burgeoning field of genetic information application and storage has left a legal vacuum, creating complexities and concerns for both the public and corporations. With clarity on the rights over genetic data still somewhat nebulous, litigation under the GIPA is likely to focus on this grey area, setting important legal precedents in this increasingly critical arena in privacy law.
Essentially, the impending wave of GIPA-based class action lawsuits could have wide-reaching implications for all corporations handling genetic data. The time for companies to reassess their privacy protection mechanisms and legal compliance frameworks, particularly in the realm of genetic data, is most certainly now.