Hiring & Background Screening: FCRA, ADA & GINA

Domain four moves to the workplace, where the law balances an employer's legitimate need to know against an employee's privacy. In private employment, the Fourth Amendment generally doesn't apply, that constrains government employers, so private-sector workplace privacy is built from statutes and common-law expectations rather than the Constitution. The domain breaks into three phases the exam follows: before employment, hiring and screening; during employment, monitoring; and investigations and the end of employment.

We start with hiring, where the central tension is how much an employer may dig into an applicant's background, and which laws govern each kind of digging. Three statutes dominate this lecture: the F-C-R-A for background checks, the A-D-A for medical information, and GINA for genetic information.

When an employer hires a third party to run a background check, that report is a consumer report, so the Fair Credit Reporting Act applies, and the exam tests its precise sequence. Before pulling the report, the employer must give the applicant a clear, standalone disclosure, not buried in the application, and get the applicant's written authorization. If the employer then plans to take an adverse action, like not hiring, based even partly on the report, it must first send a pre-adverse-action notice that includes a copy of the report and a summary of F-C-R-A rights, giving the applicant a chance to dispute errors.

Only after a reasonable wait does the employer send the final adverse-action notice. Skip a step, and you've got an F-C-R-A violation, this disclose, authorize, pre-adverse, adverse rhythm is a classic exam target.

The Americans with Disabilities Act, the A-D-A, sharply limits when an employer can ask about health, and the timing is everything on the exam. Before making a job offer, an employer may not ask disability-related questions or require a medical examination, it can only ask whether the applicant can perform the job's essential functions. After a conditional offer, the employer may require a medical exam or inquiry, but only if it does so uniformly for everyone entering that job category.

Any medical information obtained must be kept confidential and stored in separate, secured files apart from the regular personnel file. The A-D-A also requires reasonable accommodation for known disabilities. So pre-offer medical questions are the trap, and post-offer they're allowed only when applied evenhandedly.

The Genetic Information Nondiscrimination Act, GINA, fills a specific gap: it bars employers from requesting, requiring, or using genetic information in employment decisions. Genetic information is broad here, it includes an individual's genetic tests, their family members' genetic tests, and family medical history, since family history reveals genetic risk. So an employer can't, for example, ask about family medical history on a wellness questionnaire without running afoul of GINA, and there are only narrow safe harbors for information acquired inadvertently.

Like A-D-A medical data, genetic information must be kept confidential and segregated. The exam pairs GINA with the A-D-A because both restrict health-adjacent information, the A-D-A targets disability and medical exams, GINA targets genetic and family-history data.

Hiring privacy doesn't end with the three core statutes, so the exam adds a few overlays. Credit checks on applicants are an F-C-R-A consumer report, but several states go further and restrict or ban using credit history in hiring except for specific positions, so a nationwide employer can't apply one credit-check policy everywhere. Screening applicants' social media is legal in general, but it's risky: the moment you view someone's profile, you may learn protected-class information, religion, age, disability, pregnancy, that you can't lawfully consider, creating a discrimination-claim trail.

That ties into the equal-employment overlay: even a facially neutral screening practice can violate Title Seven if it has a disparate impact on a protected group without being job-related and consistent with business necessity, and the E-E-O-C scrutinizes blanket criminal-history and credit screens for exactly that. The defensible posture is a documented, job-related, consistently applied process that collects only what the role justifies.

Let's make hiring a clean map. If the employer uses a third-party background report, it's the F-C-R-A, with the disclose-authorize-then-pre-adverse-and-adverse-action sequence. If the question is about health questions or medical exams, it's the A-D-A, and the answer turns on pre-offer versus post-offer timing.

If it's genetic information or family medical history, it's GINA. Layered on top, many states have ban-the-box laws that delay when an employer may ask about criminal history, and some restrict credit checks, so state rules can move the timeline. The favorite distractor skips the F-C-R-A pre-adverse-action notice, sending only a final rejection, that omission is the violation, because the applicant never got the chance to fix an error in the report.

Recap: F-C-R-A sequence, A-D-A timing, GINA's bar, and state overlays. Now go test yourself, then on to monitoring employees.