Employers in the United States (US) increasingly offer personalized wellness products as a workplace benefit. In doing so, those employers must be cognizant of not only US law but also European Union (EU) law to the extent that the EU law applies to European immigrants or guest workers in the US. To the extent that wellness programs are implemented in either public health or employment contexts within the US and/or EU, sponsors of these programs can partner with direct-to-consumer (DTC) genetic testing companies and other digital health companies to generate, collect, and process sensitive health information that are loosely or partially regulated from a privacy and nondiscrimination standpoint. Balancing claims about the benefits of wellness programs are concerns about employee health privacy and discrimination and the current unregulated nature of consumer health data. We qualitatively explored the concerns and opinions of public and legislative stakeholders in the US to determine key themes and develop privacy and nondiscrimination best practices. Key themes emerged as promoting a culture of trust and wellness. Best practices within these themes were: (1) have transparent and prominent data standards and practices, (2) uphold employee privacy and nondiscrimination standards, (3) remove penalties associated with biometric outcomes and nondisclosure of sensitive health information, (4) reward healthy behavior regardless of biometric outcomes, and (5) make program benefits accessible regardless of personal status. Employers, DTC genetic testing companies, policymakers, and stakeholders broadly should consider these themes and best practices in the current absence of broad regulations on nondiscriminatory workplace wellness programs.