The intersection of healthcare and technology is a rapidly growing area. One thriving field at this intersection involves obtaining, processing, and storing genetic data. While the benefits have been great, genetic information can reveal a great deal about individuals and their families. And the information that can be conveyed from genetic data appears limitless and is constantly growing and changing. Many entities have begun storing, processing, and sharing genetic data on a very large scale. This creates many privacy concerns that the current regulatory framework does not account for. The line between patient data and consumer data is blurred; many entities are interested in obtaining genetic data with varied interests. In the direct-to-consumer genetic testing market, consumers pay to send private companies their DNA samples in exchange for a trivial amount of information about their ancestry and health risks. But health data obtained and processed by a company are subjected to far less stringent privacy regulations than health data obtained and processed at a doctor’s office or hospital. This Comment summarizes some of the current genetic privacy problems in United States laws and examines the EU’s recently adopted GDPR for a possible solution. A GDPR-style regulation could provide more consistency, give individuals more control, and protect against future unknown uses.
Genetic Data Privacy Solutions in the GDPR,
Tex. A&M L. Rev.
Available at: https://scholarship.law.tamu.edu/lawreview/vol7/iss1/7