TimiHealth is an affected firm that seeks to move customer data, with consent, to an allegedly more secure blockchain platform, TimiDNA, citing 23andMe’s monetization of their data and CMS’ Blue Button initiative, a recent meeting in which 23andMe participated as a developer. Blasting away, TimiHealth stated that “It flies in the face of the mission of CMS, and the MyHealthEData initiative and the goal of putting patients first.” Release
However, the consumer marketing of DNA testers such as 23andMe, Ancestry.com, and smaller competitor Helix, has already led to multiple privacy questions on how the data of millions are being used and sold.
This Editor would feel safe in assuming that most customers do not know nor particularly care that GlaxoSmithKline (GSK) as of July owns 50 percent of 23andMe via a $300 million investment. Both have announced a four-year partnership to use the 23andMe genetic database for drug research. For instance, the LRRK2 gene has been linked to some forms of Parkinson’s disease. GSK needs about 100 for a trial sample of one, but 23andMe has already provided 250 Parkinson’s patients who have agreed to be re-contacted for GlaxoSmithKline’s clinical trials. Scientific American
While most data is de-identified, you can agree to be contacted for further use in clinical trials, which is fine–but most users do not know how to opt out. It’s a surprisingly tricky process, as outlined in this useful Business Insider article, and you may not be able to withdraw all your data or have your saliva sample destroyed.
Data can be hacked and reprocessed. Three years ago, TTA explored reports on exactly how de-identified genomic data could be made identifiable through the ‘nefarious use’ of genomic data sets available through research networks [TTA 31 Oct 15].
Despite the trite, simplistic, and condescending commercials by Ancestry.com on how someone found they had ethnic or national roots they never dreamed of, or were related to royalty, both giving meaning to their presumably mundane life, genetic info has value beyond the feel-good. It’s long past time for a plain language Genomic Data Bill of Rights.
- Individuals should know how their personal genomic data is being used and how it is being protected
- They should be able to opt out of use, identified and de-identified, easily–and not have to jump through hoops
- Reporting/interpretation should also have integrity, consideration, and respect that it may upset a person or that it may not be interpreted correctly, which is a fundamental problem
- A more radical view is that the same individuals should be compensated when their data is used
This Editor will settle for the first two bullets, for now.