Confidentiality, privacy, and security of genetic and genomic test information in electronic health records: points to consider
This paper discusses the wide variety of genetic and genomic data may potentially be included in an EMR and the considerations that must be made in regard to privacy and security of this data. The focus of the paper is discuss the many factors that go into deciding if genetic information requires special protections or be treated differently than other types of health information.
While there are currently laws that address sharing health information such as Americans with Disabilities Act, Health Insurance Portability and Accountability Act (HIPAA), Privacy Rule and Security Rule the authors explore if these provide enough protection of genetic/genomic data. They outline important features of genetic information that contribute to information policy decisions. Some key features the authors discuss are that DNA is unique to individuals, genetic profiles can predict likelihood of developing disease or response to treatment, there have been many historic misuses of genetic information for the purpose of discrimination or stigmatism, genetic information can impact genetically related individuals, genetic material can be collected without patient knowledge and that social views about genetics may change over time. The authors limit their discussion the scope of data associated with RNA, DNA, chromosomes analysis for the detection of abnormalities and defects.
Genetic information can be used to estimate disease risk, evaluate drug dosages and administer effective treatments. The authors illustrate that individualize medicine is a major goal of gather and maintaining genetic and genomic information in the EMR.
The authors discuss the importance of protecting genetic and genomic information to ensure that individuals continue to pursue genetic tests that may improve their medical care without fear of negative repercussions. Interoperability of linked health networks make re-identifying de-identified data more likely because an individual’s genetic profile is so unique. They also illustrate that individuals are readily identified by their genetic information due to the unique genome we each have, much more so than by other information considered sensitive such as disease status or mental health conditions. Additionally, the authors warn that data mining techniques could circumvent privacy regulations. The authors warn that if genetic/genomic data is not carefully protected, individuals could face possible employment or insurance discrimination.
The authors suggest techniques to protect data such as data masking and controlled access.
Comment: The authors do a thorough job of discussing the complexity of determining how genetic/genomic data should be handled. The potential benefits to society and the individual to collecting the information is carefully weighed against the risk of negative social consequences. More debate about the merits of the information and protection of individuals is desperately needed as technology is rapidly advancing and the collection of large volumes of genetic information is underway.