Security at Navigenics and 23andMe
Security of genetic information is an enormous concern for individuals, and thus an enormous concern facing commercial genetic enterprises. I was recently having a conversation with someone about the security of genetic and personal information at companies such as 23andMe and Navigenics, and I pointed out that the very livelihood of these organizations depends on their ability to secure information. A single security breach could potentially drive away future customers.
On that topic, Ryan Calo, a residential fellow at Stanford Law School’s Center for Internet & Society writes about a panel discussion held at the law school (pdf poster here):
“With a credit card and a saliva sample, consumers can now unlock the secrets carried in their DNA. Consumer genomics offers direct access to one’s genetic code, plus interpretations of health risks, family lineage, opportunities for social networking, and more. But how should consumer genomics be regulated? Join us for a panel discussion with leaders at the forefront of consumer genomics (23andme and Navigenics), media commentators (Alexis Madrigal from Wired), and policy makers.”
The moderator of the discussion was Hank Greely, a professor at Stanford whose work I highly respect and enjoy.
Calo writes in his blog that Navigenics has a strong statement in their privacy policy that they “will use reasonable and lawful efforts to limit the scope of anyâ€Â legally required disclosure, such as subpoenas and court orders. During the talk, 23andMe co-founder Anne Wojcicki stated that 23andMe also has a policy to fight unreasonable requests for information (such as subpoenas). Calo has more at his blog.
A recording of the panel discussion will be made available here at some point in the future.
November 19th, 2008 at 11:30 am
Role of physicians in helping patients interpret results from direct-to-consumer (DTC) genetic tests Effect of DTC market on molecular diagnostic laboratories Patient and consumer security (Blaine at The Genetic Genealogist recently wrote aboutsecurity at Navigenics and 23andMe) Public relations and business strategies to optimize public perceptions of DTC genetic testing (given
November 18th, 2008 at 1:28 pm
[...] success of companies such as 23andMe and Navigenics hinges on good data security, says Blaine Bettinger at the Genetic Genealogist. "A single security breach could potentially [...]
November 20th, 2008 at 9:20 am
[...] Mouse TrapMedical Museion Weblogbusiness|bytes|genes|moleculesBlind.Scientist Security at Navigenics and 23andMe linked to by 2 added on Wed 19th Nov 08Image from Eye on DNAlinked to by 1 posted to The Genetic [...]
November 25th, 2008 at 5:28 pm
[...] Patient and consumer security (Blaine at The Genetic Genealogist recently wrote about security at Navigenics and 23andMe) [...]
November 28th, 2008 at 9:31 am
[...] through DNA test is singled out for pioneering retail genomics. http://www.emaxhealth.com/1/34… Security at Navigenics and 23andMe » The Genetic Genealogist I was recently having a conversation with someone about the security of genetic and personal [...]
December 14th, 2008 at 7:53 am
[...] at the benefits of blogging. Roy at Shrinkrap writes about the GrandRounds over at Sharpbrains. The Genetic Genealogist looks at the security of genetic information and also at the genetics of indigenous populations. Dr [...]
February 17th, 2009 at 6:57 pm
[...] I wrote a longer post about the importance of testing company protections last November (see “Security at Navigenics and 23andMe.”) [...]
January 3rd, 2010 at 5:41 pm
Here is some additional info on the topic of security of customer data and what happens to when a company goes bust. It was written by our genetic counselor at AccessDNA:
http://www.accessdna.com/blog/2009/12/decode-customers-wondering-what-will-happen-to-their-dna/
January 3rd, 2010 at 5:46 pm
It is also worth noting that we have reviewed all online genetic testing providers (including Navigencis, 23andMe, and Pathway Genomics) based on whether the provider clearly displays a privacy policy that includes information about safeguarding the information they collect from users as well as any results of testing. This can be found by going to http://www.AccessDNA.com and searching for the test or the provider you are interested in.