A Family Consents to a Medical Gift, 62 Years Later

Should researchers control the use of everyone’s genomes?

It’s time for a national debate about when and how our genetic information should be used.  The healthcare industry and government are planning that our genomes will soon be part of our electronic health records, so that sensitive data can be used without patient consent. The cost of sequencing a genome will soon drop below $1,000.

But the debate about who should control the use of this unique, personal information must be informed by knowing/tracking the hidden flows of genetic data.

The next phase of theDataMap should track the use, sale, and disclosure of genetic information: from hospitals, labs, and genomic sequencing companies to private biobanks, etc, etc.

We cannot weigh risks vs. benefits of open access to genetic data when the risks are unknown.

The Ethics of Publishing Genomes: Can Today’s Family Members Give Consent for the Next Generation?

To view the full article by Andrea Peterson in ThinkProgress, please visit: The Ethics of Publishing Genomes: Can Today’s Family Members Give Consent for the Next Generation?

In the early 1950’s, doctors at Johns Hopkins took the cells from Henrietta Lacks’ tumor and, without her consent, have used them for years for research. Earlier in March, the entire genome of Henrietta Lacks was published with neither the knowledge nor consent of her surviving family. This privacy breach has “started a new chapter in that tale about the complex relationship between researchers and the privacy of genetic information.”

Some key quotes from Dr. William Pewen, Assistant Professor of Public Health and Family Medicine at Marshall University, and a former top health care adviser to the now retired Sen. Olympia Snowe (R-ME):

  • -“The release of Henrietta Lack’s genome illustrates the fact that genetic information isn’t an individual matter — it impacts family members as well. This underscores the need to ensure the rights of individuals and preserve the confidentiality of research data. Once patient privacy is lost, problems are simply compounded. Just how can today’s family members give consent for the next generation?”
  • -“[i]n an age of technology advances and ‘Big Data’ analytics, it’s clear that medical data can be used in countless detrimental ways. That will simply be fostered if we allow ethics and human rights to be undermined by expediency.”

Re: “You for Sale, A Data Giant is mapping, and Sharing, the Consumer Genome”

Below comment in response to the New York Times article “You for Sale, A Data Giant is Mapping, and Sharing, the Consumer Genome.”

Acxiom is the poster-child for why tough new laws are needed to protect personal information on the Internet, in electronic systems, and on cell phones ASAP. No data should be collected about Americans without prior meaningful, informed consent.

Natasha Singer’s story is a must read to understand how the use of personal data threaten people’s jobs, reputations, and future opportunities. The information is analyzed and sold to those who want detailed real-time profiles of who we are, including the health of our minds and bodies. Data analytics enable Acxiom to create and sell far more intimate, detailed personality and behavioral portraits than our own mothers or analysts might know about us (and would never share).

Most people have never heard of Acxiom or other hidden data users. Today, most Americans have no idea that personal data is used by thousands of corporations and government agencies to make decisions about whether they will receive jobs or benefits.

Even though the hidden data mining industry began by using personal information to improve marketing and advertising, Acxiom proves that the kind and amounts amount of identifiable data being collected are simply unacceptable. As for the collection of health information, the data mining industry is clearly violating Americans’ very strong legal, Constitutional, and ethical rights to control and keep personal health data private. To the public, this is theft of personal health information.

On June 6th at the 2nd International Summit on the Future of Health Privacy, Professor Latanya Sweeney of the Harvard Data Privacy Lab along with Patient Privacy Rights introduced theDataMap.org. This project will enable citizens and whistleblowers to help create a detailed picture/map of where sensitive personal health information flows, from prescription records, to DNA, to diagnoses. Without a ‘chain of custody’ for our identifiable health data, it’s impossible to know who uses our data or why. A ‘chain of custody’ for personal health data could show us whether potential employers or banks had bought or received our health data, learn about the many ways the federal government uses health data as described in the Federal Health Information Technology Strategic Plans, and see the names of for-profit and public research and public health institutions that use personal health data.

Health data has long been used to discriminate against people for jobs, insurance, and credit. This fact is so well known that every year tens of millions of us refuse to get early diagnoses and treatment for cancer, depression, and sexually transmitted diseases. Hidden data flow causes bad health outcomes; treatment delays can be deadly. We need the same kind of control/consent over the use of electronic health data that we have always had for paper medical records.

US Internet and electronic systems have made us the most intimately surveilled people in the Free World. In Europe, strong laws and privacy-enhancing technologies prevent hidden data collection and data flow, so everyone benefits from technology and harms are avoided.

European standards for the collection of personal data were created after WW II, when data were used to decide who would die. Europeans consequently passed the world’s toughest data privacy laws, preventing personal data from being collected or used without consent.

Europe also established regional Data Privacy Commissioners to defend citizens’ rights to control the collection and use of personal information and ensure data accuracy. The US needs them too.

Unless we know where trillions of bytes of our personal data flow, who uses it and why, we cannot weigh the benefits and risks of using the Internet, electronic systems, or cell phones. It’s time for Congress to end the massive hidden flows of personal data.

Genomes: Behold or Beware

Patients whose physicians “collaborate” with genetic testing corporations should beware. Today, Navigenics and all genetic testing businesses can legally sell genomic data. There is no way to know which ones sell or use data without informed consent and which don’t. Americans’ personal health information is extremely valuable to corporate America. Genomic data requires extreme privacy protection because it can be used to harm not only an individual but all his/her relatives.

According to Navigenics, the personal data shared is “aggregated” and “de-linked” from “your account information”, but Navigenics offers no proof that it cannot be re-identified.

As we learned from the NIH experience, it is very difficult to “de-identify” or “anonymize” genetic data. The NIH closed a public research data base of “de-identified” genetic data after researchers proved the data could be re-identified See: . Corporations that share “de-identified” or “anonymized” health data should be required to publish the algorithms that were used and prove the data cannot be re-identified.

Questions abound:
• How can anyone be sure that Navigenics protects the privacy of genomic tests without trusted external audits of their privacy practices and policies?

• Does Navigenics pay MDVIP’s doctors a “kickback” for “collaborating” each time a patient gets genomic tests? Does MDVIP inform patients that it has a contract with Navigenics and what each doctor is paid?

• Who is being paid for “collaboration”? What exactly are the financial and contractual terms of “collaboration” between MDVIP and Navigenics?

• Do MDVIP’s patients really understand the risks of using Navigenics to do the testing or the risks of letting Navigenics share their genomic data with unknown researchers and research organizations—-that can put their data into public data respositories and publish it in studies? Or the security risks that a particular public respository can be hacked?

• Are MDVIP’s patients coreced into taking Navigenics tests by their doctors? Most patients want to do what their doctors recommend. What is the consent process?

• Did MDVIP contractually sell or give their patients’ genomic data or to Navigenics to own or sell? Should the public trust Navigenics, a for-profit corporation, when personal genomic data is a very valuable commodity?

• Should any for-profit collaboration “define the standards in which preventive genomic medicine will be integrated into patient care for decades to come”? No consumer health privacy expertise, assessment, or input was sought.

• There is not yet an operational, trusted, consumer-led privacy certification organization to audit genomic testing corporations to certify they don’t sell genomic data and that consumers control sensitive personal genomic data in their data bases. In the absence of a trusted privacy certification organization, the privacy principles developed in 2007 by the bipartisan Coalition for Patient Privacy or the Code of Fair Information Practices could be used as guides for building a genomic testing and preventive healthcare system that consumers will trust and be willing to use.

• Would MDVIP’s patients still feel “the experience (was) positive”, “empowered rather than anxious”, and “desire to change their lifestyles and more productively work with their physicians” if they knew their doctors were paid by Navigenics and their data was sold and/or put in public data repositories with unknown security and privacy protections?

This blog is in response to the article: Physician network to use genomic-based preventive healthcare

Response to: Will Technology Cure Health Care — Or Kill It?

Giving your genome to a for-profit corporation for testing today is a very dangerous act for the following reasons:

1) Americans NO longer have the right to health privacy! Today, your rights to health privacy in electronic health systems are nil. You have no control over personal electronic health information. Federal bureaucrats eliminated our rights to control the use and disclosures of personal health information in electronic systems in 2002. The media has not reported on this drastic elimination of every Americans’ privacy rights. See HIPAA’s Intent v. Reality.

2) Once you reveal your genome, you will never be able to delete it from the private corporation’s data bases or make it private again. Why on earth would you pay someone to take and use the most personal health data that exists about you and your family for whatever purposes they choose? Think about Paris Hilton’s sex video, once it was out in cyberspace, it can never be private again. It will live for millenia on the Internet.

3) Why pay a private corporation like 23andMe or any other for-profit genetic testing lab to take your extremely valuable and sensitive personal health data and give it to them as a CORPORATE asset—to sell, to disclose to researchers for studies you might not want to be part of, to sell as an asset to employers or insurers or financial institutions, or even to sell to the US Government as part of the data profiles they are building on every American in Fusion Centers.

4) The legal duties of coporations are to stockholders, not to patients or people who buy genetic tests. Genetic testing labs like 23andMe can be bought by Google or the Bank of America or to a business that sells employers genetic snapshots of future employees’ potential illnesses. Even if you trust a genetic lab—-you have no control over whether that corporation is sold to another corporation that you would never want to own your DNA.

5) Today’s health IT systems are notoriously insecure and hackable. An industry study of 850 electronic health records systems found ALL of them could easily be hacked. See Article.

What assurances do you have that the lab’s database is secure enough to prevent your genome or genetic tests from being stolen?

6) It is crtical to understand that giving ownerhsip of a personal asset like your DNA or genome to a corporation is a very bad idea. Not only do you put your future opportunities at risk, you endanger your entire family’s futures at the same time.

As a practicing physician who has spent over 30 years listening to patients whose sensitve medical records were used against them by employers or used to humiliate them or harm them in public, I am very well aware of how personal health information is used to harm people and ruin lives. I founded Patient Privacy Rights because health information should never be used except to help you get well or for research WITH your informed consent. No one should be denied a job or a promotion because of fears about their future health.

Because of the lack of privacy, 600,000 people refuse to seek treatment or early diagnosis for cancer and 2,000,000 refuse treatment for mental illness. 150,000 Iraqi vets refuse treatment for PTSD because they fear their treatment will not be private. The result is the highest rate of suicide among active duty military in 30 years. The lack of health privacy kills.

Current law is just not enough to protect health privacy. GINA is not enough. We need Congress to restore our longstanding Constitutional, legal, and ethical rights to control personal health information. Without that right firmly re-established in Federal law, giving ANYONE your sensitive genomic or health information is a very bad idea.

Check out our website. You can sign up for e-alerts about health privacy in the Digital Age. If we are able to restore control over our personal digital health information, then we have a powerful model for building personal control over ALL our personal electronic data (financial, email, phone records, purchases, etc). If you do not fight for your privacy rights, who will?

If EVERYTHING about you is for sale and can be seen by everyone, will you continue to have your precious liberties and freedoms?

See Original Article