Ten years ago this year, Congress passed the Genetic Information Nondiscrimination Act, a whopper of a law conceived at the onset of an era of rapid advancement in genetics. It was intended to protect Americans from all the ways their genetic information might one day be used against them. More commonly known as GINA, the law has plenty of flaws and loopholes, for which it has gotten a fair amount of flack. But GINA also created new rights for citizens when it comes to their DNA. And one of those was giving them access to it.
It wasn’t until 2014 that the United States granted individuals a right of access to their own laboratory test results, including genomic data. A regulatory change set in motion by GINA, this decision is still viewed by many as troublesome. It may seem obvious that you should have access to medical information about yourself, but it gets complicated when you consider how confusing genetic information can be. Sometimes a DNA test reveals genetic variants that are ambiguous, poorly understood, or just plain wrong, and without the tools to interpret these, people might make misinformed decisions about their health based on clinically insignificant data. Which is more important: Protecting people’s access to their own information, or protecting their safety?
The late Senator Ted Kennedy called GINA the “first major new civil rights bill of the new century.” In a paper out Thursday in the American Journal of Human Genetics, University of Houston law professor Barbara Evans argues that this is exactly the lens through which our access to genetic information should be seen.
“Like the right to vote, access to one’s own genomic data is a foundational civil right that empowers people to protect all their other civil rights,” Evans writes. The protections afforded by GINA not only protect against a potential future of genetic discrimination in employment and health insurance, but against the infringement of other rights. For that reason, she argues, protecting access to genomic data shouldn’t be compromised in the name of things like patient or consumer safety. Unfettered access should be safeguarded in the way we safeguard civil rights, she says.
Evans draws a parallel to Civil Rights Era, when the Voting Rights Act of 1965 displaced state laws that required unreasonably difficult literacy tests for voter registration—the right to vote, it was found, was a stronger right than that of the state to determine the circumstances under which people could vote. Similarly, creating federal right of access to genomic data in 2014 required displacing state laws that blocked access to that data on the basis of perceived health illiteracy. The importance of access to that data overwhelmed the state’s ability to interfere with it.
“Blocking people’s access to their genomic data has the potential to deprive them of these and other constitutional rights,” she concludes.
For example, she writes, access to genomic data allows people with rare genetic variants of unknown significance to find others with the same variants via the web, assemble, and petition for researchers to clarify the significance—all activities protected by the First Amendment. Likewise, the sixth amendment protects the right to a fair trial. But what if a lab wrongly attributes a disease variant to you, and that variant winds up in the FBI’s DNA database and gets you convicted of a crime? Or what if that information is shared, and impacts your ability to obtain life insurance (a discrimination that GINA does not protect against)?
“How can you detect and correct another person’s disease variant that is wrongly in your file, and how can you assess your overall level of re-identification risk, if you cannot see the data that a laboratory stores about you?” Evans writes.
Evans argues that there are others ways to balance the tension between safety and access to genomic data. Regulators, she writes, could issue warnings and disclosure statements about tests, and reliability scores could be developed for tests as well.
Many advocates for genomic privacy agree with Evans’ stance.
“It is not the place of government to decide whether or not individuals are smart enough to have access to and share their own genetic information,” said Petter Pitts, the president of the Center for Medicine in the Public Interest and a Former FDA Associate Commissioner. “It is government’s role to responsibly protect private information from third parties who may chose to use them for scientific or business reasons. Most urgently, this includes 21st century informed consent.”
But Hank Greely, a bioethicist at Stanford, told Gizmodo he disagrees with characterizing the access to genomic data as a civil right.
“Not only wasn’t there the kind of debate and legislation over the HIPAA access rights that accompanied all the other various civil rights acts, but the value of having easy access to all of your medical data, seems not very similar to, and not nearly as useful as, equal rights to employment, accommodation, or voting,” he said. “At the same time, the case Evans makes cannot be summarily dismissed.”
In both the House and the Senate, GINA passed with only one dissenter, Congressman Ron Paul. Recently, though, a motion quietly making its way through the House has begun seeking to undermine certain protections, allowing employers to request that employees undergo genetic testing and giving them access to that data.
Even in the creating DNA access rights, some argue that GINA was not aggressive enough. Evans points out that the way this right was created leaves lots of loose ends. GINA made access to your own DNA right by amending the HIPAA Privacy Rule. That means that in order for you to access your genetic information, it must be stored in a HIPAA-regulated lab. That excludes the labs of most direct-to-consumer DNA testing companies, like Ancestry or 23andMe. It also excludes many research labs.
Under the Common Rule and the HIPAA Privacy Rule, a laboratory can, without asking people, also release their data in de-identified form. Once it’s in the hands of a non-HIPAA-covered entity, privacy protections go out the window, making that data vulnerable to hackers and reidentification.
“A large cast of third parties potentially have access to your whole genome,” she writes, “whereas ethicists debate whether it is ‘information’ you should have.”