Download this article as a .PDF
There is so much you can learn from your genes! I’m a big fan of genetic testing, but I’m also very concerned about the privacy risks of genetic data.
Let’s look at some of the concerns about genetic testing and some ways to reduce the privacy risks.
Is it possible to remain anonymous with DTC genetic testing?
Yes and no…
You can use a pseudonym and a private email address to protect your identity. This is a simple step, but it may violate the terms of service on the testing company’s website.
If you go the anonymous route, make sure you don’t order the test kit directly from the company. For major genetic testing companies like 23andMe, AncestryDNA, FamilyTree, and MyHeritage, test kits are available through Amazon or other online retailers, and some are sold in brick-and-mortar stores.
Once you’ve submitted the test, you can remain more anonymous on the site by:
- not opting into research studies (often masquerading as survey questions)
- don’t participate in relative matching or share your family tree
The major genetic testing companies, such as 23andMe, AncestryDNA, FamilyTree, and MyHeritage, allow you to download your data and then delete it from their website.
Read the privacy policy and terms of service:
The large ancestry-based genetic testing companies have straightforward privacy policies that explain how your information will be stored and used. Some of the smaller genetic testing companies make it a little harder to find information about how your data is used and whether you can request that it be deleted. Contact customer service and push for answers about what happens to your data – who has access to it, is it shared with third-party researchers, is it kept indefinitely, can it be deleted?
Things to look for in a testing company’s privacy policy:
- Will your genetic or personal data used for marketing?
- Is it shared with a third party (whether anonymized or not)?
- Is your genetic data considered a company asset that will be sold with the business? (Smaller genetic testing companies may have a business goal of amassing data and selling out to a tech giant.)
Before you upload your data for a “free report” or to another service:
There are many companies that will generate a report from your genetic file. Again, the business goal of some of these sites is to amass genetic and personal data as a business asset. There’s a saying in the tech industry: “If the product is free, you are the product.” This refers to the value of user data.
Even if the report isn’t free, consider whether the company has your best interests at heart in the way it stores and retains your genetic data. Again, always read the privacy policy and TOS before uploading your genetic data file.
Here’s Genetic Lifehack’s privacy policy. The data connection to your genetic raw data file is local to your hard drive — genetic data is not transmitted over the Internet or stored on a server. Other genetic report companies will keep your genetic data, and you’ll want to make sure they store it securely and don’t allow third parties to access it.
Can insurance companies use your genetic data from 23andMe, etc?
If you take your genetic results to your doctor and they are added to your electronic health record, it is possible that an insurance company could have access to this information.
In the U.S., health insurance companies are prohibited from changing your rates or dropping you based on genetic information.
However, long-term care and life insurance companies may consider known genetic and health information in setting rates and policies. This varies somewhat from state to state at this time, but keep in mind that laws are changing and your future ability to get long-term care insurance could be affected.
Here’s a good article on the current US laws for genetic information and long-term care insurance.
Let me give you a scenario: You do 23andMe or another test and find out that you are a carrier of the APOE E4 allele and are at higher risk for Alzheimer’s disease. Then you go to your doctor and talk to him about Alzheimer’s prevention. The doctor enters your APOE information into your electronic health record. A few years later, you decide to buy long-term care insurance, and the insurance company requests access to your medical records before issuing the policy. They’ll also ask about your health and family history, and may ask you to disclose whether you’ve had genetic testing. The APOE information you discussed with your doctor several years ago may prevent you from getting the long-term care policy or affect your rates.
Storing your data:
After you download your genetic data from the testing company, you will want to be sure to store it in a place where you won’t lose it. You may want to back up your data file to an offline hard drive or USB drive.
Storing your data online is another option, but be sure that you are storing it in a location that ensures privacy. Consider whether you would store other important documents – like your tax return – on that cloud storage service, and treat your genetic data with similar care.