Genetic Information Privacy in the Age of Data-Driven Medicine

As the costs for genomic sequencing continue to decrease, genetic testing is increasingly being used to confirm or assist in detection and treatment of many diseases. Companies such as 23andMe and Navigenics offer genetic tests using genome-wide technology direct to consumers over the Internet. As sources of genetic information proliferate, issues of privacy protection are increasingly problematic in relation to the use and disclosure of genetic information. This paper aims to identify the most important privacy threats to genetic information, and explain how to use privacy techniques and policies to mitigate the threats. This paper first describes the problem of genetic information privacy in the age of data-driven medicine. It then identifies the most important threats to genetic information and presents a case study that demonstrates how these threats might be intrinsic to genetic testing entities. Since existing privacy protection approaches are inadequate to address the threats, we develop a comprehensive privacy and security framework that integrates policy considerations and innovative data anonymization technologies and sketch countermeasures which can be taken to protect genetic privacy. We conclude with a discussion of the implications of the study and directions of future research.