FAQ’s
Technical Support
Sales Inquiries
General Question
Q
Why is genomic data security important?
A
Genomic data is a class of health data. Many experts consider it to be more sensitive than normal health record data as it contains immutable and predictive information about individuals and their risk of many conditions, such as cardiovascular disease, dementia and cancers. Significantly it also predicts the risk of disease of other relatives as well as giving information on relatedness to people in ones life.
Q
What if a genomic data base was hacked?
A
Once a genomic database is hacked the data is irretrievable and even if a ransom is paid there is no way to tell if the data has been copied, stored or sold.
Q
Do health databases get hacked?
A
There have been hundreds of hacker breaches of health databases around the world and these continue to occur regularly. Usually there is a ransom demanded and sometimes sensitive health data about individuals is released onto various internet and dark web sites.
Q
What is the legislation around genomic data security?
A
In the United States, HIPAA was enacted in 1996 and provides guidelines for the use and disclosure of protected health information, including genomic data. HIPAA’s Privacy Rule establishes national standards for protecting the privacy of individuals’ health information, including genomic data, held by covered entities and their business associates.
GINA, enacted in 2008, is a federal law that protects individuals from discrimination based on their genetic information in employment and health insurance. The law prohibits health insurance companies and employers from using genetic information to make decisions about a person’s eligibility, coverage, or premiums.
In addition to HIPAA and GINA, there are other laws and regulations that impact the use of genomic data in the US, including the Common Rule, the Clinical Laboratory Improvement Amendments (CLIA), and state laws governing genetic testing and privacy.
Q
Is genomic data security an organisational level risk?
A
The reputation of healthcare and research institutes can be lost in one data breach. In a recent Australian data breach, a ransom was not paid and many thousands of individual reproductive and other very sensitive records were posted to the dark web.
Q
Can anyone else access my records if my genomic data is held in GeneCrypt technology?
A
GeneCrypt technology allows private key permissioned access to the record or designated regions of the record. Ultimately the data subject (the individual can control that access or delegate specific permissions to researchers (via Ethics Approvals) or by standardised permissions to specific clinicians or clinical teams. For example, a patient may grant permission to a team or a team member to view their BRCA cancer genes or gene regions but deny access to a Huntington Gene region.