After gene testing businesses were criticized by state regulators last year for marketing to California residents without a license to perform clinical laboratory tests, the industry decided it was time for new regulations — which it decided to write.
A bill drafted by 23andMe and introduced by state Sen. Alex Padilla (D-San Fernando Valley) would exempt gene-testing firms from requirements faced by other kinds of labs while adding new privacy protections for consumers.
The Mountain View company believes its regulations are better suited to modern math-based genetic analyses, rather than the conventional world of test tubes. Last year, the California Department of Public Health sent “cease and desist” letters to 23andMe, Foster City-based Navigenics and10 other genomics firms to comply with a state law that regulates laboratories in California. The companies later obtained licenses — but they now argue that they should not need to.
Read more in The Santa Cruz Sentinel. This appears to be a very complicated issue that requires scrutiny. In the article, it mentions that 23andMe is one of several companies that are also using the tests to compile a vast database of genetic information of data that could be worth millions of dollars to outside researchers. If that’s the case, then is their proposal — that companies delete identifying information linked to customers’ data and gain the consent of customers before using the data for research — sufficient? I would think that it’s not, and that any company or lab handling identifiable or potentially re-identifiable genetic information should be considered a covered entity under HIPAA with all that entails. If it means revising HIPAA, so be it.
“We want to be regulated, but the current body of laws does not fit,” said spokesman Jim Gross of 23andMe, which was co-founded by Anne Wojcicki, married to Google’s Sergey Brin. 23andMe is backed in part by Google and Genentech. “The current law is focused almost completely on ‘wet labs,’ which process a biological sample. We are dealing with data, not the actual sample.”
“We’re not practicing medicine,” he said. “This is information about who you are, what your body is about.”
And to the extent that information about who you are and what your body is about is health information, then why should this not be considered protected health information? A lab that runs blood tests is not practicing medicine, it is analyzing specimens. Yet they are covered. So, too should these other entities be covered.