Genetic information about oneself is often disregarded as private by individuals. The genome, or whole set of DNA, is unique to each person, but the particular variations within a person’s genome may be widely shared across biological relatives or even throughout the entire human population. The genome’s dual importance as a private and public collection of widely shared common components makes any discussion of legislation addressing genetic privacy impossible.

As an identity, DNA has been conceived as the person’s ‘book of life’ and as a way to predict the future, although this isn’t as true as many people believe. A common reaction to this way of thinking is the desire to be in control of who has access to their genetic data, which leads to demands for robust privacy protection or even personal genetic data ownership.


Contrary to popular belief, genetic data does not only apply to a single person. It may provide information about a person’s immediate and distant ancestors. A person’s genetic variations can only be understood by examining the genetic data of many other individuals.  Because of the genome’s open nature and high monetary worth, determining how much control people should have and how to offer adequate privacy safeguards is challenging.

A new form of privacy is also gaining popularity since the notion of ‘privacy’ itself has changed over the last several decades. Because of this, the conventional understanding of privacy—as the ‘right to be left alone’—has come under growing pressure in the Information Age. Due to the Internet and other ubiquitous communication technologies, a lot of personal information may be shared without the knowledge or permission of the individual.  Some argue that maintaining one’s secrecy is less important than controlling how their data is distributed and used by others, such as when seeking healthcare, making purchases, and going about their daily life. According to this ‘dominant paradigm’, privacy is defined as a personal right to choose how one’s data is used, both on and off the Internet.


The Genetic Information Privacy Act signed into law by California Governor Gavin Newsom on October 9tH requires direct-to-consumer genetic testing businesses to give information and seek explicit permission from customers about the collection, use, and dissemination of genetic data, provided in bill SB 41.

People now have more say in how their genetic information is utilized, owing to the Genetic Information Privacy Act. Consent may be revoked by customers if they follow specific processes. This means that companies like 23AndMe Inc. and Inc. must delete a customer’s biological sample within thirty days of the customer revoking their permission if the customer cancels the order. 


Recent technological advancements have made it feasible to analyze DNA directly with incredible precision and cost reductions, contributing to the dramatic growth of genome-based approaches such as exome- or genome-based sequencing, which can provide significantly more information than single-gene tests. For certain infants born with developmental disabilities or severe illnesses, genetic testing has already proved useful in identifying diseases with no known cause.

It’s crucial to note that HIPAA only applies to organizations that are either ‘covered entities’ or their business associates (BAs) when dealing with genetic data or any other PHI.  Many unprotected organizations gather genetic information, such as 23andMe and genealogical websites like, which provide genetic testing online. There is currently no government oversight of companies like 23andMe, despite the FDA recently notifying the company that it was marketing its over-the-the-counter saliva collection kit and Personal Genome Service (PGS) in violation of the Federal Food, Drug, and Cosmetic Act. It has been stated by the FDA that ‘a false-positive BRCA-related risk assessment for breast or ovarian cancer could lead to prophylactic surgery, chemotherapy, intensive screening or other morbidity-inducing actions, while a false negative could lead to a failure to recognize an actual risk that may be present

Existing rules governing genetic information are obviously deficient in a wide range of respects. Instead of making safeguards reliant on who possesses the data, one solution to GINA and HIPAA’s flaws—and not only in genetics—is to attach protections to the data itself. This eliminates the patchwork effect caused by so-called ‘covered entities.’.

The genetic data of customers must be protected from illegal usage by direct-to-consumer testing businesses. Consumers’ accounts and genetic data must also be accessible and erasable by the businesses.

Third-party access permission forms must also be more clear for customers. As a result of this, businesses that provide direct-to-consumer genetic testing must abide by all applicable regulations when providing customer genetic data to police enforcement without their permission. As a result of this change in legislation, ancestry websites will still be utilized as tools for law enforcement investigators, according to Umber. Unless permission has been sought directly from the court, individuals cannot sell or give away material. Most direct-to-consumer businesses’ practices are now codified under the new legislation. Civil fines will be levied on companies who break the new rule. As of January 1, 2022, the Genetic Information Privacy Act will go into effect as a result of the legislation.


A basic ethical norm known as The Common Rule governs biomedical research in the United States that involves human subjects and seeks to safeguard their privacy by removing ‘identifiers’ such as their name or address from gathered data. Policymakers have been urged to provide uniform standards and best practices for researchers’ access to and use of genetic data obtained from individuals. 

For biomedical and behavioral research involving human participants, The Common Rule was established in the United States in 1981. In July 2018, a major change went into effect. It regulated Institutional Review Boards (IRBs) to oversee human research after the Declaration of Helsinki was revised in 1975. Regardless of the financing, virtually all academic institutions in the country hold their researchers to these declarations of rights.

Additionally, the Genetic Information Nondiscrimination Act (GINA), safeguards genetic privacy for the general population, as well as research subjects. As a result of GINA, health insurers and employers may no longer seek or demand genetic information on a person or a member of that person’s family (and further prohibits the discriminatory use of such information). Other types of insurance, such as life insurance, are not covered by this policy. The Genetic Information Nondiscrimination Act (GINA)  was signed into law on May 21, 2008.  GINA protects individuals against discrimination based on their genetic information in health coverage and in employment.  

GINA is divided into two sections or Titles.  Title I of GINA prohibits discrimination based on genetic information in health coverage.  Title II of GINA prohibits discrimination based on genetic information in employment.


GINA is primarily an anti-discrimination statute.  Genetic information cannot be used to discriminate against an individual when it comes to insurance by group health and Medicare supplementary plans, but not by life, disability, or long-term care policies.

Genetic information cannot be used in work decisions such as hiring, dismissing, or promotion, according to Title II of GINA. In addition, employers are forbidden from requesting or purchasing genetic information under this provision. If an employer has less than fifteen workers, however, GINA does not apply. Federal government entities are prohibited from collecting and utilizing genetic information on workers or job candidates in hiring and promotion decisions under an Executive Order that goes along with GINA. 

In the United States, GINA allegations are investigated and enforced by the Equal Employment Opportunity Commission (EEOC). As part of its post-offer, pre-employment medical examination, one company was accused by the Equal Employment Opportunity Commission of violating GINA by asking and requiring job applicants to indicate whether or not they had a family medical history for a number of diseases and disorders. The lawsuit, filed in 2013, was settled for $50,000. A week later, the EEOC sued the Founders Pavillion nursing and rehab facility in Corning, New York, in a similar manner.


A person’s privacy refers to how much the public has access to them. Privacy is a concept referring to the significance of limiting access to a person or to information about them.

There are also certain genetic privacy safeguards under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Genetic information is included in HIPAA’s definition of health information, and health care professionals are prohibited from disclosing it to anybody. Protected health information (PHI) now includes genetic information, according to the HIPAA Omnibus Rule of 2013. Data cannot be used for any other health insurance plans save for life, disability, or long-term care insurance, which is still allowed. Long-term care insurance excludes anybody with a hereditary tendency to Alzheimer’s, for example, from being insured. According to the definition, genetic information comprises genetic testing and a family member or their baby or embryo, as well as proof of sickness in a family member. It excludes gender and age.

It’s essential to remember that genetic privacy includes informational privacy Genetics is intimately linked to data, whether it’s in the form of family trees or the findings of genetic tests. Genetic information is often very sensitive due to the potential impact on an individual’s and their family’s present and future health. There are also significant societal and economic ramifications to this discovery.

However, the Omnibus Rule ignores one issue with GINA: GINA is built on an outdated genetics foundation dating back over two decades. Only those who have not yet been diagnosed with an illness, i.e., the condition has not yet ‘manifest,’ are protected under GINA. Numerous genetic markers may now be tested to see whether they are precursors to illness or if the individual would benefit from preventative therapy. For purposes of GINA and HIPAA, genetic markers that are present do not constitute a ‘manifestation’ of a disease.

Concerning genetic privacy and personal privacy in general, three important ideas are secrecy, security, and anonymity. As the term suggests, confidentiality denotes an instance in which information is shared inside a trusted partnership, such as between a doctor and patient with an understanding that it would not be revealed without the consent of those who originally shared it. Confidentiality, which includes not disclosing genetic information, is a cornerstone of many health professionals’ ethical standards and a cornerstone of any laws. In certain situations, such as those recognized by law or ethical standards, other interests, such as the safety and health of third parties, may take precedence over the need to preserve confidentiality entirely.

for assistance serving legal papers

Simply pick up the phone and call Toll Free (800) 774-6922 or click the service you want to purchase. Our dedicated team of professionals is ready to assist you. We can handle all of your process service needs; no job is too small or too large!

Contact us for more information about our process serving agency. We are ready to provide service of process to all of our clients globally from our offices in New York, Brooklyn, Queens, Long Island, Westchester, New Jersey, Connecticut, and Washington D.C

“Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction, and skillful execution; it represents the wise choice of many alternatives” – Foster, William A


1. Some have argued that individuals have a responsibility to disclose data about themselves for low-risk research since knowing the causes of health and illness is so important

2. ‘California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, among Others.’ The National Law Review, 

3. ‘At-home DNA tests have provided people with the ability to seek meaningful connections to long-lost family or their own cultural and religious histories. Most people have no idea that this data can then legally be shared with third parties or potentially used against them in a variety of ways,’ said Senator Tom Umberg, who authored the bill. ‘Genetic testing companies have, to date, gone largely unregulated by either state or national governments. This has led to breaches of sensitive private biological information.’

4. The Health Insurance Portability and Accountability Act of 1996 (HIPAA Pub.L. 104–191 110 Stat. 1936 or the Kennedy–Kassebaum Act) is a United States federal statute enacted by the 104th United States Congress and signed into law by President Bill Clinton on August 21, 1996. It modernized the flow of healthcare information, stipulates how personally identifiable information maintained by the healthcare and healthcare insurance industries should be protected from fraud and theft, and addressed some limitations on healthcare insurance coverage

5. ‘FDA Orders Genetics Company 23andMe to Cease Marketing of Screening Service.’ The Guardian, Guardian News and Media, 25 Nov. 2013, 

6. The Common Rule is a 1981 rule of ethics in the United States regarding biomedical and behavioral research involving human subjects. A significant revision became effective July 2018. It governed Institutional Review Boards for oversight of human research and followed the 1975 revision of the Declaration of Helsinki; it is encapsulated in the 1991 revision to the U.S. Department of Health and Human Services Title 45 CFR 46 (Public Welfare) Subparts A, B, C and D. Subpart A.

7. The World Medical Association (WMA) has developed the Declaration of Helsinki as a statement of ethical principles for medical research involving human subjects, including research on identifiable human material and data.

8. It is contained in the 1991 amendment to Title 45 CFR 46 (Public Welfare) Subparts A, B, C, and D of the U.S. Department of Health and Human Services

9. The 21st Century Cures Act is a United States law enacted by the 114th United States Congress in December 2016 and then signed into law on December 13, 2016. It authorized $6.3 billion in funding, mostly for the National Institutes of Health. The act was supported especially by large pharmaceutical manufacturers and was opposed especially by some consumer organizations.

Proponents said that it would streamline the drug and device approval process and bring treatments to market faster. Opponents said that it would allow drugs and devices to be approved on weaker evidence, bypassing randomized, controlled trials, and bring more dangerous or ineffective treatments to market]

The bill incorporated the Helping Families In Mental Health Crisis Act, first introduced by then-Congressman Tim Murphy, R-Pa., which increased the availability of psychiatric hospital beds and established a new assistant secretary for mental health and substance use disorders.

10. The Genetic Information Nondiscrimination Act of 2008 (Pub.L. 110–233), 122 Stat. 881, enacted May 21, 2008), is an Act of Congress in the United States designed to prohibit some types of genetic discrimination. The act bars the use of genetic information in health insurance and employment: it prohibits group health plans and health insurers from denying coverage to a healthy individual or charging that person higher premiums based solely on a genetic predisposition to developing a disease in the future, and it bars employers from using individuals’ genetic information when making hiring, firing, job placement, or promotion decisions.

11. ‘Fabricut to Pay $50,000 to Settle EEOC Disability and Genetic Information Discrimination Lawsuit.’ Fabricut to Pay $50,000 to Settle EEOC Disability and Genetic Information Discrimination Lawsuit | U.S. Equal Employment Opportunity Commission, 

12. Fabricut, Inc., one of the world’s largest distributors of decorative fabrics, will pay $50,000 and furnish other relief to settle a disability and genetic information discrimination lawsuit filed by the U.S. Equal Employment Opportunity Commission (EEOC)

13. About 170 lawsuits have been filed by employees, applicants, and former employees alleging that businesses illegally requested or exploited genetic information for discrimination as of late July 2013, according to the EEOC.

14. The HIPAA Omnibus Rule was finalized by the Office for Civil Rights (OCR). The Office of Management and Budget (OMB) approved the final rule and subsequently published it in the Federal Register. The Federal Register has published the final Omnibus rules written by the U.S. Department of Health and Human Services (HHS) that will modify the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules. 


The information contained herein has been prepared in compliance with Section 107 of the Copyright Act. Fair use is a legal doctrine that promotes freedom of expression by permitting the unlicensed use of copyright-protected works. The articles/Images contained herein serve as criticism, comment, news reporting, teaching, educational, and research-as examples of activities that qualify as fair use. Undisputed Legal Inc. is a Process Service Agency and “Not A Law Firm” therefore the articles/images contained herein are for educational purposes only, and not intended as legal advice.