Safe & Sound with Marianne Kolbasuk McGee

U.K.'s DNA Database: Lessons for U.S.?

Groundbreaking Effort Raises Questions About Privacy
U.K.'s DNA Database: Lessons for U.S.?

The race is on to bring genomic data mapping into the mainstream, with the United Kingdom now in the lead. The big question is whether the U.K., in its ambitious plans to build a national DNA database, has carefully addressed all of the relevant privacy and security issues.

See Also: 5 Requirements for Modern DLP

U.S. policymakers and patient privacy advocates should keep a close eye on this effort to learn from the Brit's missteps and successes as the widespread collection of patient DNA for use in personalized treatments and biomedical research unfolds.


On Dec. 10, British Prime Minister David Cameron announced a £100 million project for the U.K to map the whole genome of 100,000 National Health System patients over the next three to five years. The initial focus will be on patients with cancer and rare diseases.

So far, details are scant on how the Brits plan to ensure the privacy of DNA data.

A statement from the Prime Minister's office says genome sequencing will be "entirely voluntary" and that patients will be able to opt out of having their genome sequenced.

Also, the statement indicates that whole genome sequencing data will be de-identified when used for anything other than the individual's own care.

A number of ways to store the data will be investigated, according to Cameron's office. "The privacy and confidentiality of NHS patients will be paramount in this decision," the statement notes.

The British government needs to quickly provide far more details about privacy and security issues or risk losing public support.

Personalized Treatment

The U.K. will be "the first country in the world to introduce the technology within a mainstream health system," notes the statement from Cameron's office.

"The genome profile will give doctors a new, advanced understanding of a patient's genetic make-up, condition and treatment needs, ensuring they have access to the right drugs and personalized care far quicker than ever before," the statement says. "It will also help to develop life-saving new drugs, treatments and scientific breakthroughs, which experts predict could significantly reduce the number of premature deaths from cancer within a generation."

In the U.K., the cost of mapping the human genome has fallen below £1,000, or about $1,600. The price of that testing also is falling in the U.S., which is making genomic testing much more accessible here, too.

Indeed, human genomics hold tremendous promise for personalized medicine, which involves using an individual's genetics to more precisely select the right treatment. Genomics also can support broad biomedical research aimed a breakthrough treatments.

Genomic research is under way at many leading U.S. medical centers, including Vanderbilt University Medical Center, Cleveland Clinic and Mayo Clinic.

Meanwhile, U.S. policymakers are taking a close look at DNA data privacy and security issues, trying to ensure that laws and governance are staying on course with the increasing affordability and availability of genomic testing.

A recent report by the Presidential Commission for the Study of Bioethical Issues made a number of recommendations for how discrepancies among state laws and federal governance regarding genomic data privacy and security need to be worked out in order to gain patient trust in the promise of bio-medical research involving DNA.

"Trust is key to amassing these huge numbers of genomic data sets needed in order to make these powerful and life-saving discoveries," says Lisa M. Lee , who heads the Presidential Commission for the Study of Bioethical Issues. "So without the appropriate privacy protections, progress will be slowed."

Building Trust

U.S. institutions involved in genetic research are dealing with data security and privacy in a wide variety of ways. For instance, at Vanderbilt, patients can opt out of research involving their genomics, and the university takes a number of steps to ensure that DNA and electronic health record data used in research cannot be linked back to individual patients (see: Personalized Medicine and Privacy.)

In the U.K. with its single-payer healthcare system, it's far easier to launch a national DNA-based research effort than it would be in the U.S. Nevertheless, patients in the U.K. also want assurances that their most sensitive health data won't be abused or leaked.

It's no surprise, then, that U.K. privacy advocates - as well as various political leaders - are already opposing the national DNA database plans. In fact, GeneWatch UK, a not-for-profit organization that monitors developments in genetic technologies, has been worried about possible NHS plans for a "secret" national DNA database for a while, according to material on its website.

We'll be watching closely how this all plays out. Hopefully, the U.K. will take a careful, deliberate, and well-communicated approach to securing patients' genomic data so that any important medical breakthroughs that evolve from the project aren't overshadowed by massive privacy breaches or patient paranoia.

And with any luck, the U.S. also will learn some valuable data privacy and security lessons from the British experience.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.