=Paper=
{{Paper
|id=Vol-1788/STIDS2016_T06
|storemode=property
|title=Sharing Data under Genetic Privacy Laws
|pdfUrl=https://ceur-ws.org/Vol-1788/STIDS_2016_T06_Reep_etal.pdf
|volume=Vol-1788
|authors=Michael Reep,Bo Yu,Duminda Wijesekera,Paulo C. G. Costa
|dblpUrl=https://dblp.org/rec/conf/stids/ReepYWC16
}}
==Sharing Data under Genetic Privacy Laws==
https://ceur-ws.org/Vol-1788/STIDS_2016_T06_Reep_etal.pdf
Sharing Data under Genetic Privacy Laws
Michael Reep*, Bo Yu*, Duminda Wijesekera*, Paulo Costa †
* Department of Computer Science, George Mason University, Fairfax, VA, USA
mreep@gmu.edu, byu3@gmu.edu, dwijesek@gmu.edu
† Department of Systems Engineering and Operations Research, George Mason University, Fairfax, VA, USA
pcosta@gmu.edu
Abstract— Clinical medical practice and biomedical research * Ethics - Privacy of genetic data differs from
utilize genetic information for specific purposes. Irrespective of
the purpose of obtaining genetic material, methodologies for
traditional medical information privacy. For
protecting the privacy of patients/donors in both clinical and example, protecting patients’ private information
research settings have not kept pace with rapid genetic advances. (e.g., Protected Health Information - PHI) is an
When the usage of genetic information is not predicated on the important medical ethics and legal obligation. Data
latest laws and policies, the result places all-important
patient/donor privacy at risk. Some methodologies err on the side
for genotype-phenotype matching can be used to
of overly stringent policies that may inhibit research and open- stigmatize or discriminate against genetic relatives of
ended diagnostic activity, whereas an opposite approach advocates a donor, so the dangers of its exposure must be
a high-degree of openness that can jeopardize patient privacy, carefully weighed against the benefits of its use [1, 4,
identifying patient relatives and erode the doctor-patient privilege.
As a solution, we present a unique approach that is based on the 5]. There is an ongoing ethical debate between the
premise that acceptable clinical treatment regimens are captured two different schools of thought, one in which the
in workflows used by caregivers and researchers and therefore donor gives open consent for using his/her data vs.
their associated purpose can be extracted from these workflows. the other that advocates explicit purpose-based
We combine these purposes with applicable consents (derived
from applicable laws) to ascertain the releasability of genetic consent [6].
information. Given that federal, state and institutional laws
govern the use, retention and sharing of genetic information, we
* Legal Issues - Due to the unusual situation of
create a three-level rule hierarchy to apply the laws to a request being able to expose relative’s genetic composition,
and auto-generate consents prior to releasing. We prototype our genetic privacy has been proposed as categorical
system using open source tools, while ensuring that the results can privacy that differs from traditional individual-
be added to existing Electronic Medical Records (EMR) systems.
centered concepts of privacy in literature [7]. Federal
Keywords—genetic privacy, electronic medical records, (HIPAA and GINA) [8, 9], state laws and
ontology, health care, genomic medicine, SWRL institutional polices provide the legal framework for
the sharing of genetic information. Furthermore,
I.INTRODUCTION genetic privacy laws vary from state-to-state and may
Genetic studies match genotypic and phenotypic be inconsistent with, or more or less stringent than,
data to associate genetic markers with onset of federal regulations.
diseases [1]. Studies have shown that preventive care * Social Implications - Societal views are often
costs significantly less than treatment upon disease reflected in law and/or organizational policies, so
onset and diagnosis [2, 3]. Furthermore, rapid their implications are likely inextricably intertwined
advancement of genetic research continues to with laws and policy governing genetic privacy and
lengthen the list of predictable diseases. Examples what constitutes informed consent.
include genetic mutations causing some breast
cancers (BRC-1 and BRC-2), ovarian cancer, sickle As a solution, we provide an encompassing
cell anemia, β-thalassemia, left ventricular framework consisting of workflow-enforced genetic
noncompaction cardiomyopathy and Alzheimer’s privacy as well as biomedical consent management,
disease. However, both research and clinical use of consistent with state and federal genetic privacy laws
genetic information entail privacy challenges that such as statute, regulation and precedent. Following
differ from usage of other medical data in following this Introduction, Section 2 addresses related work;
ways: Section 3 reviews the prototype design and ontology,
STIDS 2016 Proceedings Page 46
�Section 4 describes the implementation of our genetic research participants to understand and decide how
services workflow that enforces appropriate informed the medical community can use and share their
consent based on applicable law to achieve genetic identifiable medical information. Analogously,
privacy; and, finally, Section 5 presents conclusions. informed consent tailored for genetic research,
clinical usage and counseling constitutes a strong
II. RELATED WORK basis for ensuring appropriate genetic privacy. Some
Many researchers have suggested adopting genetic medical practices and biomedical research
traditional information protecting methodologies to are performed without obtaining appropriate
protect patients’ confidentiality. Yet, this might not informed consent such as enticing participants in a
be effective due to the uniqueness of being traceable study without obtaining the proper informed consent.
to an individual or group of individuals [10, 11]. To address this issue, some researchers advocate
After all, some genetic information of an individual different methodologies such as using highly-
may not only precisely identify him/her as high risk stringent policies to maintain patient confidentiality,
of certain hereditary disease(s), but also indicate that but this approach potentially risks limiting scientific
his/her relatives have the same risks due to a innovation [18]. Yet, other researchers have
heritable gene. proposed a new, open-consent model for medical and
scientific genetic research [7] or open-access policies
Prince et. al. describe three practical genetic for genetic data sharing [19]. As the underlying
counseling cases that illustrate genetic predicate for us undertaking this effort, we proposed
discrimination [12]. The fundamental covenant of a prototype system capable of automatically
protecting patient privacy is embodied in patient- generating or obtaining appropriate informed
doctor privilege. Conversely, many scholars believe consent forms for genetic data sharing under various
genetic information is essentially familial in nature situations.
and is referred to as the Genetic Information is
Familial Thesis (GIFT) [13], since sharing such EMRs play a vital role of sharing medical
information will benefit related groups of information among participating actors based on
individuals. Some countries have regulations to their usage scenarios. Using EMRs for genetic
enforce sharing such information among family services present a unique set of challenges [20].
members [14, 15]. However, many publications Belmont et al. highlighted the privacy, ethical and
discuss and debate the familial approach, with their legal issues of handling genetic data in EMRs [21].
authors advocating the view that humans possess the Scheuner et al. conducted a case study to validate if
rights of privacy and to protect those that do not want current EMR systems meet genetic information
to know [13, 16]. Conversely, rapid innovations in needs [22]. This study shows an overall lack of
genetic research require wide accessibility to many support for functionality, structure, and tools for
genetic databases. The idea of open access in the clinical genetic practice. A more recent study of the
field of genomic research is expressed in the state of EMRs supporting genomics for personalized
Bermuda Principles and the Fort Lauderdale medicine identifies structure of data as a challenge
Agreement, which has been applied in North [23]. Therefore, it is necessary to implement an
America and in the UK for funded research [17]. informed consent management system in current
Genetic research typically requires additional EMRs.
metadata with genetic data sets, such as demographic
details family relationships, medical history, etc. Some researchers suggested that the legislation
These metadata elements can be exploited for tracing for generating and using genetic information
an individual’s identity. properly is pivotal to improving genetic privacy [24].
In 2013, the Health Insurance Portability and
In general medicine, an informed consent, Accountability Act of 1996 (HIPAA) [8] Omnibus
especially informed privacy consent, provides the Rule included genetic information as PHI to be
proper opportunity and knowledge for patients and regulated under the privacy portion of HIPAA.
STIDS 2016 Proceedings Page 47
� Nonetheless, states may have different definition of outcomes from the three levels (Federal, State
genetic information. The combination of Federal and Organization) and provides a final result
privacy laws along with the various state laws form for permitting or denying access. The outcome
a fragmented regulatory and statutory landscape for includes the consolidated list of conditions for
permissible information sharing and consent all three levels. For example, the list of consent
management. To be valid, informed consents for clauses required by both the Federal
genetic privacy must comply with these laws and regulations and organizational policies.
regulations. Indeed, significant regulatory gaps The first component of implementing the genetic
create additional burdens in providing automated privacy enforcement is to gather the required
ways to obtain and generate information consent in information through the workflow. As the usage
EMRs. scenario is executed (under the workflow engine) the
meta-data required to determine the releasability of
III. SYSTEM DESIGN data is gathered and passed to the consent service.
We developed a functioning prototype that The consent service then creates the objects and
addresses the various aspects for an automated and relationships in the ontology for evaluation by the
integrated informed genetic information consent reasoner. Next the service retrieves the results and
system. The prototype brings together the data calls our 3-level rule hierarchical algorithm. The
gathered during interactions with the medical service determines if access is permitted and passes
provider with the applicable laws, regulations and the access results back to the workflow engine. The
policies to address the privacy issues specific to acknowledgment steps in the workflow display the
genetic information. There are three components of results along with the decision source (specific law or
the prototype as shown in Fig. 1: regulation referenced), the consent clauses,
obligations to be enforced for information released,
x Workflow to gather the information, display and the specific rules used in the ontology to generate
the outcome and obtain acceptance from the the answer.
user of the results and any pre/post conditions
for using the data. To support the consent service, we developed an
ontology to capture the various aspects of enforcing
x A ontological rule-base that takes the data privacy laws and policies. As seen in the Fig. 2 the
from the workflow, evaluates the applicable prototype requires four related data items.
laws, determines prerequisites (such as
consents and obligations), and decides on the x Requester: the person making the request to
releasability of genetic data. access the medical information including
their role, associations with a specific
x A consent service that interacts with the organization, and information about this
workflow engine and ontology to pass data organization,
back and forth. The service includes the Rule
Hierarchy Algorithm which combines the x Request: details on the purpose for requesting
the information, and where the information
will be used. The four purposes applicable to
genetic information are disclosure, research,
testing and treatment. The prototype currently
implements the information disclosure
component with the applicable specific
instances for Self-Request by the Patient, Law
Enforcement, etc.
x Response: the results of the reasoner applying
the appropriate rules along with a list of any
obligations that must be enforced by the EMR
Fig.1. Prototype Components
and specific consent clauses that are needed
for the associated approvals. (A subclass for
STIDS 2016 Proceedings Page 48
� Fig. 2. Genetic Privacy Ontology
Federal Responses allows information about the specific access request. By definition, Federal
HIPAA-specific requirements to be laws are at the top of the hierarchy, followed by State
gathered.) laws, and then organizational policies. The hierarchy
algorithm dictates how conflicts between laws and
x Resource: the part of the electronic medical
policies can be resolved based the decisions made at
record being requested along with
each level.
information about the subject (or patient). The
Resource instances can be used to categorize In order to address these potential conflicts,
detailed levels of rules such as enforcing Federal and State laws have an override flag
restrictions to specific parts of the genome associated with them in the ontology to indicate
that can be used to identify individuals or whether lower level rules can change the answer. If
grant permission to components used in two levels come to the same conclusion (both permit
genomic medicine. access), the supplemental clauses and obligations are
combined into one complete response. For example,
The ontology does not need to contain all the
HIPAA permits access to medical records for
information from the EMR because the current focus
treatment. In Georgia, there are additional obligations
is on rules implementation. Many entities in the
and consent requirements when the resource being
ontology provide reference information such as the
accessed is from genetic testing.
organizational meta-data or a list of specific Consent
Clauses that are not described presently. The Response structure allows both sets of
answers to be passed back to the EMR for evaluation
The Rule Hierarchy Algorithm evaluates the
and execution. However, if the results were different,
interactions between Federal and State laws,
the previous answers are discarded in favor of the
regulations and institutional policies. The access
lower level requirements in order to resolve the
evaluation is done at each level (Federal, State and
inconsistency. For example, if Federal law permitted
Organization) in the hierarchy that is applicable for
access and allowed an override to the Permit decision,
STIDS 2016 Proceedings Page 49
�the organizational policy may come to a different For the Organization level, Line (18) determines if
conclusion and set the response to Deny. there is an Organization result and whether there is a
The Rule Hierarchy Algorithm follows: State result with a State Override flag set to true or
there is no State answer. If (18) is true, then (20)-(24)
INIT {resAns, resObl, resDec, resCl, resRule} to {fedAns,
fedObl, fedDec, fedCl, fedRule} (1)
adds the Organization variables to the Result
IF fedOver = true THEN (2) variables, while (26)-(30) set the Results variables to
IF stAns <> null THEN (3) the Organization results. At the end of processing
IF stAns = fedAns THEN (4) (34) the Results variables are passed back to the
resAns = resAns + stAns (5) workflow via the YAWL API.
resObl = resObl + stObl (6)
resAns = resDec + stDec (7) IV. SYSTEM IMPLEMENTATION
resAns = resCl + stCl (8)
resAns = resRule + stRul (9) The prototype was developed using the YAWL
ELSE (10) (Yet Another Workflow Language) workflow engine
resAns = stAns (11) with Java classes that respond to the YAWL event
resObl = stObl (12) handlers to trigger the ontology processing and Rule
resAns = stDec (13) Hierarchy Algorithm. As seen in Fig. 3, the consent
resAns = stCl (14) workflow gathers additional information regarding
resAns = stRule (15)
END IF (16)
aspects of the tasks being performed, the requester
END IF (17) and the subject before executing a call to the Consent
IF (orgAns <> null) AND (((stAns <> null) AND Service in the “Check Consent” step. A final step is
(stOver = true)) OR (stAns = null))) THEN (18) provided for validating that the results are
acknowledged before returning the response to the
IF orgAns = resAns THEN (19) associated EMR.
resAns = resAns + orgAns (20)
resObl = resObl + orgObl (21) The first YAWL screen shown in Fig. 4 is for the
resAns = resDec + orgDec (22) “Get Request Information” step in the workflow
resAns = resCl + orgCl (23) process to describe why the request is needed, what
resAns = resRule + orgRul (24) part of the medical record is to be accessed, in what
ELSE (25)
state the action is being performed and, for research
resAns = orgAns (26)
resObl = orgObl (27) purposes, whether the request is for an individual or
resAns = orgDec (28) group. Each of the three Get steps have a similar
resAns = orgCl (29) screen. The “AckPermit” screen in Fig. 4 shows the
resAns = orgRule (30) results, pre and post-conditions for using the
END IF (31) information, and an input box to enter in acceptance.
END IF (32) For an implementation such as an integration with the
END IF (33) OpenMRS, these YAWL screens will be replaced
RETURN resAns, resObl, resDec, resCl, resRule (34) with others that will be embedded in the EMR
product.
In (1) the Result variables for the Answer,
Obligations, Decision Source, Clauses and Rules are
initialized to the corresponding federal variables,
which were retrieved from Protégé. In (2) the Federal
Override variable is evaluated to determine whether
other rules are to be evaluated. If so, (3) checks for
State answer existing and, if found, (4) determines if
the Federal and State answer match. Lines (5)-(9)
Fig.3. Genetic Privacy Workflow
adds the State variables to the Result variables when
the Federal and State match while (11)-(15) set the
Results variables to the State results when there is no
match.
STIDS 2016 Proceedings Page 50
� associated object properties to gather additional
information on the Requester, Subject, Purpose and
the Resource. (These values were all gathered and
populated by the workflow and consent service.) For
example, the Request instance is linked in the
ontology to the associated Purpose using the
hasPurpose object property. The appropriate
Response instance (Federal, State or Organization)
stores the outcome of the rule regarding whether
access is permitted or denied, whether an override is
allowed (Federal and State), the HIPAA Category
(Federal), the specific law or policy that generated the
result, any appropriate obligations and clauses (via
hasObligation and hasClause object properties), and
a rule number that maps to the SWRL rule.
An example of the implementation is a request to
access the Genetic Test Results resource for the
Treatment purpose in Georgia. As seen in Fig. 5,
there are two different aspects to the Request:
establishing relationships to other objects with
relevant information and specific data properties for
this request. The first object property assertion links
the request to the part of the medical record the
requester would like to access. The next three object
Fig.4. Workflow Screen Shots assertions link to response objects that will hold the
access permission (permit/deny) and other
Once the consent service is called and the results information associated with the rules for each level
generated, the latter are displayed for validation by (Organization, State and Federal). The next two
the user. EMR integration will allow some of the object assertions link indicate which person is the
tasks, such as generating consent letters, to be subject of the request (generally a patient) and the
implemented and enforced within the product. The purpose for accessing the medical record. The data
Consent Service serves as the integration engine
between the workflow/EMR and the ontology. The
Java-based Consent Service is triggered by a YAWL
event handler on the Check Consent workflow step.
The service then gathers all the data from the
workflow entries to create and populate the ontology
instances including the data and object properties.
The object properties link the instances such as
establishing the makesRequest relationship between
the Requester instance and the Request. Once the data
has been populated in the ontology, the reasoner
generates the responses and stores the information.
The service extracts the response information for
evaluation using the Rule Hierarchy Algorithm.
The ontology is implemented using the Protégé
platform with the laws and regulations (Federal and
State) plus the organization policies enforced via Fig.5. Request Properties
SWRL rules and the Pellet reasoner. The predicate of
each rule uses the Request instance with the
STIDS 2016 Proceedings Page 51
�assertion states that the request is being made in the
state of Georgia (“GA”).
The first SWRL rule below as seen in Protégé
addresses the Federal law for access under the
Treatment purpose.
makesRequest(?r, ?req), forPurpose(?req, ?pur),
purposeDesc(?pur, "Treatment"), Fig.6. Federal Response
hasResponse(?req, ?res), responseLevel(?res,
"Federal") -> isAllowed(?res, true), The next part of the example below shows the
canOverride(?res, true), hipaaCategory(?res, SWRL rule for the State response, the SWLR
"Permitted"), decisionSource(?res, "HIPAA"), statements explained in Table II, and the response in
hasRule(?res, 4) Fig. 7. In the SWRL rule, the predicate sets the
In this example, location as Georgia and that the rule can be executed
if the Federal response allows an Override. The
x ?r is for the Requester for the Request predicate also retrieves an additional obligation for a
x ?pur is the Purpose for “Treatment” Consent Agreement and the agreement must have
text specific to Georgia. The State response then is
x ?req is the Request being made for the set to allow access with no override and information
Federal Level with the Treatment Purpose that the decision was based on Georgia Law. The
x ?res is the Federal Response that is response is linked to an obligation for a Consent
associated with the Request. Agreement and the consent clause with text specific
to Georgia.
The explanation for each of these SWRL
statements is provided in Table I.
isSelf(?r, false), makesRequest(?r, ?req),
TABLE I. SAMPLE FEDERAL RULE
inState(?req, "GA"), forResource(?req, ?resource),
forPurpose(?req, ?pur), purposeDesc(?pur,
SWRL Statement Explanation
"Treatment"), resourceName(?resource,
makesRequest(?r, ?req) Links Requester to the Request "GeneticTestResults"), hasResponse(?req, ?res),
forPurpose(?req, ?pur) Links Request with the Purpose responseLevel(?res, "Federal"), canOverride(?res,
purposeDesc(?pur, "Treatment")
Restricts the rule to only execute for true), hasResponse(?req, ?resst),
the Treatment purpose description responseLevel(?resst, "State"), oblName(?obl,
Links the Request with a Response
hasResponse(?req, ?res)
to store answer "ConsentRequired"), clauseName(?clause,
responseLevel(?res, "Federal”) Gets the Response for Federal level "GAGeneticConsent") -> isAllowed(?resst, true),
-> isAllowed(?res, true) Sets access to true in Response
canOverride(?resst, false), decisionSource(?resst,
"GA_LAW"), hasObligation(?resst, ?obl),
canOverride(?res, true) Sets override to true
hasClause(?resst, ?clause), hasRule(?resst, 5)
hipaaCategory(?res,
Sets HIPAA category to Permitted
"Permitted")
decisionSource(?res, "HIPAA”) Sets the decision source as HIPAA
hasRule(?res, 4) Sets the rule number to 4
When the Pellet reasoner finds a set of instances
that matches the Treatment and Federal conditions,
the rule is executed and the ?res data properties
populated with the values indicated. As seen in Fig.
6, the Federal Response is updated with the final
values. Fig.7. State Response
STIDS 2016 Proceedings Page 52
� In the State example, the additional instances used When the Pellet reasoner finds a set of instances
are: that matches the Treatment for someone besides the
Requester in GA for GeneticTestResults and the
x ?resource is for the “GeneticTestResults”
Federal response has Override set to True, the rule is
part of the medical record
executed and the ?resst data properties populated
x ?r is the Requester associated with the with the values indicated. In addition, the ?obl and
Request ?clause instances are associated with the response as
conditions to accessing the record.
x ?obl has the Obligation that
ConsentRequired must be obtained for this
V. CONCLUSION
request
Our prototype brings together the operational data
x ?clause indicates the consent agreement in an EMR workflow for protecting genetic
for the patient must include the information privacy with the applicable laws,
GAGeneticConsent clause regulations and policies to provide a definitive and
x ?resst is the State response associated with consolidated response for access and the associated
the Request pre/post conditions for use. Currently, we continue to
implement additional Federal and State rules, policies
The explanation for each of these SWRL and regulations to develop a comprehensive
statements is provided in Table II. repository and rule base. The following phase in the
prototype will build upon these capabilities for
TABLE II. SAMPLE STATE RULE Federal/State laws and regulation enforcement to
SWRL Statement Explanation accommodate the policies and procedures for a
isSelf(?r, false),) Verifies Requester is not the subject selected medical organization. The resulting
makesRequest(?r, ?req), Links Requester for the Request
prototype will demonstrate the overall capabilities
needed to meet the medical community’s access
inState(?req, "GA"), Verifies Request is for Georgia
requirements while balancing the individual rights to
forResource(?req, ?resource) Links Request with the Resource privacy and ownership of their genetic medical data.
forPurpose(?req, ?pur) Links Request with the Purpose
purposeDesc(?pur, Restricts the rule to only execute for the REFERENCES
"Treatment"), Treatment purpose description
resourceName(?resource, Verifies Resource request is for the [1] M. D. Ritchie, E. R. Holzinger, R. Li, S. A.
"GeneticTestResults") Genetic Test Results Pendergrass, D. Kim. "Methods of integrating
Links the Request with a Response to
hasResponse(?req, ?res)
check previous rule results data to uncover genotype-phenotype
responseLevel(?res, Limits the previous Response to interactions." Nature Reviews Genetics 16.2.
"Federal") Federal
Verifies the Federal rule allows 2015. 85-97.
canOverride(?res, true)
overrides
Links the Request with a Response to [2] A. H. Németh, A. C. Kwasniewska, S. Lise, R.
hasResponse(?req, ?resst)
store answer P. Schnekenberg, E. B. Becker, K. D. Bera, ..., &
Gets the Response for State level to
responseLevel(?resst, "State")
store answers
K. Talbot. "Next generation sequencing for
oblName(?obl, Gets the Obligation for Consent molecular diagnosis of neurological disorders
"ConsentRequired") Required using ataxias as a model." Brain 2013. awt236.
clauseName(?clause,
Gets the Clause for Consent Required
"GAGeneticConsent") [3] C. Pihoker, L. K. Gilliam, S. Ellard, D. Dabelea,
Sets the State response to access is
-> isAllowed(?resst, true)
allowed C. Davis, L. M. Dolan, ... & E. Mayer-Davis.
canOverride(?resst, false)
Sets the state Response to not allow "Prevalence, characteristics and clinical
override by organization
decisionSource(?resst, Sets the State response to reflect the
diagnosis of maturity onset diabetes of the young
"GA_LAW") decision source as state law due to mutations in HNF1A, HNF4A, and
hasObligation(?resst, ?obl)
Links the retrieved Obligation with the
State response
glucokinase: results from the SEARCH for
Links the retrieved Clause with the Diabetes in Youth." The Journal of Clinical
hasClause(?resst, ?clause)
State response Endocrinology & Metabolism 98.10. 2013.
hasRule(?resst, 5) Sets the rule number to 5 for reference 4055-4062.
STIDS 2016 Proceedings Page 53
�[4] W. W. Lowrance, & F. S. Collins. “Identifiability codified as amended in scattered sections of 26,
in genomic research.” SCIENCE 317. 2007. 600- 29, and 42 U.S.C.
602. [10] D. Mascalzoni, A. Hicks, P. Pramstaller, &
[5] A. L. McGuire, & R. A. Gibbs. "No longer de- M. Wjst. "Informed consent in the genomics
identified." SCIENCE-NEW YORK THEN era." PLoS Med 5.9. 2008. e192.
WASHINGTON- 312.5772. 2006. 370.
[11] L. O. Gostin, & J. G. Hodge Jr. "Genetic
[6] F. D’Abramo, J. Schildmann, & J. privacy and the law: an end to genetics
Vollmann. "Research participants’ perceptions exceptionalism." Jurimetrics 1999. 21-58.
and views on consent for biobank research: a
[12] A. E. Prince and M. I. Roche. "Genetic
review of empirical data and ethical
information, non-discrimination, and privacy
analysis." BMC medical ethics 16.1. 2015. 1.
protections in genetic counseling
[7] J. E. Lunshof, R. Chadwick, D. B. Vorhaus, & G. practice."Journal of genetic counseling 23.6.
M. Church. "From genetic privacy to open 2014. 891-902.
consent." Nature Reviews Genetics 9.5. 2008.
[13] S. M. Liao. "Is there a duty to share genetic
406-411.
information?." Journal of medical ethics 35.5.
[8] The Health Insurance Portability and 2009. 306-309.
Accountability Act of 1996 (HIPAA). Pub. L.
[14] A. Lucassen, & J. Kaye. "Genetic testing
104-191, 110 Stat. 1936, codi_ed as amended at
without consent: the implications of the new
42 U.S.C x300gg and 29 U.S.C x1181 et seq. and
Human Tissue Act 2004." Journal of medical
42 U.S.C x1320d et seq.
ethics 32.12. 2006. 690-692.
[9] Genetic Information Non-discrimination Act of
[15] American Society of Human Genetics Social
2008 (GINA). Pub. L. 110-233, 122 Stat. 883,
Issues Subcommittee on Familial Disclosure.
[16] ASHG STATEMENT Professional re-shaping scientific practice."Nature Reviews
Disclosure of Familial Genetic Information. Am. Genetics 10.5. 2009. 331-335.
J. Hum. Genet. 62 (1998): 474–483. [21] D. Mascalzoni, A. Hicks, P. Pramstaller, &
[17] E. Sherlock. “disclosure of patient's genetic M. Wjst. "Informed consent in the genomics
information without their consent- Is the "public era." PLoS Med 5.9. 2008. e192.
interset" really a Sufficient Justification?.”
[22] J. Belmont, & A. L. McGuire. "The futility
Genomics Law Report. 2009. retrieved March 2,
of genomic counseling: essential role of
2015, from
electronic health records." Genome
http://www.genomicslawreport.com/index.php/2
medicine 1.5. 2009. 1.
009/11/10/disclosure-of-patientsgenetic-
information-without-their-consent-is-the-public- [23] M. T. Scheuner, H. de Vries, B. Kim, R. C.
interest-really-a-sufficient-justification/ Meili, S. H. Olmstead, and S. Teleki. "Are
electronic health records ready for genomic
[18] J. Kaye, S. M. Gibbons, C. Heeney, M. Parker
medicine?." Genetics in Medicine 11.7. 2009.
& A. Smart. "Governing biobanks: Understanding
510-517.
the interplay between law and practice. "
Bloomsbury Publishing, 2012 [24] M. H. Ullman-Cullere and J. P. Mathew.
"Emerging landscape of genomics in the
[19] D. Hallinan, & M. Friedewald. "Open
electronic health record for personalized
consent, biobanking and data protection law: can
medicine." Human mutation 32.5. 2011. 512-
open consent be ‘informed’under the
516.
forthcoming data protection regulation?." Life
sciences, society and policy 11.1. 2015. 1. [25] M. Gymrek, A. L. McGuire, D. Golan, E.
Halperin, & Y. Erlich. "Identifying personal
[20] J. Kaye, C. Heeney, N. Hawkins, J. De Vries,
genomes by surname
& P. Boddington. "Data sharing in genomics—
inference." Science 339.6117. 2013. 321-3
STIDS 2016 Proceedings Page 54
�