Patients can be ID'd in 'anonymous' public genetics databases

Research leads to calls for better privacy protections, informed consent
Tools

People who participate in genomic research need to be better informed that they and their relatives can be identified from supposedly anonymous data, a new study concludes. The work also has set off calls for better legal protections for research participants.

In the research, published this month in the journal Science, a team led by Yaniv Erlich at the Whitehead Institute for Biomedical Research in Cambridge, Mass., was able to identify nearly 50 men from public genomic data sets. 

Their technique involved matching surnames available in those particular public databases with a pattern of genetic markers called short tandem repeats on the Y chromosome in "pooled" data. With a little detective work using publicly available information, such as age and address, identities were discerned. (The technique applied only to men.) They were able to identify five men whose data was part of the 1,000 Genomes Project and another study on Mormon families, as well as name their male and female relatives.

Erlich notified the National Institutes of Health, which funds those databases; it then decided to make the ages  of participants no longer publicly available. NIH restricted access to other data in 2008 when previous researchers showed they could identify study participants by other means. Restricting access to data, though, could hamper research.

"I don't think removing data from the public domain is any kind of answer," computational biologist Eric Schadt at Mount Sinai Hospital in New York City, who was not involved in the latest study, said, according to Nature. "Rather, we should be up front with participants that we can't protect their privacy completely, and we should ensure that the most appropriate legislation is in place to protect participants from being exploited in any way."

There is no comprehensive genetic privacy law, Jeremy Gruber, a lawyer and president of the Council for Responsible Genetics, told MIT Technology Review. The Genetic Information Nondiscrimination Act of 2008 prevents employers or health insurers from discriminating based on genetics, but does not apply to life or disability insurers, the article says.

The group Genewatch has opposed a plan for a massive genetic database in the U.K. with the argument that participants could be tracked through their DNA.

Genetics data is being touted as promising to better match appropriate treatments to patients with complex diseases. That has led a presidential commission studying privacy issues to call for including DNA sequencing data into patients' electronic medical records to advance research. But that would raise concerns among patients without proper privacy protections.

To learn more:
- read the abstract
- here's the Nature article
- check out the Technology Review piece

Related Articles:
Genetics-based personalized medicine gets big data boost
Incorporate DNA sequencing data into EHRs, ethics panel says
U.K. plans massive gene sequencing project