Ken Deutsch was diagnosed with metastatic bladder cancer two years ago. As part of his treatment plan, he was genetically tested for genetic mutations by Myriad Genetics, a company that specializes in identifying cancer genes.
But when Deutsch wanted to share the full results of that testing with researchers at the National Institutes of Health, Myriad refused to release it. While the company gave him his results for cancer, Myriad also looks at other mutations in these cancer genes. These are benign mutations that are not known to increase cancer risk and, as a result, aren’t usually reported back to patients. But Deutsch wanted these data included in the information he submitted to the ClinVar network, a database of patients’ genetic information run by the NIH. Myriad said no.
Deutsch was not alone. He and three other Myriad customers are named as complainants in a formal action filed by the ACLU on May 17, 2016 with the U.S. Department of Health and Human Services. The complainants want Myriad to release this information to anyone who wants it saying they as patients and customers have the right to their own medical information under the Health Insurance Portability and Accountability Act (HIPAA). From STAT:
The Health Insurance Portability and Accountability Act (HIPAA), mostly known for its protections on patients’ privacy, also includes provisions guaranteeing patients access to their health information. A complaint filed on Thursday by the American Civil Liberties Union claims that Myriad has violated HIPAA by refusing to provide the full gene data that they generated from patients.
The day after the complaint was filed Myriad provided the information to the four patients. A spokesman for Myriad told Bloomberg that the patients should withdraw the complaint, accordingly. But the ACLU declined. From Bloomberg:
A patient’s right to their entire genetic record set is a focus of the ACLU, Sandra Park, a senior attorney with the ACLU, told Bloomberg BNA May 20. Park said the complaint is the ACLU’s first foray into ensuring patients’ full access to their medical records. She said the ACLU is looking for Myriad to willingly acknowledge a patient’s right to full access, either through a voluntary posting on its website or through a resolution agreement.
In 2013, Myriad lost a high profile Supreme Court case over the patent rights to the BRCA1 & 2 genes, which are linked to higher incidences of breast, ovarian and prostate cancer. The case set the precedence that naturally occurring DNA cannot be patented.
Beyond patient access, there is a second issue with the fact that Myriad is collecting and keeping results on benign mutations. Sometimes these mutations do turn out to be disease-linked. When they are, there is not standardized notification to patients. Last year a two-year-old boy died because a mutation that his genetic testing lab classified as benign turned out not to be. That case spotlighted the lack of follow up communication between testing companies and patients about mutations. It also highlighted the need for non-profit databases like ClinVar to speed up the process of implicating or exonerating unknown mutations in causing disease.
Patients who are willing to accept the potential risks of sharing their genetic information for research purposes should not be kept from that because of the wishes of the company that did their testing. Nor should these companies sequester a patient’s data while they wait to discover its significance for themselves.
Meredith Knight is a contributor to the human genetics section for Genetic Literacy Project and a freelance science and health writer in Austin, Texas. Follow her @meremereknight.