How can genetic privacy be regulated?
The answer is fairly easily! Genetic data is by its very nature unique code – making it possible to identify and remove from any database.
Entities that store genetic data within the US should probably just plan on eventually being audited, at some point, to prove their genetic data storage is authorized.
It's also just a matter of time before educated consumers will demand that entities storing their genetic data agree to third party audits (for security and authorized use) prior to allowing their genetic information to be stored. I can imagine consumers requiring they retain the right to remove any and all of their genetic data from any entity.
Consumers will also likely want the right to revoke consent to the use of their genetic data since the interpretation of genetic data is subject to change (and markers currently not considered to be sensitive information may become so in the future).
The process of performing audits could easily be done based on a unique user account “token” created from various combinations of values within each individuals DNA sample. Such DNA tokens could exist in a variety of versions for each individual – some linked to their medical information … other’s stripped of all identifying information (containing only enough DNA to identify their sample along with specific instructions regarding authorized use).
Are there any lawyers out there working on this stuff? The software for managing genetic data is well on its way http://www.dnaguide.com
DNA Guide http://www.dnaguide.com
DNA Classifieds http://www.dnaclassifieds.com