Is DNA Based Healthcare Worth the Risk?

All of us are built differently. That’s why our bodies can handle different foods in different ways, different workout routines yield varying results between individuals, and some of us seem to always get the seasonal flu while others stay stuffy-nose-free (seemingly without trying really hard to do so). So figuring out what’s the healthiest – the best – way of eating, exercising and living your life seems like a reasonable and even rational goal.

So how can we figure that out? With DNA testing, or to be more exact, analyzing genome and blood biomarkers. However, this type of testing has some obvious privacy repercussions. Let’s weigh the pros and the cons.

I’ve started a Twitter thread where I collect recent news regarding data leaks and other privacy violations that has happened in the healthcare industry since I published this blog post. Take a look at it here.

Pros

With proper genetic testing you can find out a massive amount of data about your body, ranging from things like how well you can absorb Vitamin D from sunlight to how quickly you can metabolize caffeine. It’s possible to learn what kind of diseases you’re more prone to catch, what medical liabilities you’ve inherited and are likely to pass on to your children, what’s your body’s biological age (as measured from telomere length), genes can even tell if your pancreas is producing the proper amount of insulin in response to the diet you are eating.

Combined with an extensive blood panel, from which you can discover tens if not over hundred different variables, it’s possible to create the most healthy, beneficial and efficient lifestyle for you in terms of nutrition and exercise.

Although this list of pros is fairly short (compared to the following cons), the impact this type of personalized healthcare would be huge across all humanity.

Cons

First things first: some gimmicky ancestry service is not what we’re talking about here. They don’t provide adequate level of analysis and can have error rates anywhere between 15-40%! On top of that, FTC is already investigating Ancestry.com and 23AndMe over privacy violations, while another popular service MyHeritage was hacked and the details of 92 million customers were leaked.

However, from a customer’s point of view it seems that similar kind of privacy violations and data breaches could also happen to proper of personalized health service providers, such as the Finnish company TerveDx. I’m definitely not saying that a company like TerveDx would be handling data badly or sharing or selling it, but what I am saying that there’s very little the average consumer can do to ensure the safety of their health data – which is the type of data that’s probably even more precious and private than financial data. You’re lucky if these next gen health companies even offer a privacy policy!

So why health data privacy and security matters? Well if it gets sold, it could be used for personalized advertising, it could cause potential discrimination by employers, impact health insurances, feed the monster that is Big Pharma…

If a company gets hold of your DNA, via e.g. a blood sample, there’s no way of getting it back. This sounds rather ominous, however the truth is that if you live in a Western society, your blood has already been collected and analyzed shortly after your birth. So depending on if the birth happened in public or private healthcare facilities, your blood has already been stored by either party. And yes, this happens in Finland too. These blood samples are taken to screen newborn babies for certain illnesses and such, so the net sum is positive in my opinion.

The problem (again) is that this data is no longer safe. In fact, healthcare data is a very lucrative target for cybercriminals. EY estimated last year that the value of an electronic health record (EHR) is around $60 (by comparison, stolen credit cards are just $1-3), whereas Forbes estimated the value to be closer to $1000 a piece.

Summary

Based on my brief look into Finnish healthcare sector’s practices (Tietosuoja terveydenhuollossa, Partanen, 2010), I’m glad to see that information security has been an integral part of the industry and the laws that govern it for years already. Of course that’s just Finland. It’s unclear how well these things have been taken into account around the world, and what really are the rights and protections that consumers have in the end.

Another thing that’s a bit unclear at least to me is the classification of these new companies that offer DNA and blood test based health plans. Where do they stand legally, commercially?

One thing’s for sure: what biohackers and other health enthusiasts are doing right now, will become mainstream healthcare sometime in the future. As for now, my privacy concerns outweigh my intrigue towards DNA testing and proper blood panels. I’ll give it still a couple of years before booking any appointments in a private clinic.