Regulating genomic data in research and healthcare

By Philippa Brice

5 July 2020


New research highlights important issues for the proportionate and effective regulation of genomic data in medical research and healthcare that balance legal protections with utility.

Technological developments and increases in understanding mean that a person’s genome is now more informative than in previous years. Our rapidly evolving knowledge of genomics and the increasingly detailed information that can be generated from our genes makes effective regulation an endlessly moving target.

Getting the regulation of genomic data right is crucial to ensure that genomics works for healthcare and society. Sharing genetic and genomic data is vital for medical research and care, since it increasingly underpins medical diagnosis, treatment and management. Excessive or unclear regulation could create unnecessary barriers and impede vital science and healthcare. On the other hand, ineffective, insufficient regulation could reduce public trust, breach privacy and cause societal harm.

The European Union introduced the General Data Protection Regulation (GDPR) in 2018 and it forms part of current UK law. A long and complex piece of legislation, the GDPR governs the processing of personal data of all EU citizens, and has significant global impact. Ever since its introduction, the genomics community have raised concerns: how exactly does the concept of ‘personal data’ apply to genomics, and what does the regulation mean for research and healthcare?

Funded by the UK Information Commissioner’s Office (ICO), the PHG Foundation have conducted detailed research into the impact of the GDPR and the UK Data Protection Act 2018 on genomic technologies in healthcare and biomedical research. 

PHG Foundation Director Dr Mark Kroese commented: “Genomic data is central to clinical practice and research to underpin future improvements in care; I’m delighted that ICO has funded the Foundation to undertake this important work to understand the potential impact of regulation on patient care and genomic research”.  

The comprehensive new report, The GDPR and genomic data, evaluates when, where and how the GDPR applies, and identifies key actions for the genomics community, policy-makers and regulators to enable appropriate data protection while also facilitating genomic medicine and research.

Simon McDougall, Executive Director – Technology Policy and Innovation at the Information Commissioner's Office commented on the report:

PHG Foundation’s report: The GDPR and genomic data explores a complex area of key interest for the ICO. As one of its roles as a UK regulator, the ICO continues to work to maintain understanding of the implications of emerging technology and research. The project report engages with a variety of key issues relating to data protection, including the identification of personal data in new areas of research, appropriate data sharing and its key challenges, and the importance of anonymisation techniques. PHG Foundation’s project is a vital step towards understanding how the legislation we regulate impacts healthcare and research, and I’m delighted our grants programme has assisted with this important work.

Genomics and policy news

Sign up