The designated record set for clinical genetic and genomic testing: A points to consider statement of the American College of Medical Genetics and Genomics (ACMG)

The right to access one’s genetic and genomic data generated by HIPAA-covered laboratories is a civil right safeguarded by federal privacy law, but it exists in tension with concerns about possible harms from misunderstanding or misuse of data. Further research is needed to determine best practices for presenting data in response to patients’ HIPAA access requests. Owing to the complex nature of genetic and genomic data, great care is needed to limit the potential for misunderstanding or misuse of the information laboratories are required to provide in response to HIPAA access requests. Interfering with access is not permissible but much can be done to make access safer by ensuring good communication at the PODD when patients receive the data they requested under HIPAA’s access right. HIPAA-covered laboratories should consider developing PODD disclosures that would routinely be supplied at the time they respond to an access request. Furthermore, genetic and genomic professionals should lead future research efforts to study options that maximize the benefits and minimize potential harms of HIPAA access requests to help create future best practice guidelines.