In This Article
In This Article
DNA testing kits give you valuable insights into your family history and health. To get these results, you need to submit samples of your DNA.
Their labs analyze your samples. Then, the analysis lets you know about your physical characteristics, personality traits, and health risks. The results can even help you find lost relatives.
A DNA sample holds your genetic code. Think of it as a map of your entire genetic makeup.
Your DNA contains genes that make you who you are. So, when you send samples to a testing company, you’re handing over personal data to someone else.
Data privacy is becoming a major concern nowadays as people become aware of the potential risks of their information being used without their consent.
DNA data privacy is equally important because genetic data can reveal many sensitive details about yourself.
Meet The Expert
Dr. Rizza Mira is a medical doctor and a general practitioner who specializes in pediatrics, nutrition, dietetics, and public health.
As a pediatrician, she is dedicated to the general health and well-being of children and expecting parents. She believes that good nutrition, a healthy lifestyle, and prevention of illness are key to ensuring the health of children and their families.
When she’s not in the hospital, Rizza advocates and mobilizes causes like breastfeeding, vaccination drives, and initiatives to prevent illness in the community.
We understand how easy and exciting using DNA test kits from your home is. However, these tests may leave your DNA information less protected when performed outside a professional setting.
We've thought about the potential risks of using an at-home DNA test kit as much as you have. So, let’s go through them.
The thought that DNA testing companies could share or sell your genetic data can be unsettling. It's a valid concern and one that needs careful consideration.
DNA testing companies can share or sell your information to third parties, such as:
DNA testing companies can share or sell your information to third parties for various reasons. These third-party companies may include medical researchers, pharmaceutical and biomedical companies, law enforcement, and others.
A DNA testing service can store your genetic information on an online database. If a data breach occurs, hackers can access insecure servers and place your data at risk.
Your DNA reports, such as ancestry information, may get compromised. They can also get a hold of your raw DNA information — a file with your genetic variants.
The thought of hackers obtaining your DNA data can be deeply concerning. For example, they could potentially use your genetic information to create a fake identity or track you.
They can also sell your DNA data to third parties, like pharmaceutical companies, insurance companies, and so on.
A DNA testing company can keep your information on an online database, which can be susceptible to data breaches. It's a cause of concern because if the company's security measures are not stringent enough, hackers could potentially access your genetic data.
People may tamper with your samples or results to influence the outcome. Since companies can store DNA samples, it increases your risk for DNA fraud.
At-home DNA tests may be less secure and private than medical DNA testing. For example, a DNA service can compromise your identity if it keeps the following:
At-home DNA tests can give away your identity if the companies aren't careful enough with your information. DNA companies can also tamper with your DNA samples and result.
DNA testing companies partnered with CLIA-certified labs need to retain some of your personal information. They do this even if you request to delete them.
CLIA stands for Clinical Laboratory Improvement Amendments (CLIA) Program. It's a federal program that ensures accurate and reliable lab testing.
CLIA states that labs must keep information like your DNA, sex, and date of birth as part of their quality control guidelines. Unfortunately, storing information online puts you at risk of a data breach.
Some companies need to keep your information as a part of their quality control procedures. This can affect your DNA data privacy since storing information online can pose a risk of a data breach.
Every DNA testing company has its privacy policies. These policies can change over time and negatively affect your DNA security.
Many companies don’t even have privacy policies on genetic information.1 Some don’t practice much transparency in how they gather, use, and manage customer data.
For example, a 2017 study of DNA testing companies in the U.S. revealed that almost 40 percent of these companies gave no information about their genetic data practices.2
This includes what happens to biological samples or the resulting genetic data.
That said, some services do a better job of protecting your data and keeping it safe.
The lack of transparency in a DNA company's privacy policies can negatively impact your DNA security. This is also true for a company with changing privacy policies.
Know Your DNA Reviews
Don't miss out on the opportunity to learn more about yourself. Read our best DNA test page to find the best one for you.
We reviewed over 15 DNA tests and looked into their privacy policies. We found that well-known DNA test providers also have the most private DNA tests.
Big companies like 23andMe and AncestryDNA have more in-depth privacy policies. They also tend to be more accountable for their customers’ data.
It’s because they are more recognizable and have a reputation to uphold. They have more to lose if they are caught mishandling data.
Here are some of the best DNA testing kits and how they protect your data:
The California-based company has several testing kits available. Depending on the kit you ordered, it can provide traits, genetic ancestry, or health testing.
Here’s how 23andMe protects your privacy:
23andMe won’t share your genetic information with the government or law enforcers. They need to present a valid subpoena, warrant, or court order to access the company's database.
If you want a more extensive test, we recommend 23andMe vs. AncestryDNA. Read our 23andMe review to learn more.
23andMe offers the best DNA test that highly prioritizes your privacy. It offers different testing kits, covering analysis like ancestry or health. The company takes security seriously with its number of preventative measures.
AncestryDNA is one of the largest ancestry testing services, with over 20 million customers. They offer tests that trace your genetic genealogy, ethnicity, and ancestry.
Here’s how AncestryDNA protects your privacy:
If you want an in-depth ancestry test, AncestryDNA is a better choice than 23andMe. You can read our AncestryDNA review for more information.
AncestryDNA is the best, most private DNA test for ancestry. It has an extensive database of 20 million users. The company allows you to delete your account with them anytime.
We understand the concern since plenty of headlines about data breaches are floating around the internet.
While it's true that some risks to one’s privacy exist, however, this doesn’t mean your data is entirely unsafe.
Even though at-home DNA tests are not fully regulated, some government agencies and laws offer some protection. These include:
Both the FTC and GINA cover direct-to-consumer genetic testing kits. But keep in mind that these are just regulations and not laws, so they offer limited protection.3
HIPAA only offers protection for people who take medical genetic tests. It doesn’t cover testing performed using DTC genetic test kits, such as at-home tests.4
Despite words about data breaches with DNA companies going around, it doesn't mean that your DNA data is entirely unsafe. A number of government agencies and laws offer some data protection.
The FTC is concerned with the privacy of your DNA data and may help keep it safe. GINA and HIPAA can protect your information from being misused by companies.
The FTC promotes consumer protection by enforcing the civil U.S. antitrust law. They can take action against companies that fail to protect customer data.
The agency controls companies that make false and misleading statements about data security and privacy.
“Because of the tendency of some companies to post their results online, the FTC warns consumers always to check the website’s security and privacy policies,” says Dr. Mira.
The FTC can take action against companies that fail to protect the security of their customer's data. It also regulates false and misleading statements about data security and privacy made by DNA companies.
According to GINA, employers can’t use genetic data to make job-related decisions, such as:4
GINA also prevents health insurance companies from using genetic data to limit their offer to customers. It includes the coverage, insurance costs, and benefits.
In California, they have an amended CalGINA. It prohibits the use of genetic information to discriminate against people who may need the following:5
GINA helps ensure that your genetic data won't be used to discriminate you workplace or health-related wise. It ensures that you won't be denied with opportunities and services because of your DNA results.
HIPAA prevents health insurance companies from using genetic data to decide on insurance plans. It is covered by the amended Protected Health Information (PHI).
This includes your genetic information and the DNA of:
Even if there’s evidence of genetic health risks, a health insurance company can't use it to deny or limit your access to their services.
HIPAA ensures that health insurance companies won't deny you their services because of your DNA test results. The protection extends to the genetic data of your family member, the fetus or embryo of a family member, and your unborn baby if you took a DNA test while pregnant.
Everybody is concerned about hackers and security breaches. But, it may seem impossible to guarantee the complete security of your data.
However, we've put together five ways to help you minimize the risk of compromising your DNA information.
Before you send a sample for testing, you’ll be asked to sign a consent form on using your DNA. You can learn about a testing company’s privacy policies if you read the fine print.
These may include important details, such as:
Most people need to complete this section. Because if you proceed with the test without doing so, you agree to share your DNA whether or not you read or understood it.
It's important to read these before giving consent. Your genetic data's security will largely depend on your chosen testing company's privacy policies
You can make an informed choice after reading about a company’s privacy policies.
If you’re comfortable with how they protect your data, you can sign the consent form and continue with the test. But if you’re not, you can choose not to consent.
Genetic testing companies may also ask for additional permissions. They may also change their privacy policies after you take a test. Make sure to read them before signing.
Some DNA tests provide separate agreements if they need permission to use your data for research. You should avoid sharing your genetic information outside the company.
Once your data reaches a third party, deleting it can be difficult or impossible. They can also share your data with another company or organization without your knowledge.
Private DNA testing companies, such as 23andMe, allow you to destroy your samples and delete your raw data physically. Others, like AncestryDNA, let you delete your entire account.
If your information shows up during DNA matches, deleting your data will prevent it from appearing. Potential family members won’t be able to find you, and you can keep your privacy.
After taking the test, some companies let you download your raw data for later use. You can upload this file to other DNA services and learn more about your genetic makeup.
You have to be cautious about where you upload your genetic data. Only choose private DNA testing services with comprehensive privacy policies.
Know Your DNA Reviews
Looking for a DNA test that's accurate and can tell you about your health and heritage?