G(e)nomes and Trolls: DNA sequencing and future risk
Typically, when we talk about futuristic technologies in healthcare, it’s often hard to anticipate how quickly society will make the bridge between science fiction and mainstream medical practice. That was almost certainly the case in the early noughties when scientists were at work developing the publication of the first complete genome in an effort to provide a DNA bible by which future medicine would abide. However, just 14 years on from the big breakthrough in 2003, DNA sequencing is making itself uncompromisingly known in the daily lives of health practitioners in some of the most important fields of treatment.
2017 itself was intended to be a landmark year for the development of ‘genomic services’ – a term coined by the Department for Health when it launched the 100,000 Genomes project in 2012, with the intention of sequencing 100,000 genomes from NHS patients within the space of five years.
While that initial deadline may have been moved back a year, all signs are pointing to DNA sequencing becoming this century’s defining revolution in mainstream treatment as it creates a sprawling mass of new data with which to develop treatments for previously untouchable diseases. The economics and scale are also becoming a lot more attractive; with big businesses like Philips and IBM engaged in research, the production of a complete DNA sequence can now be achieved in less than a day at a rapidly dropping cost, projected to soon reach just $100.
The future looks bright but, as with any new development, there is a level of risk that needs to be assessed, and medical insurers are rightly doing their due diligence for current and future policy. Interestingly, while insurers might have once been predominantly concerned with issues of negligence and malpractice in treatment, the threat profile is following general insurance practice and moving in the direction of the IT department.
Biological data is becoming increasingly important as technology provides us with greater access to what makes us human.
However, what begins with the issue of access can often lead to questions of ownership. Is our genetic information “property”? If so, who owns it and what rights does the owner have over it? One of the co-discoverers of the BRCA1 and BRCA2 genes (that signal an increased risk of developing breast cancer) sought to patent its discovery in the US. A US court held that the genetic information already existed in nature and that naturally occurring compositions are (at least in the US) incapable of being patented. Elsewhere in the world though, companies have been able to patent naturally occurring genetic information. Since the usual aim of obtaining a patent is to allow an invention to be exploited commercially, this raises the spectre of the testing and treatment for certain genetic conditions being available only to those with deep enough pockets.
In the UK, our genetic data satisfies the definition of sensitive personal data within the Data Protection Act 1998, consisting of information regarding our “physical or mental health”. Such data must be held and processed within the strict provisions of the Act, in recognition of its value and sensitivity and the potential for it to be exploited. For example, how would we feel about the idea of an employer, or an insurer, having access to our genetic data? This gives rise to the potential for decision making (potentially discriminatory decision making) on genetic grounds – not necessarily for what is, but for what might be. Insurance premiums could be raised for those with certain genetic markers, jobs offered to those with more “favourable” genetic profiles.
The uses to which our genetic data might be put are many and varied. There is huge potential for medical advancement, such as bespoke cancer treatments. There is also the risk of significant harm. In 2013, the US Food and Drug Administration determined that a particular genotyping test was intended for the “diagnosis of disease…or in the cure, mitigation, treatment or prevention of disease” and warned of the potential consequences of false positive or false negative results.
Worse still is the prospect of our genetic data falling into the hands of other, shadier, third parties. A biological data breach, for example, is much more invasive than someone stealing your bank details – your biological passport can’t be restored with a new pin number or password. Once it’s out there, your entire genetic make up is available to the highest bidder.
All of this points to something of a Big Data headache. The raw data from one genome alone amounts to around 200GB, with every genome offering millions of variants from a reference model. The data generated by the NHS’s 100,000 Genomes project alone is therefore significant in itself, and all of it needs to be protected from those wanting to exploit it for the wrong reasons. As technology makes the data easier and cheaper to obtain, obvious questions arise – how is my genetic data held? How securely, by whom and to what end?
The direction of travel for analysing data also points towards future risk. Filtering down millions of DNA combinations to isolate just a few harmful ones inevitably requires the input of artificial intelligence. Again, this opens the door to potential cyber threats and creates a product liability chain that extends beyond doctors and pharmaceutical manufacturers.
The potential for DNA Sequencing, both the positive and negative, is clearly huge and it’s a door we’re unlikely to close again. When you consider that the cost of discovering your genetic make up costs less than a new iPhone, it’s not hard to believe this could very quickly become an industry in itself. And as with any industry, insurers will need to be ready to pick up the pieces.This is a guest article written by Greg McEwen, Partner, BLM.