The New York Times has an interesting dialogue on DNA and insurance. The opinions run the gamut, from “let insurers have the data” — guess who advocates that position — to “we need more regulation”.
Some of the more interesting points raised in the series:
- Genetic tests as they are currently performed may be no more predictive of outcomes than family histories and other medical tests,
- Truly catastrophic mutations are rare enough that they are in the noise statistically, and so likely will not be an important factor in insurance,
- There is little evidence (so far) of insurance industry discrimination based on genetics,
- We are still early in our understanding of how genes relate to disease, so we should be cautious in adopting new laws in light of our current ignorance.
As usual, I found myself most in agreement with Francis Collins:
The decision to have a genetic/genomic test resides with the owner of the genome — or in the case of children, with the parents. Except in rare circumstances, the decision to obtain genetic information should be made knowingly and freely. … Genetic information is powerful, personal and private.
It is tempting to look at this problem as a large regulatory challenge and to try to address it with the coarse tool of public policy, but this approach tends to overlook the role of the individual. The decision to make genetic data available to an insurer — a good genes discount for lower premiums? — or to keep that data private should rest with patients themselves. Regulation can help by providing a framework that prevents this from becoming a forced choice.
As I have noted before, regardless of how you feel about the role of regulations in this area, those regulations do not enforce themselves. The systems that we create to handle sensitive information ultimately determine how and to what degree regulations (and other policies) are enforced. Those systems must be designed to accommodate a wide variety of policy choices, from “lock it down” to “let it all hang out”. This flexibility is particularly necessary in systems that span multiple regulatory jurisdictions, but more fundamentally, it is necessary to empower individuals to take control over this most personal information.