[edit]
From their website:
Data retention
23andMe will retain some information to comply with legal
obligations, including your DNA, sex, and date of birth
So apparently you can permanently delete your data, except for, oh just your DNA....[edit 2]
From NYT (https://archive.is/ynvDR)
However, 23andMe uses a laboratory that must follow
regulations under the Clinical Laboratory Improvement
Amendments, or CLIA. This means that some data, including
your DNA, sex and date of birth will be retained in order
to comply with these regulations. The company will no
longer use that information, though. You can read more
about the company’s deletion processhere.
A doctor I recently visited whipped out his iPhone and asked if I was okay with him recording our conversation so that some fly-by-night rando AI company could vacuum up our private conversation and spit out some LLM-generated summary of our visit. "Not to worry," he insisted, "they're HIPAA compliant!"
I probably should have walked out of the office right then and there, but instead I simply told him no, not under any circumstances may he record our private conversation and send it off to some third party over the Internet. He seemed a bit taken aback because I guess I am the only patient he's had push back on it. He tried saying that the service "really helped him" or something like that. It seemed like he was trying to make me feel bad for "making his job harder."
I simply replied that HIPAA compliance didn't prevent the last 5 or 6 letters I've received from both hospitals and insurance companies about "cybersecurity events" leading to the compromise of my PII. And not just any PII, mind you. It was my medical information, supposedly "protected" by HIPAA. These were major insurance companies and hospitals. And you want me to believe that some fly-by-night AI startup is going to somehow be a safe place for a goddamned fscking full audio recording of our private visit, just because they claim to be HIPAA compliant? Are you kidding me?
I've made it a point to start writing my representatives in government about these issues. They need to wake up and start doing something meaningful to protect the people who are being bamboozled by all the yahoos who play fast-and-loose with their privacy, especially medical PII.
I was also able to find out where I came from and connect with distant relatives. To those who are tightly connected with their huge family, you’re privileged.
I’d be sad if this resource went away but I don’t fear it being used for nefarious purposes. I can rest assured the US government is already miles ahead toward that end.
They do what is called "genotyping"[1] which is much cheaper than full "sequencing" [2], but which only probes for a limited set of known variants. So it's only partial information.
Since then 23andMe has launched a more expensive 23andMe+ Total Health offering, which does full sequencing, but like most people, I never subscribed to that package. In fact I had no occasion to interact with the company after the first result, which may be why they are struggling financially.
DNA testing is something most people might do at most once in their lives -- then they lose interest.
[1] https://customercare.23andme.com/hc/en-us/articles/202904610... [2] https://customercare.23andme.com/hc/en-us/articles/202904600...