Privacy Implications of Contacting the At-Risk Relatives of Patients with Medically Actionable Genetic Predisposition, with Patient Consent: A Hypothetical Australian Case Study.

Abstract

Genetic risk information has relevance for patients' blood relatives. However, cascade testing uptake in at-risk families is <50%. International research supports direct notification of at-risk relatives by health professionals (HPs), with patient consent. However, HPs express concerns about the privacy implications of this practice. Our privacy analysis, grounded in a clinically relevant hypothetical scenario, considers the types of personal information involved in direct notification of at-risk relatives and the application of Australian privacy regulations. It finds that collecting relatives' contact details, and using those details (with patient consent) to notify relatives of possible genetic risk, does not breach Australian privacy law, providing that HPs adhere to regulatory requirements. It finds the purported "right to know" does not prevent disclosure of genetic information to at-risk relatives. Finally, the analysis confirms that the discretion available to HPs does not equate to a positive duty to warn at-risk relatives. Thus, direct notification of a patient's at-risk relatives regarding medically actionable genetic information, with patient consent, is not a breach of Australian privacy regulations, providing it is conducted in accordance with the applicable principles set out. Clinical services should consider offering this service to patients where appropriate. National guidelines would assist with the clarification of the discretion for HPs.