DNA Q&A: DNA Tests and Privacy

By Diahan Southard

Sign up for the Family Tree Newsletter Plus, you’ll receive our 10 Essential Genealogy Research Forms PDF as a special thank you!

Get Your Free Genealogy Forms

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Jump to:

Q: Are there health or life insurance implications to taking a DNA test?
Q: How can I keep my DNA information private?
Q: Can I ever remove my DNA from a database?

Q: Are there health or life insurance implications to taking a DNA test?

This is really two questions in one: First, do our companies test DNA that might be of interest to our insurance companies? And second, would your insurance company have access to it?

In an effort to be upfront and straight-forward—but without wanting to cause any undo alarm—the short answer to the first question is “maybe.” (I know—clear and concise, right?)

The uncertainty is based on lots of factors, the first of which is DNA test type. Certain kinds of Y-DNA and mtDNA tests don’t hold any medical information, but others do. So if you take a full-sequence mtDNA test or the “Big Y” Y-DNA test, then yes, there is some medical information that is tested by the companies.

And there are certainly medically relevant parts of your DNA being examined by the autosomal DNA tests conducted by the big companies (23andMe, AncestryDNA, Family Tree DNA, MyHeritage DNA and Living DNA).

As for the second part of the question: Your insurance company would need to find a way to access your data. The privacy policies of the five largest companies all state that they will not share your data with anyone (including insurance providers) without your consent. But ultimately, you want to be oh-so-careful to read all of the privacy statements and terms of conditions to be sure you understand what you’re agreeing to when you hand over your DNA.

The other factor in answering this question is your location—and any laws that might regulate DNA and insurance. In the United States, we have GINA, the Genetic Information Nondiscrimination Act. I like to think of her as “Aunt Gina,” the spinster aunt who has nothing better to do than protect your genetic information from leaking into the hands of employers and, yes, insurance agents. According to the GINA website, “Health insurers may not use genetic information to determine if someone is eligible for insurance or to make coverage, underwriting or premium-setting decisions.”

However, this benevolent aunt can only do so much. Per that same website, her “health insurance protections do not cover long-term care insurance, life insurance, or disability insurance, though some states have state laws that offer additional protections against genetic discrimination in these lines of insurance.” And, of course, the law only applies to the United States—I can’t speak for other countries.

If you’re concerned about this issue, the biggest question you need to ask yourself is whether the information turned up by a DNA test (for example, about medical history or genetic disposition to diseases) can be found using other means. And, as is the case with everything from our bank accounts to our cell phones, we give up a bit of privacy to get something we want.

Updated July 2021.

Return to top

Q: How can I keep my DNA information private?

A: This is a big question and it needs to be asked more. The best answer is simple, if unsatisfactory: if you want to keep your DNA information private, don’t take a DNA test. Oh, and don’t ever leave your house; ever. See, you are actually leaving bits of you everywhere you go. We shed hair and skin cells nearly constantly. If you are living in the United States, any item that is considered “abandoned,” like your Starbucks cup, contains tons of your DNA, and in most states is fair game to be picked up and tested.

But I don’t think that is what you were asking. In this digital world, if you own a cell phone, a credit card, or have an email account, you have given up some of your privacy in exchange for convenience or information. Taking a DNA test is very similar. So if you want to trade a little privacy for information your DNA can reveal, what is the best way to do it? Here are five tips:

First of all, test with a reputable company. Stick with our Big 5: 23andMe, AncestryDNA, Family Tre DNA, MyHeritage DNA, and Living DNA. There are many many satellite companies offering to take your DNA, or even just your DNA data, and run some kind of analysis on it. BE CAREFUL. Investigate the company before you give them your data.

Actually read the terms and conditions. For each company there are two consent checkboxes. One gives them authorization to test your DNA and must be agreed to. The other gives the company permission to use your DNA in their research. If you want to maintain the most privacy, don’t consent to research. Also keep in mind that a company can change their terms and conditions at any time, so keep your email address up to date in your account so you don’t miss important announcements (and then actually read them).

Understand the company’s role in law enforcement. Currently Family Tree DNA automatically opts everyone in their database into law enforcement searches.

Opt-out of DNA matching. If you are taking a test only to learn about your health or ethnicity, you can opt out of the DNA matching database. This means that you will not show up on anyone’s DNA match page – which essentially means that no one in the database will know you took a DNA test.

Don’t download your raw data. Your raw data Is the file generated by your testing company that lists all of your DNA values. Our testing companies are protecting your data in their database with some high-powered encryption methods. If you don’t have those same protections on your computer your data just won’t be as safe there.

In the end, our lives are just increasingly public with all of our comings and goings easily traceable. But it is still wise to take appropriate measures to ensure you understand what you are getting into in any new situation.

Return to top

Q: Can I ever remove my DNA from a database?

A: The answer to your question is a strong, definitive “Sort of.”

First, note that all DNA testing companies also keep the physical DNA they extracted from your saliva sample or cheek swab. There it will stay, tucked into a corner freezer, unless you specifically ask them to destroy it. So, when you ask if your DNA can be removed from that database, the answer is “Yes.” You can definitively have your physical DNA removed from the storage freezer of your testing company and destroyed.

Requesting your DNA sample be destroyed varies depending on where you tested. You can request to have it deleted via your account settings at 23andMe. But you actually have to call customer service at AncestryDNA, Family Tree DNA, MyHeritage and LivingDNA.

But that only covers the DNA sample itself. When a company analyzes your physical sample, it also creates a digital file for your DNA. All companies allow you to delete this digital file from their databases as well. You can do so from your account settings at 23andMe and AncestryDNA, and by calling customer service at Family Tree DNA, MyHeritage and Living DNA.

Note that, once a company destroys your physical DNA sample and your digital DNA results, you can’t go back. There is no retrieving them. So you will want to carefully weigh your options when considering removing your results.

Alternatives to Deleting Your DNA

Instead of actually deleting your data, you can simply remove your DNA digital file from the company’s matching service. This means that you’ll no longer see DNA matches, and no one else in the database can see you. (You could still access your ethnicity results.) You can access this option from your account settings page within each testing company.

At Family Tree DNA, you have an additional option to remove your digital DNA file from the view of law enforcement agencies that use the database to identify potential leads. In March 2019, Family Tree DNA officially opted in all US test takers into this effort to help law enforcement. (Those in Europe were automatically opted out to conform with  GDPR privacy standards.) If you want your DNA data excluded from that effort, go into your Family Tree DNA account and opt out.

Limitations to Deleting Your DNA

While you can remove your digital DNA file from all future matching, a record of your presence in the database might still exist. Your DNA matches may have taken a screenshot of their match with you, or written down your name and information before you removed your record. So in that sense, you can never be truly “deleted.”

In addition, DNA companies also allow you to participate in genetic research using your data. If you did so but then decide to opt out of that research, your data (anonymized and used in aggregate with other users’ data) will remain part of in-process projects. Your information wouldn’t be included in any new projects, but it will still be used for current projects.

So, in short, you have options in determining how testing companies use (or don’t use) your DNA results. You can access most privacy features under your account settings, but you’ll need to call customer service to access some of them.

Return to top

Related Reads

You might be wearing a welcome sign to online hackers and trackers without even realizing it. Protect your online privacy with these 10 tips.
Have the millions of DNA test-takers given up personal information? Our legal expert answers 19 crucial questions about DNA testing and your privacy.