(a) A direct-to-consumer genetic testing company shall establish legal policies and processes for disclosing genetic data to law enforcement or another government agency without a consumer's express written consent. (b) A direct-to-consumer genetic testing company shall develop, implement, and maintain a comprehensive security program to protect consumers' genetic data against unauthorized access, use, or disclosure. (c) A direct-to-consumer genetic testing company shall establish a process for a consumer to: (1) Access the consumer's genetic data; (2) Delete the consumer's account and genetic data; and (3) Request the destruction of the consumer's biological sample. (d) Notwithstanding any other provisions of law, a direct-to-consumer genetic testing company may not, without the consumer's written consent, disclose a consumer's genetic data to: (1) An entity offering health insurance, life insurance, disability insurance, or long-term care insurance; or (2) An employer of the consumer.
‹ Prev All Maryland sections Next ›
Lexace provides legal information, not legal advice, and no attorney–client relationship is created. Statute text is provided for general information and may not reflect the most recent amendments; verify against the official state code.