United States of America: Entry into force with grace period of California Genetic Information Privacy Act

The Genetic Information Privacy Act (SB 41) was signed into law on 6 October 2021 by the Californian Governor. The act requires companies that provide direct-to-consumer genetic testing to inform consumers about the company’s policies and procedures regarding the collection, use, maintenance, and disclosure of genetic data and to obtain the consumer’s express consent for the use of their genetic data. The law gives consumers the right to revoke their consent in which case companies have to destroy the consumer’s biological sample within 30 days. Furthermore, the companies will have to comply with the laws for genetic data disclosure to law enforcement without the consumer’s consent and to implement and maintain security procedures to protect consumers’ genetic data. The law will take effect from 1th of January 2022.