As part of a proposed settlement with the FTC, 1Health will be required to strengthen protections for genetic information and instruct third-party contract laboratories to destroy all consumer DNA samples that have been retained for more than 180 days.
California-based 1Health.io, Inc, also known as Vitagene, Inc. before changing its name in October 2020, has sold DNA health test kits and used DNA test results, along with information consumers supplied, to provide consumer with reports about their health, wellness, and ancestry as part of product packages that cost between $29 and $259. The health reports include personal information about a consumer’s health and genetics, such as their risk for developing health problems based on their genotype data…
…As part of the proposed order, 1Health.io, which Vitagene is now known as, must pay $75,000, which the FTC intends to use for consumer refunds. In addition to the DNA deletion requirement, under the proposed order the company:
- Must ensure any company that purchases all or parts of 1Health’s business agrees by contract to adhere to provisions of the order;
- Must notify the FTC about incidents of unauthorized disclosure of consumers’ personal health data; and
- Must implement a comprehensive information security program addressing the security failures outlined in the complaint.
The Commission voted 3-0 to issue the proposed administrative complaint and to accept the consent agreement with the company…
The Federal Trade Commission wrote: …Vitagene, a San Francisco based DNA testing company, promised consumers that it exceeded industry-standard security practices for maintaining the privacy of people’s sensitive health and genetic information. But the FTC says the company didn’t keep that promise. In fact, the FTC says Vitagene use a well-known cloud service provider to store people’s confidential information but didn’t use built-in cloud security measures…
In my opinion, it sounds like Vitagene / 1Health.io lied to its customers about how secure their DNA information was. It seems fair that the FTC decided to crackdown on the company and make it pay a lot of money for its terrible choices.