NIST seeks public comments on genomic data cybersecurity

The National Cybersecurity Center of Excellence at the National Institute of Standards and Technology has published a draft internal report and is accepting public comments through April 3.


Valuable to patients, healthcare providers and the government, genomic data has also enabled the rapid growth of the U.S. bioeconomy, according to the NCCoE announcement.

However, the characteristics of this high-value data raise privacy and risk management concerns – including for national security.

The NIST, MITRE and academic researchers note in the report that genomic data can be used for population surveillance, oppression and extortion and if corrupted, could potentially delay research or result in toxic products.

They identify gaps in protection practices across genomic data generation, sharing, collection, storage and monitoring and address the gaps in specific guidance addressing the unique needs of genomic data aggregation processors.

NIST also proposes strategies “to address real-life use cases occurring at various stages of the genomic data lifecycle” and avenues for potential government regulations and policies.


Medical professionals can consider an individual’s specific health attributes – including genomic data – to better tailor treatments to improve patient outcomes.

Healthcare technology companies, like Sophia Genetics, are partnering with tech giants like Microsoft to equalize data across silos, improve clinical workflows and elevate standards of care.

Meanwhile, Sarah Prezek, a lead associate and project manager at Booz Allen Hamilton, suggests crowdsourcing to advance the regulatory science behind precision medicine programs.

In December, she and her colleagues told Healthcare IT News readers that innovation is needed to ensure the safety and efficacy of regulatory tools, and crowdsourcing enables bioinformatics companies and other stakeholders to validate their technologies and approaches.

“By institutionalizing crowdsourcing into their precision medicine programs, stakeholders like precision medicine developers, regulators, citizen scientists, research teams, small business owners and healthcare organizations can dramatically widen the aperture of their thinking and approaches to addressing the many challenges in this fast-emerging field of science and technology,” they said.


“The characteristics of genomic data compared to other high-value datasets raises some correspondingly unique cybersecurity and privacy challenges that are inadequately addressed with current policies, guidance and technical controls,” said NCCoE said in the announcement.

Andrea Fox is senior editor of Healthcare IT News.
Email: [email protected]

Healthcare IT News is a HIMSS Media publication.

Source: Read Full Article