Foreign companies and some U.S. businesses with facilities abroad have been partnering or contracting with U.S. organizations to provide diagnostic tests and services that in some cases collect specimens, DNA, fitness / lifestyle information, or other personal health data from patients or consumers in the United States. Some of these companies may be subject to foreign laws that can compel them to share such data with foreign governments, including governments that exploit personal health data for their own ends and without regard to individual privacy.
For example, several Chinese companies have partnered or contracted with U.S. organizations and are accredited, certified, or licensed to perform genetic testing or whole-genome sequencing on patients in the U.S. healthcare system, potentially giving them direct access to the genetic data of patients in the United States. Chinese companies are compelled to share data with the government of the People’s Republic of China, which has used genetic data for state surveillance and repression of its ethnic and religious minorities, as well as for military research and applications.
Although research performed through partnerships and data sharing with foreign companies can potentially yield medical breakthroughs, the collection of U.S. personal health data by foreign companies can also pose potential risks to individual privacy and U.S. economic and national security.
Read more at the National Counterintelligence and Security Center