Myriad Genetics embroiled in breast-cancer data fight — again

Genetic-testing firm Myriad Genetics is facing a legal challenge from people who say the company refused to give them access to their own genomic data, in violation of a US government rule on medical records.

Although Myriad has now agreed to release the data to those individuals, the patients are pressing ahead with their complaint to the US government. The skirmish is the latest in a long-running war between Myriad and data-sharing advocates, and it could ultimately force the company to provide genetic information that patients could then share with scientists.

The patients, who are represented by the American Civil Liberties Union (ACLU), filed the complaint on 19 May with the US government alleging that Myriad, of Salt Lake City, Utah, had declined to release complete results of tests for the genes BRCA1 and BRCA2. Some variants of these genes are linked to higher risk of cancer; for others, the link to disease is unclear or the variants are considered to be harmless.

Myriad refused to report ‘benign’ BRCA variants back to patients when they requested this information in February. The ACLU says that the company’s denial violates a rule released by the US government in January that gives patients the right to obtain their full lab test results under the Health Insurance Portability and Accountability Act.

Breast-cancer survivor AnneMarie Ciccarella, one of the people who filed the complaint, said that she wants access to her complete data so that she can share it with scientists who are trying to understand the genetic contributions to cancer. “I want to see that the research community has access to every bit of data that has been generated from my body,” she said.

On 18 May, after the ACLU announced a press conference to discuss the complaint, Myriad released the data that Ciccarella and her three co-complainants had requested. “We believe the complaint lacks merit and should not be accepted,” the company said in a 19 May statement.

Seeking certainty
Ciccarella and the others who brought the complaint are pressing ahead with their case, in part to set the precedent that companies must legally provide the full results of genetic tests — not release it on a voluntary basis.

Observers say that makes sense, especially given Myriad’s history. The company had previously tried to block rivals from providing BRCA tests, asserting that it held patents that gave it the exclusive right to perform such diagnostics.

That changed in June 2013, when the US Supreme Court invalidated Myriad’s patents after the ACLU mounted a legal challenge. Myriad has not shared its large database on thousands of BRCA variants, despite requests from researchers studying the genetics of breast cancer. But it may now be forced to provide individual results on a patient-by-patient basis if the government decides to accept the latest complaint.

“If I were the plaintiffs, I’d want to make sure the government said that Myriad had to do what it did,” says lawyer and bioethicist Hank Greely at Stanford University in California. “If you’re a consumer advocate in the health-care space, Myriad may not be a company you trust.”

Heidi Rehm, a geneticist at the non-profit company Partners Healthcare Personalized Medicine in Cambridge, Massachusetts, drafted a statement of support for the complaint against Myriad. She says that as researchers learn more about genetic risks of cancer, they’re finding that variants once considered benign might actually contribute to cancer risk.

Rehm and other researchers are pushing for companies and individuals to share their genetic test data with open databases such as ClinVar, and she says that the push for data sharing is gathering increasing momentum. US insurance company Aetna, for instance, has said that it will favour testing companies that deposit data in ClinVar. And the US Food and Drug Administration is considering whether to give companies incentives to deposit their tests results in the database.

After a prominent gene-testing firm declined to give patients their complete data, ACLU filed a legal complaint

Four people with a family history of cancer, or who have cancer themselves, lodged a complaint this afternoon with the U.S. Department of Health and Human Services (HHS). It alleges that Myriad Genetics, a prominent genetic testing company, broke a federal rule by withholding genomic data that are rightfully theirs. At least one plaintiff wants to share her information with an open-access research database, to which Myriad has declined to contribute.

In a twist, after the American Civil Liberties Union (ACLU) notified journalists of an upcoming press conference on the matter, Myriad reversed course and supplied the patients with the information they had requested in February. Despite that move, ACLU went ahead and helped the patients file the complaint, in part because it covers what the organization describes as a past violation.

A spokesperson for Myriad, based in Salt Lake City, says that the company is frustrated by the complaint and believes it should be dropped.

Genetic testing labs, including Myriad, normally provide clients with information on gene variants that are known to increase the risk of disease (pathogenic), likely to be pathogenic, or of uncertain significance. But nearly everyone also has variants (often called polymorphisms) that are deemed benign—and companies typically don’t send clients information about those variants. But as researchers pool data from thousands of cancer gene tests, some of those benign variants may be reclassified as dangerous, or may become informative in ways that hadn’t been anticipated. That is one reason some of the patients involved in the complaint wanted Myriad to provide all of their genetic data, and not just the information on the pathogenic variants.

In the complaint, ACLU and the plaintiffs, supported by researchers in cancer genetics, say that Myriad ran afoul of a new regulation promulgated by HHS this past January: that individuals have a right to receive “the full gene variant information generated by the test.” The regulation was prompted, federal officials say, by a federal law known as the Health Insurance Portability and Accountability Act (HIPAA), which among other things governs the use of medical records and the protection of patient privacy.

Myriad says it didn’t even know about the new regulation, which was quietly posted on an HHS blog. In February, the company was taken aback to receive seven identically worded letters from past clients, says Ron Rogers, a Myriad spokesperson. “It was obvious to us that there was some sort of coordinated effort against Myriad to get this information,” Rogers says. The company receives up to 40 requests a day for test results, and “99.9% of them,” Rogers says, are for the usual pathogenic or uncertain variants, the kind included in the company’s patient reports. In this case, the patients sought polymorphisms—essentially, the benign variants. The letters referenced the January regulation.

As a result of those letters, Myriad discovered the HHS regulation change, Rogers explained. Still, the company didn’t immediately return the information to the patients, but did provide the usual test results—which each of the patients had previously received. With representatives from the testing firm LabCorp and the American Clinical Laboratory Association, Myriad employees traveled to Washington, D.C., to meet with HHS officials to better understand their obligations under the new regulation. “We tried to get a meeting … as fast as we could” with the department’s Office for Civil Rights, Rogers says. The office “told us that the way they were interpreting the guidance, it should include the benign variants. We quickly got to work, we compiled that information, completed that request yesterday, and sent it to all these patients.”

The four patients represented by ACLU are not appeased. (The organization declined to say whether it had previously been working with the three others.) It’s “my body, my blood, my data, my choice how I wish to share my information,” said AnneMarie Ciccarella, one of the plaintiffs, during a press conference earlier today. Ten years ago, Ciccarella was diagnosed with invasive breast cancer at 49 and, with a strong family history of cancer, she followed her doctor’s advice and got BRCA1 and BRCA2 testing through Myriad. Mutations in both genes are linked to a higher risk of breast, ovarian, and other cancers. Ciccarella’s results, however, were equivocal; Myriad told her it found a “variant of unknown significance” on BRCA1 and another on BRCA2.

Ciccarella wants all her DNA information made widely available to researchers, and in particular wants to donate it to a database called ClinVar. ClinVar is collecting DNA findings on as many people as possible; a separate but related database called ClinGen is trying to understand what those findings mean. (More information on both databanks is here.)

Myriad has provoked the ire of some scientists because the company has declined to submit its voluminous BRCA1 and BRCA2 data to ClinVar, unlike a number of other testing companies. Rogers says that’s because it wants to protect patient privacy. A pair of scientists has launched an effort to seek Myriad testing results from patients and providers as a substitute. One of them, Heidi Rehm, one of the leaders of ClinGen and an associate professor of pathology at Harvard Medical School in Boston, wrote a letter supporting ACLU’s complaint.

Siding with her were Thomas Hudson and Peter Goodhand, two leaders of the Global Alliance for Genomics and Health, a collaborative trying to improve the sharing of genomic data. It’s running a major effort to aggregate data on BRCA genes, called the BRCA Challenge. Hudson and Goodhand called on the HHS Office for Civil Rights to explicitly say that the regulation “includes variant calls”—decisions about whether a variant is benign, for example—“and raw sequencing files, giving patients the right under HIPAA to routinely access them and thus contribute to research and improved health.”

“I think it’s much ado about nothing,” Myriad’s Rogers says of the complaint. He says that Myriad has previously provided polymorphism data to the rare patient who asks, and will certainly do so now if required under HIPAA.

ACLU wants more assurance than that. “We need to know that it’s a change in their position,” says ACLU senior staff attorney Sandra Park. She says she knows of another person who submitted a request for polymorphism data before the January regulation change, she says, and who was denied by the company. “From February they took the clear position that this data was excluded from what is covered under HIPAA.”

Is there a broader goal to pressure Myriad into depositing its data into public databases like ClinVar? Park is oblique. “The best solution on that question is that Myriad just shares it,” she says, “and discloses this data to patients that request it.”

Myriad Genetics embroiled in breast-cancer data fight — again

Genetic-testing firm Myriad Genetics is facing a legal challenge from people who say the company refused to give them access to their own genomic data, in violation of a US government rule on medical records.

Although Myriad has now agreed to release the data to those individuals, the patients are pressing ahead with their complaint to the US government. The skirmish is the latest in a long-running war between Myriad and data-sharing advocates, and it could ultimately force the company to provide genetic information that patients could then share with scientists.

The patients, who are represented by the American Civil Liberties Union (ACLU), filed the complaint on 19 May with the US government alleging that Myriad, of Salt Lake City, Utah, had declined to release complete results of tests for the genes BRCA1 and BRCA2. Some variants of these genes are linked to higher risk of cancer; for others, the link to disease is unclear or the variants are considered to be harmless.

Myriad refused to report ‘benign’ BRCA variants back to patients when they requested this information in February. The ACLU says that the company’s denial violates a rule released by the US government in January that gives patients the right to obtain their full lab test results under the Health Insurance Portability and Accountability Act.

Breast-cancer survivor AnneMarie Ciccarella, one of the people who filed the complaint, said that she wants access to her complete data so that she can share it with scientists who are trying to understand the genetic contributions to cancer. “I want to see that the research community has access to every bit of data that has been generated from my body,” she said.

On 18 May, after the ACLU announced a press conference to discuss the complaint, Myriad released the data that Ciccarella and her three co-complainants had requested. “We believe the complaint lacks merit and should not be accepted,” the company said in a 19 May statement.

Seeking certainty
Ciccarella and the others who brought the complaint are pressing ahead with their case, in part to set the precedent that companies must legally provide the full results of genetic tests — not release it on a voluntary basis.

Observers say that makes sense, especially given Myriad’s history. The company had previously tried to block rivals from providing BRCA tests, asserting that it held patents that gave it the exclusive right to perform such diagnostics.

That changed in June 2013, when the US Supreme Court invalidated Myriad’s patents after the ACLU mounted a legal challenge. Myriad has not shared its large database on thousands of BRCA variants, despite requests from researchers studying the genetics of breast cancer. But it may now be forced to provide individual results on a patient-by-patient basis if the government decides to accept the latest complaint.

“If I were the plaintiffs, I’d want to make sure the government said that Myriad had to do what it did,” says lawyer and bioethicist Hank Greely at Stanford University in California. “If you’re a consumer advocate in the health-care space, Myriad may not be a company you trust.”

Heidi Rehm, a geneticist at the non-profit company Partners Healthcare Personalized Medicine in Cambridge, Massachusetts, drafted a statement of support for the complaint against Myriad. She says that as researchers learn more about genetic risks of cancer, they’re finding that variants once considered benign might actually contribute to cancer risk.

Rehm and other researchers are pushing for companies and individuals to share their genetic test data with open databases such as ClinVar, and she says that the push for data sharing is gathering increasing momentum. US insurance company Aetna, for instance, has said that it will favour testing companies that deposit data in ClinVar. And the US Food and Drug Administration is considering whether to give companies incentives to deposit their tests results in the database.

After a prominent gene-testing firm declined to give patients their complete data, ACLU filed a legal complaint

Four people with a family history of cancer, or who have cancer themselves, lodged a complaint this afternoon with the U.S. Department of Health and Human Services (HHS). It alleges that Myriad Genetics, a prominent genetic testing company, broke a federal rule by withholding genomic data that are rightfully theirs. At least one plaintiff wants to share her information with an open-access research database, to which Myriad has declined to contribute.

In a twist, after the American Civil Liberties Union (ACLU) notified journalists of an upcoming press conference on the matter, Myriad reversed course and supplied the patients with the information they had requested in February. Despite that move, ACLU went ahead and helped the patients file the complaint, in part because it covers what the organization describes as a past violation.

A spokesperson for Myriad, based in Salt Lake City, says that the company is frustrated by the complaint and believes it should be dropped.

Genetic testing labs, including Myriad, normally provide clients with information on gene variants that are known to increase the risk of disease (pathogenic), likely to be pathogenic, or of uncertain significance. But nearly everyone also has variants (often called polymorphisms) that are deemed benign—and companies typically don’t send clients information about those variants. But as researchers pool data from thousands of cancer gene tests, some of those benign variants may be reclassified as dangerous, or may become informative in ways that hadn’t been anticipated. That is one reason some of the patients involved in the complaint wanted Myriad to provide all of their genetic data, and not just the information on the pathogenic variants.

In the complaint, ACLU and the plaintiffs, supported by researchers in cancer genetics, say that Myriad ran afoul of a new regulation promulgated by HHS this past January: that individuals have a right to receive “the full gene variant information generated by the test.” The regulation was prompted, federal officials say, by a federal law known as the Health Insurance Portability and Accountability Act (HIPAA), which among other things governs the use of medical records and the protection of patient privacy.

Myriad says it didn’t even know about the new regulation, which was quietly posted on an HHS blog. In February, the company was taken aback to receive seven identically worded letters from past clients, says Ron Rogers, a Myriad spokesperson. “It was obvious to us that there was some sort of coordinated effort against Myriad to get this information,” Rogers says. The company receives up to 40 requests a day for test results, and “99.9% of them,” Rogers says, are for the usual pathogenic or uncertain variants, the kind included in the company’s patient reports. In this case, the patients sought polymorphisms—essentially, the benign variants. The letters referenced the January regulation.

As a result of those letters, Myriad discovered the HHS regulation change, Rogers explained. Still, the company didn’t immediately return the information to the patients, but did provide the usual test results—which each of the patients had previously received. With representatives from the testing firm LabCorp and the American Clinical Laboratory Association, Myriad employees traveled to Washington, D.C., to meet with HHS officials to better understand their obligations under the new regulation. “We tried to get a meeting … as fast as we could” with the department’s Office for Civil Rights, Rogers says. The office “told us that the way they were interpreting the guidance, it should include the benign variants. We quickly got to work, we compiled that information, completed that request yesterday, and sent it to all these patients.”

The four patients represented by ACLU are not appeased. (The organization declined to say whether it had previously been working with the three others.) It’s “my body, my blood, my data, my choice how I wish to share my information,” said AnneMarie Ciccarella, one of the plaintiffs, during a press conference earlier today. Ten years ago, Ciccarella was diagnosed with invasive breast cancer at 49 and, with a strong family history of cancer, she followed her doctor’s advice and got BRCA1 and BRCA2 testing through Myriad. Mutations in both genes are linked to a higher risk of breast, ovarian, and other cancers. Ciccarella’s results, however, were equivocal; Myriad told her it found a “variant of unknown significance” on BRCA1 and another on BRCA2.

Ciccarella wants all her DNA information made widely available to researchers, and in particular wants to donate it to a database called ClinVar. ClinVar is collecting DNA findings on as many people as possible; a separate but related database called ClinGen is trying to understand what those findings mean. (More information on both databanks is here.)

Myriad has provoked the ire of some scientists because the company has declined to submit its voluminous BRCA1 and BRCA2 data to ClinVar, unlike a number of other testing companies. Rogers says that’s because it wants to protect patient privacy. A pair of scientists has launched an effort to seek Myriad testing results from patients and providers as a substitute. One of them, Heidi Rehm, one of the leaders of ClinGen and an associate professor of pathology at Harvard Medical School in Boston, wrote a letter supporting ACLU’s complaint.

Siding with her were Thomas Hudson and Peter Goodhand, two leaders of the Global Alliance for Genomics and Health, a collaborative trying to improve the sharing of genomic data. It’s running a major effort to aggregate data on BRCA genes, called the BRCA Challenge. Hudson and Goodhand called on the HHS Office for Civil Rights to explicitly say that the regulation “includes variant calls”—decisions about whether a variant is benign, for example—“and raw sequencing files, giving patients the right under HIPAA to routinely access them and thus contribute to research and improved health.”

“I think it’s much ado about nothing,” Myriad’s Rogers says of the complaint. He says that Myriad has previously provided polymorphism data to the rare patient who asks, and will certainly do so now if required under HIPAA.

ACLU wants more assurance than that. “We need to know that it’s a change in their position,” says ACLU senior staff attorney Sandra Park. She says she knows of another person who submitted a request for polymorphism data before the January regulation change, she says, and who was denied by the company. “From February they took the clear position that this data was excluded from what is covered under HIPAA.”

Is there a broader goal to pressure Myriad into depositing its data into public databases like ClinVar? Park is oblique. “The best solution on that question is that Myriad just shares it,” she says, “and discloses this data to patients that request it.”