This is the 2025 edition of the code. This is the current edition. Browse all editions.

§ 59.1-597 Other requirements applicable to direct-to-consumer genetic testing companies

Every direct-to-consumer genetic testing company shall:

1. Implement and maintain reasonable security procedures and practices to protect a consumer’s genetic data against unauthorized access, destruction, use, modification, or disclosure; and

2. Develop procedures and practices to allow a consumer to easily (i) access the consumer’s genetic data; (ii) delete the consumer’s genetic data, except any data required by state or federal law to be retained by the direct-to-consumer genetic testing company and any account the consumer may have created with the direct-to-consumer genetic testing company; and (iii) revoke express consent to storage of the consumer’s biological sample and request destruction of such biological sample.

History

This law was first created in 2023. The record of its establishment is cataloged in chapter 526 of that year’s edition of “Acts of Assembly,” the annual state publication listing all changes made to the Code of Virginia in that year.

2023, c. 526.

Download