Does 23andMe enable HIPAA compliance?

The HIPAA (Health Insurance Portability and Accountability Act) Privacy Rule does not apply to consumer curation of health data or other protections related to privacy, security, or minimizing access to PHI. Even though 23andMe receives funding from the National Institutes for Health, 23andMe currently asserts that its data-mining analysis doesn’t constitute research on human subjects under the current version of the Common Rule because it de-identifies the data. This means that 23andMe may take the position that any consent it obtains to retain, use, and share consumer data isn’t necessary for regulatory compliance, but rather is done as a courtesy.

Product details

Company Logo

Product description

23andMe is a direct-to-consumer genetic testing and analysis service to help individuals understand and access personal information about the human genome.

This web page was updated on October 02, 2023.


Readers should perform their own research before making the final decision. The information on the Jotform HIPAA Compliance Checker does not constitute official healthcare or legal advice. Jotform is not liable for any damage or liabilities arising out of or connected in any manner with this platform.

If you see any incorrect, incomplete or inaccurate information, please request correction by filling the form below.

Request Correction

Get professional solutions with Jotform Enterprise

Discover how Jotform Enterprise can benefit your organization. Automate, collaborate, and scale with ease.