Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · Utah · Title 13 — Commerce and Trade · Chapter 60

13-60-104. Consumer genetic information -- Privacy notice -- Consent -- Access -- Deletion -- Destruction.

433 words·~2 min read·/ut/title-13/chapter-60/13-60-104

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Effective 5/3/2023
13-60-104. Consumer genetic information -- Privacy notice -- Consent -- Access -- Deletion -- Destruction.
(1)A direct-to-consumer genetic testing company shall:
(a)provide to a consumer:
(i)essential information about the company's collection, use, and disclosure of genetic data; and
(ii)a prominent, publicly available privacy notice that includes information about the company's data collection, consent, use, access, disclosure, transfer, security, retention, and deletion practices;
(b)obtain a consumer's initial express consent for collection, use, or disclosure of the consumer's genetic data that:
(i)clearly describes the company's use of the genetic data that the company collects through the company's genetic testing product or service;
(ii)specifies who has access to test results; and
(iii)specifies how the company may share the genetic data;
(c)if the company engages in any of the following, obtain a consumer's:
(i)separate express consent for:
(A)the transfer or disclosure of the consumer's genetic data to any person other than the company's vendors and service providers;
(B)the use of genetic data beyond the primary purpose of the company's genetic testing product or service; or
(C)the company's retention of any biological sample provided by the consumer following the company's completion of the initial testing service requested by the consumer;
(ii)informed consent in accordance with the Federal Policy for the Protection of Human Subjects, 45 C.F.R. Part 46, for transfer or disclosure of the consumer's genetic data to a third party for:
(A)research purposes; or
(B)research conducted under the control of the company for the purpose of publication or generalizable knowledge; and
(iii)express consent for:
(A)marketing to a consumer based on the consumer's genetic data; or
(B)marketing by a third party person to a consumer based on the consumer having ordered or purchased a genetic testing product or service;
(d)require valid legal process for the company's disclosure of a consumer's genetic data to law enforcement or any government entity without the consumer's express written consent;
(e)develop, implement, and maintain a comprehensive security program to protect a consumer's genetic data against unauthorized access, use, or disclosure; and
(f)provide a process for a consumer to:
(i)access the consumer's genetic data;
(ii)delete the consumer's account and genetic data; and
(iii)destroy the consumer's biological sample.
(2)Notwithstanding Subsection (1)(c)(iii) , a direct-to-consumer genetic testing company with a first-party relationship to a consumer may, without obtaining the consumer's express consent, provide customized content or offers on the company's website or through the company's application or service.
Renumbered and Amended by Chapter 327 , 2023 General Session
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.