|Name of Article||Specific Clauses or the Law||Scope||Mapping|
|Ga. Rev. Code §§ 33-54-3||Purpose of testing; consent required; confidential and privileged information
(a) except as otherwise provided in this chapter, genetic testing may only be conducted to obtain information for therapeutic or diagnostic purposes. Genetic testing may not be conducted without the prior written consent of the person to be tested.
(b)information derived from genetic testing shall be confidential and privileged and may be released only to the individual tested and to persons specifically authorized by such individual to receive the information. Any insurer that possesses information derived from genetic testing may not release the information to any third party without the explicit written consent of the individual tested. Information derived from genetic testing may not be sought by any insurer as defined in code section 33-54-2.
|Genetic||(a)-secondary use, (b)-disclosure|
|Ga. Rev. Code §§33-54-6||[[Disclosure | Use of information for scientific research purposes authorized notwithstanding the provisions of code sections 33-54-3 and 33-54-4, any research facility may conduct genetic testing and may use the information derived from genetic testing for scientific research purposes so long as the identity of any individual tested is not disclosed to any third party, except that the individual's identity may be disclosed to the individual's physician with the consent of the individual.||Genetic||Disclosure|
|OCGA §§33-54-1 et seq||The general assembly further finds and declares that:
(1) genetic information is the unique property of the individual tested;
(2) the use and availability of information concerning an individual obtained through the use of genetic testing techniques may be subject to abuses if disclosed to unauthorized third parties without the willing consent of the individual tested;
(3) to protect individual privacy and to preserve individual autonomy with regard to an individual's genetic information, it is appropriate to limit the use and availability of genetic information; and
(4) the intent of this chapter is to prevent accident and sickness insurance companies, health maintenance organizations, managed care organizations, and other payors from using information derived from genetic testing to deny access to accident and sickness insurance.
|Breach Notification, Title 10, Chapter 1, Article 34 §10-1-912 (2010)||O.C.G.A. 10-1-912 (2010)
10-1-912. Notification required upon breach of security regarding personal information
(b) Any person or business that maintains computerized data on behalf of an information broker or data collector that includes personal information of individuals that the person or business does not own shall notify the information broker or data collector of any breach of the security of the system within 24 hours following discovery, if the personal information was, or is reasonably believed to have been, acquired by an unauthorized person.
(c) The notification required by this Code section may be delayed if a law enforcement agency determines that the notification will compromise a criminal investigation. The notification required by this Code section shall be made after the law enforcement agency determines that it will not compromise the investigation.
(d) In the event that an information broker or data collector discovers circumstances requiring notification pursuant to this Code section of more than 10,000 residents of this state at one time, the information broker or data collector shall also notify, without unreasonable delay, all consumer reporting agencies that compile and maintain files on consumers on a nation-wide basis, as defined by 15 U.S.C. Section 1681a, of the timing, distribution, and content of the notices.
|Action in event of Telephone Record Security Breach (2010)|| (a) In the event of a breach of a telephone record concerning a Georgia resident, the telecommunications company must provide notice to the Georgia resident immediately following discovery or notification of the breach if such breach is reasonably likely to cause quantifiable harm to the Georgia resident. The notice must be made in the most expedient manner possible and without unreasonable delay, consistent with any measures necessary to determine the scope of the breach and restore the reasonable integrity, security, and confidentiality of the telephone record.
(b) Notwithstanding any provisions of this article to contrary, a telecommunications company that maintains its own notification procedures as part of an information security policy for the treatment of personal information and is otherwise consistent with the timing requirements of this Code section shall be deemed to be in compliance with the notification requirements of this Code section if it notifies the individuals who are the subject of the notice in accordance with its policies in the event of a breach of the security of the system.
(c) The notice required by this Code section shall be delayed if a law enforcement agency informs the business that notification may impede a criminal investigation or jeopardize national or homeland security, provided that such request is made in writing or the business documents such request contemporaneously in writing, including the name of the law enforcement officer making the request and the officer's law enforcement agency engaged in the investigation. The notice required by this Code section shall be provided without unreasonable delay after the law enforcement agency communicates to the business its determination that notice will no longer impede the investigation or jeopardize national or homeland security.
(d) A violation of this Code section constitutes an unfair or deceptive practice in consumer transactions within the meaning of Part 2 of Article 15 of Chapter 1 of Title 10, the "Fair Business Practices Act of 1975."
|Furnishing copy of records to patient, provider, or other authorized people (2010)||§ 31-33-2. Furnishing copy of records to patient, provider, or other authorized people
(a)(1)(A) A provider having custody and control of any evaluation, diagnosis, prognosis, laboratory report, or biopsy slide in a patient's record shall retain such item for a period of not less than ten years from the date such item was created.
(B) The requirements of subparagraph (A) of this paragraph shall not apply to:
(i) An individual provider who has retired from or sold his or her professional practice if such provider has notified the patient of such retirement or sale and offered to provide such items in the patient's record or copies thereof to another provider of the patient's choice and, if the patient so requests, to the patient; or
(ii) A hospital which is an institution as defined in subparagraph (A) of paragraph (4) of Code Section 31-7-1, which shall retain patient records in accordance with rules and regulations for hospitals as issued pursuant to Code Section 31-7-2.
(2) Upon written request from the patient or a person authorized to have access to the patient's record under an advance directive for health care or a durable power of attorney for health care for such patient, the provider having custody and control of the patient's record shall furnish a complete and current copy of that record, in accordance with the provisions of this Code section. If the patient is deceased, such request may be made by the following persons:
(A) The executor, administrator, or temporary administrator for the decedent's estate if such person has been appointed; (B) If an executor, administrator, or temporary administrator for the decedent's estate has not been appointed, by the surviving spouse; (C) If there is no surviving spouse, by any surviving child; and (D) If there is no surviving child, by any parent.
(b) Any record requested under subsection (a) of this Code section shall within 30 days of the receipt of a request for records be furnished to the patient, any other provider designated by the patient, any person authorized by paragraph (2) of subsection (a) of this Code section to request a patient's or deceased patient's medical records, or any other person designated by the patient. Such record request shall be accompanied by:
(1) An authorization in compliance with the federal Health Insurance Portability and Accountability Act of 1996, 42 U.S.C. Section 1320d-2, et seq., and regulations implementing such act; and (2) A signed written authorization as specified in subsection (d) of this Code section.
(c) If the provider reasonably determines that disclosure of the record to the patient will be detrimental to the physical or mental health of the patient, the provider may refuse to furnish the record; however, upon such refusal, the patient's record shall, upon written request by the patient, be furnished to any other provider designated by the patient.
(d) A provider shall not be required to release records in accordance with this Code section unless and until the requesting person has furnished the provider with a signed written authorization indicating that he or she is authorized to have access to the patient's records by paragraph (2) of subsection (a) of this Code section. Any provider shall be justified in relying upon such written authorization.
(e) Any provider or person who in good faith releases copies of medical records in accordance with this Code section shall not be found to have violated any criminal law or to be civilly liable to the patient, the deceased patient's estate, or to any other person.
|Genetic Testing (2010)||19-7-45. Genetic tests
All orders requiring parties to submit to genetic tests shall be issued in conformance with Code Sections 19-7-43 and 19-7-46. In all cases such tests must be conducted by a laboratory certified by the American Association of Blood Banks. When an action to determine paternity is initiated prior to the birth of a child, the court shall order that the genetic tests be made as soon as medically feasible after the birth. The tests shall be performed by a duly qualified licensed practicing physician, duly qualified immunologist, or other qualified person. In all cases, however, the court shall determine the number and qualifications of the experts. In all cases the results shall be made known to all parties at interest as soon as available. An order issued under this Code section is enforceable by contempt, provided that, if the petitioner refuses to submit to an order for a genetic test, the court may dismiss the action upon motion of the respondent.