Governor Mark Gordon signed the Wyoming Genetic Data Privacy Act into law on March 8, 2022. The law goes into effect on July 1, 2022.

The Genetic Data Privacy Act requires any business that collects genetic data from individuals to: (1) provide transparent information to consumers about the collection, use, and disclosure of genetic data before collecting it and (2) obtain express consent from an individual before collecting the genetic data. The Act also includes strict prohibitions on how the genetic data can be disclosed and retained. The law does not apply to covered entities or business associates collecting protected health information under HIPAA.

The law provides consumers with the statutory right to request deletion of the data when they are no longer being used or needed for the purpose for which they were collected. It also provides consumers with a private right of action to seek damages from anyone who violates the Act.

The Attorney General of Wyoming has jurisdiction to enforce the law, which carries penalties of up to $2,500 for each violation, actual damages for consumers who have been harmed, and attorneys’ fees and costs.

Photo of Linn Foster Freedman Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chairs the firm’s Data Privacy and Security and Artificial Intelligence Teams. Linn focuses her…

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chairs the firm’s Data Privacy and Security and Artificial Intelligence Teams. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.