Why Australia should quickly improve its legal framework for Whole Genome Sequencing of foodborne diseases and food pathogens
By Joe Lederman
(FoodLegal Co-Principal) and John Thisgaard (FoodLegal Senior Associate)
© Lawmedia Pty Ltd, November 2020
Whole Genome Sequencing (WGS) is a major opportunity for Australia to implement a comprehensive best-practice system for food pathogen surveillance using WGS technologies. Australia has potential to become a world leader in tracking foodborne pathogens and diseases across food supply chains domestically and internationally. This article identifies the regulatory impediments and inconsistencies relating to the collection and sharing of WGS data in Australia or for Australians, including privacy law issues. This article identifies the issues and solutions that could give Australia a leading edge if improvements were to be expedited.
What is WGS?
The best WGS technology allows a relatively quick and cheap way to extract the complete DNA sequence of the genome of an organism in a single instant. WGS technology has rapidly emerged during the COVID-19 pandemic as a significant contact-tracing tool for helping track down the source of each infection breakout. Its usefulness has demonstrated and proven the potential for also being able to trace pathogens that coexist with foods and which can be the source of foodborne illness outbreaks. In food supply chains, it is possible that by looking for common gene sequences between food that may have caused illness and particular known bacteria, WGS can identify food contaminants and detect threats quickly.
The application of WGS technology to foodborne pathogens and illness is an imperative that should be considered by all governments around the world. Although the Australian framework has been handicapped by the joint nature of a federal-state governmental system, it is our view that there is considerable scope for improvement of the Australian system if additional enabling laws were to be enacted.
How WGS operates within Australia’s federal regulatory framework
Any use of WGS in Australia must currently contend with the division of various powers and responsibilities between Australia’s Federal government, and the governments of the individual Australian States and Territories.
The Australian Federal Government is signatory to international treaties that guarantee Australian access to important international databases with genomic data. However, it is the State sand Territories that are responsible for food safety regulation and enforcement. Moreover, while the Federal government oversees the sharing of genomic data within and outside of Australia, it relies on cooperation by the States and Territories for this to occur.
The Federal Government established the National Notifiable Diseases Surveillance System (NNDSS) in 1990. Under the NNDSS, the Federal Health Minister is required to compile a National Notifiable Disease List (NNDL), which is intended to capture any disease that would create a public health risk should an outbreak occur. As at November 2020, the following notifiable foodborne illnesses are included in the NNDL:
· Clostridium botulinum infection (botulism)
· Haemolytic uraemic syndrome (HUS)
· Hepatitis A
· Hepatitis E
· Paratyphoid fever
· Shiga-like toxigenic Escherichia coli
· Typhoid fever
Each of the above diseases (notifiable diseases) can be identified through WGS technology.
However, the Federal government relies on State and Territories to disclose data in relation to notifiable diseases on the NNDL under the National Health Security Act. The National Health Security Act provides for the Federal and State and Territory governments to enter into an agreement for the sharing of data relating to notifiable diseases.
State and Federal discrepancies, and inconsistencies between State jurisdictions
Even though the National Health Security Act provides for an agreement to act as a mechanism for information-sharing by States and Territories, this agreement remains voluntary. The Federal government has no power to compel States and Territories to provide this information. Moreover, States and Territories are responsible for implementing their own notification and data collection arrangements through their respective public health frameworks.
Notification conditions vary greatly between States and Territories. Differences can be found in the timing and method of notification, and the entities that are obliged to report on a particular disease. While most foodborne diseases on the NNDL are classed as either urgent or routine across all jurisdictions, there are inconsistencies in the classification of Hepatitis E, Listeriosis and Shiga-like toxigenic Escherichia coli. Furthermore, while all include mandatory notification obligations for diseases in the NNDL, some States have imposed notification requirements for other foodborne diseases outside of the NNDL, which again vary.
Public health legislation in each State and Territory imposes notification requirements on pathology labs and medical practitioners that find that a patient has a notifiable disease. However, the deadline for notifying the relevant State or Territory authority differs significantly between jurisdictions:
· Tas: facsimile before 5:00pm on the next working day
· NSW: 24 hours
· Qld: 48 hours
· WA: 72 hours
· SA: 3 days
· Vic and ACT: 5 days
In NSW, Queensland and the ACT, notification obligations are also imposed on persons in charge of a hospital. In the ACT, this obligation also extends to a person responsible for the care, counselling, support or education of another. In Tasmania, notification obligations apply to the superintendent and senior health professional responsible for care in a residential, education, healthcare or childcare facility.
In Victoria and NSW, medical practitioners and labs also have the power to voluntarily inform the relevant government Authority of other matters that could pose a threat to public health.
Challenges posed by privacy legislation
In addition to the issues that arise from the division of responsibilities between the Federal government and Australia’s States and Territories, the sharing of data relating to notifiable diseases often contains personal information. As such, data-sharing can run into obstacles under Australia’s various privacy regulations.
The Federal Privacy Act sets out principles that apply to the collection and distribution of personal data. These principles apply to the vast majority of large businesses. They include:
· Data must be collected from the individual unless unreasonable or impracticable to do so. In most instances, the individual must give consent for their data to be collected.
· If a health service provider receives unsolicited personal information it otherwise would not have been allowed to collect, it must destroy or de-identify the information as soon as possible if it is lawful and reasonable to do so.
· Consent must be obtained before the data can be shared or disclosed, unless an exception applies.
A breach of the Privacy Act can lead to substantial fines, court enforceable undertakings and statutory penalties of up to $2.1m for repeated breaches. It is also worth noting that Victoria, NSW and the ACT also impose privacy restrictions with respect to medical data. In Victoria, for example, the misuse of medical data can incur a penalty of up to $49,500.
Although they play an important role in the protection of personal information, these privacy laws present a risk that could in fact serve to restrict the flow of WGS data, thereby impairing Australia’s ability to respond to foodborne diseases and other issues, by acting as a disincentive for relevant parties to collect and share relevant data. As the laws currently stand, medical practitioners and other parties sharing WGS data might be at the mercy of administrative or judicial discretions in interpreting privacy laws.
Legal defence arguments to counter alleged Privacy law breaches
Even under existing laws there are a number of potential avenues to argue that the sharing of WGS data does not amount to a breach of privacy laws. Expert advice should be sought in relation to your specific circumstances if seeking to rely on one or more of the following arguments:
1. The data does not fall under the definition of “personal information”.
In many cases, WGS data must contain personal information such as patient age, location, immune status, underlying conditions, and clinical outcome of the illness. The removal of such data may impact the extent to which the data can be relied on by health professionals. Even if laboratories limit the exchanged information to metadata which describes the source and details of the isolate, this still requires passing on patient demographics and clinical information.
Nevertheless, where it is possible to separate the data from personal information, it might be possible to argue that the collection and use of the data does not trigger any privacy requirements as the data is not “personal information”.
2. Consent has been given regarding the collection and use of the information
In most cases, personal information may only be used with consent. As such, parties collecting WGS data should obtain broad consents authorising wide use of the data for WGS data-sharing purposes.
Where consent is not readily available (for example, if the person to whom the information belongs is not legally able to provide consent), it might be possible to argue that consent has been implied or has been granted by some other person with the power to give consent.
3. The disclosure of data is for the purpose of notification of a “notifiable disease”
As identified above, the NNDL comprises a list of notifiable diseases. Each State and Territory also has a list of notifiable diseases requiring mandatory notification and data-sharing by law. However, there are discrepancies amongst these lists and they do not always align with the NNDL.
Nevertheless, where disclosure is mandated under State and Territory legislation, it might be possible to argue that the Australian Privacy Act should not be interpreted in a way that impedes this notification.
4. The disclosure of data is required under another State or Territory law
Separate to the various State and Territory disease notification frameworks, States and Territories have various laws which could require the notification of food contaminants or foodborne illnesses that are not on the NNDL but which justifies acceptable reasons for disclosure of the personal data.
For example, under Victorian laws hospitals are required to notify the Victorian Department of Health and Human Services where a patient experiences an anaphylactic reaction after consuming food.
5. The disclosure of data is required for public health and safety
As identified above, both Victoria and NSW permit the disclosure of data by medical practitioners and pathology labs where there is a sufficient risk to public health. It could be argued that the public policy underlying these provisions justifies the collection and distribution of such personal information.
Transmission of data across jurisdictional borders
When transmitting data within Australia across State and Territory borders, the general rule of thumb is that the person sharing the data must ensure that all relevant laws that apply to the use of the data within that State or Territory must also be observed in relation to any usage outside of the State or Territory. A party should verify that these laws will be observed prior to sharing data.
When transmitting data internationally, it is important to be able to justify the use of any personalised information. In the post-COVID-19 era, it might be possible to justify the international transmission of WGS data that could relate to a global health and safety risk.
Accuracy of data
A party involved in the collection and distribution of WGS data could potentially face legal liabilities if the data is inaccurate.
More than five years ago, FoodLegal was involved in a case raised by a State food regulator that asserted that a ready-made meal product sold by a retailer was alleged to contain meat that was substituted by a different animal species. The allegation was made in the midst of beef substitution cases in Europe with horse meat and concern that similar contamination might have occurred in Australia. Upon a thorough analysis of all the supply chains of the business in question, FoodLegal was able to rule out any points at which the meat could have been contaminated or substituted.
We then commissioned one of Australia’s pioneer experts in early WGS technology. His analysis of the tests carried out by the regulator was able to demonstrate that the finding of “substituted meat” in the product was a false positive and had arisen because of an improper analysis of the data. He showed that there is a common gene sequence between different animal species and that even though there were some common genes, the product in question contained the authentic meat and not the substitute.
The facts of this case illustrated the potential for loss and damages that might be caused by testing errors or poor data analysis. Such losses may or may not always be covered by the appropriate insurances.
Ownership of data
In Australia, the law is not primarily concerned with ownership of data. It is about custody and responsibility of those who possess the data. Privacy laws in Australia and the laws of evidence impose obligations on the parties who control and collect data, and impose liability on the basis of acts or omissions that are done whilst that party has possession of the data.
Many genomic databases (in particular in the US) are maintained in the public domain, but there are also private databases being created by private business operators or industry bodies. Contractual obligations therefore need to be considered on top of the legislative framework.
Opportunities for regulatory improvements
It is clear that WGS data presents a major opportunity for Australia to implement a best-practice food surveillance system both domestically and internationally. However, we have identified a number of obstacles that could prevent the effective transmission of data.
We could overcome a significant hurdle by implementing a better national system starting with better and more consistent standards and timelines and disclosure acceptance thresholds and processes, especially for notifying and sharing information about notifiable pathogens and diseases. This could be done by implementing a uniform national system that is adopted by each State and Territory. This would remove inter-jurisdictional discrepancies in relation to notification deadlines, responsible parties and notifiable diseases.
In addition, there is scope for Australia’s privacy laws to be amended to expressly deal with data collected and used for the purposes of protecting public health or safety. Such amendments would remove current ambiguities and provide the parties responsible for collecting and distributing data with greater certainty. This would put Australia in a much better position to make use of WGS data as it relates to foodborne illnesses.
Australia’s potential role
Australia plays an important role in global food trade and Australian companies are important exporters and importers of food. Relatively speaking, to date Australia has fared better than others in relation to the COVID-19 pandemic. Part of this has been the quick take-up of WGS and other tools for improved contact tracing.
Australia has always been a leading player in food and transport logistics, even going back to such technologies as refrigerated meat shipment in the mid-19th century and the recycling of pallets throughout the world in the second half of the 20th century. Australia has the expertise and the wherewithal to optimise WGS and other traceability technologies throughout food supply chains regionally and globally.
This is general information rather than legal advice and is current as of 9 Nov 2020. We therefore recommend you seek legal advice for your particular circumstances if you want to rely on advice or information to be a basis for any commercial decision-making by you or your business.