The Health Insurance Portability and Accountability Act, a landmark 1996 patient-privacy law, only covers patient information kept by health providers, insurers and data clearinghouses, as well as their business partners. At-home paternity tests fall outside the law's purview. For that matter, so do wearables like Fitbit that measure steps and sleep, testing companies like 23andMe, and online repositories where individuals can store their health records. In several instances, the privacy of people using these newer services has been compromised, causing embarrassment or legal repercussions.In 2011, for instance, an Australian company failed to properly secure details of hundreds of paternity and drug tests, making them accessible through a Google search.
