A leading health AI company is facing mounting legal challenges after lawsuits accused it of improperly using and sharing patients’ DNA data without clear consent.
What happened
According to GovInfo Security, a healthcare artificial intelligence company, Tempus AI, is facing multiple class-action lawsuits in a US. federal court in Chicago over its handling of sensitive genetic data. The lawsuits allege that the company improperly used and shared DNA information obtained through its 2025 acquisition of genetic testing firm Ambry Genetics.
According to the complaints, the database involved contains results from millions of genetic screening tests, raising concerns about how that data has been commercialized and distributed.
Going deeper
The lawsuits claim that Tempus AI sold or disclosed genetic data to third parties, including pharmaceutical companies, without proper patient consent. Plaintiffs argue that genetic information is inherently difficult to fully anonymize, meaning individuals could potentially be re-identified even when data is stripped of obvious personal identifiers.
The legal filings also question whether individuals whose data was originally collected by Ambry Genetics were adequately informed that their information could later be used for commercial AI-driven applications following the acquisition.
What was said
According to the filed complaint, “Tempus AI violated GIPA, common law, and various other state consumer protection statutes when it (1) compelled Ambry to illegally transfer thousands of individuals’ Genetic Information to itself without written consent as part of its acquisition of Ambry; and (2) subsequently disclosed that same Genetic Information to third-party partners through a series of data sharing agreements, again without written consent.… For these reasons, Plaintiffs bring this action, on behalf of themselves and those similarly situated, to recover damages, injunctive relief, and any other remedies the Court deems just and proper to redress Tempus AI’s unauthorized collection, disclosure, and use of their highly sensitive Genetic Information.”
The bigger picture
Companies like Tempus AI are part of a growing ecosystem using data-driven models to personalize medicine and improve patient care. However, the use of AI in healthcare is tightly linked to how patient data is collected, stored, and shared. In the United States, regulations such as the Health Insurance Portability and Accountability Act (HIPAA) set standards for protecting sensitive health information, including rules around disclosure and patient consent. AI tools that function as medical devices may also be subject to oversight by the U.S. Food and Drug Administration (FDA), which evaluates their safety and effectiveness. As AI gains recognition within healthcare systems, regulators are trying to strike a balance between enabling innovation and ensuring that patient privacy, safety, and trust are not compromised.
See also: HIPAA Compliant Email: The Definitive Guide (2026 Update)
FAQS
Why is genetic data considered so sensitive?
Genetic data can indicate predispositions to diseases and familial traits. Even when anonymized, it may still be possible to re-identify individuals, which raises serious privacy concerns.
What are the risks of using AI in healthcare?
While AI offers major benefits, risks include data privacy breaches, lack of transparency in how data is used, potential bias in algorithms, and unclear accountability when something goes wrong.
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
Tshedimoso Makhene
