A. A medical facility, human genomic research facility, or company shall restrict the storage of human genetic sequencing data to geographic locations outside of a foreign adversary country. Remote access to data storage, other than open data, from a foreign adversary country is prohibited.
B. A medical facility, human genomic research facility, or company storing human genetic sequencing data, including through contracts with third-party data storage companies, shall ensure the security of human genetic sequencing data by using reasonable encryption methods, restrictions on access, and other cybersecurity best practices.