European laws on privacy and data security are not explicit about the storage and processing of genetic data. Especially whole-genome data is identifying and contains a lot of personal information. Is processing of such data allowed in computing grids? To find out, we looked at legal precedents in related fields, current literature, and interviews with legal experts. We found that processing of genetic data is only allowed on distributed systems with specific security measures, both technical and organizational. Informed consent, although important, offers no substitute for such requirements.