We provide our clinical trial customers with the resources, help, and know-how they need to preserve the privacy of data subjects at every step of their data protection and privacy journey.
Categories
What are your ongoing GDPR data requirements when closing a clinical trial?
As with all aspects of GDPR compliance, any system, process or infrastructure that uses personal data must be created and designed from the beginning by identifying possible risks to the rights and freedoms of the data subjects and minimising them before they can cause actual damage – privacy by design. GDPR data requirements on closing a clinical trial are no exception.
Continue Reading...Clinical Trial GDPR Compliance: Key GDPR considerations often overlooked by non-EEA clinical trial sponsors
When learning anything new, something will inevitably be forgotten or overlooked. And implementing the GDPR for the first time is no exception, especially when we can only draw upon other data protection and data privacy laws with very different compliance requirements. This is where a GDPR compliance consultancy can keep you on track, ensuring nothing slips through the net.
Continue Reading...
The EEA and UK continue to pack a punch in the clinical trial arena – but what does this mean for sponsors from a data protection perspective?
Choosing the right country or countries, sites and investigators for a clinical trial is critical for success in any pharmaceutical drug or medical device development programme.
Continue Reading...European Commission Adopts Adequacy Decision for EU-US Data Privacy Framework — a Note of Caution
On 10 July 2023, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework after concluding that it provides adequate protection for personal data transferred from the EU/EEA to US companies. However, there is more to the story, as it will likely return to the Court of Justice (CJEU) in only a few months.
Continue Reading...Data protection concerns: Will the UK’s new data protection bill upset the EU-UK adequacy agreement?
In June 2021, the European Commission (EC) granted an ‘adequacy’ decision to the UK – effectively agreeing that UK legislation at the time, the UK GDPR, alongside an amended version of the Data Protection Act 2018 (DPA 2018), offered an equivalent level of data protection to EU citizens in a similar way to the EU GDPR.
Continue Reading...No EU-US adequacy decision – what next for personal data transfers between the EEA and the United States?
Based on the current EU-US Data Privacy Framework, MEPs voted against greenlighting an adequacy decision for personal data transfers between the EU and the US. But as frustrating as that may be for US companies, what’s important is that US pharmaceutical research organisations focus on conducting Transfer Impact Assessments (TIAs) and use GDPR compliance frameworks, such as Standard Contractual Clauses, until the next steps become clearer within the EEA.
Continue Reading...What to look for when outsourcing to a GDPR compliance consultancy
Biopharmaceutical small- and medium-sized enterprises (SMEs) running clinical trials in the EEA must comply with the GDPR like larger companies performing similar data processing activities. However, you may not have the in-house expertise and need to outsource. Hiring the right GDPR compliance consultancy can be challenging, but when successful can save you time, money and stress.
Continue Reading...Challenges of GDPR compliance for clinical trials spanning multiple international borders – a case study
Clinical trials often occur cross-border, involving sites under different regulatory authorities across multiple countries and continents. In our experience, it can be challenging to understand and comply with the data protection and privacy requirements for clinical trials. There are often differences in local laws and their interpretation relating to the interplay between these regulations and those specific to clinical trials.
Continue Reading...Business Benefits of Data Protection and Data Privacy in Clinical Trials in Europe
For US and other non-EU pharmaceutical or biotech companies launching clinical trials in Europe, GDPR compliance could be seen as another data protection hoop to jump through. However, apart from the legal obligation and avoidance of significant financial penalties and sanctions, GDPR compliance can make your business more efficient, secure and competitive.
Continue Reading...The Role and Responsibilities of the GDPR Data Protection Officer
The EU GDPR and UK GDPR require organisations to appoint a Data Protection Officer (DPO) if their data processing activities meet specific criteria. The DPO is mandatory for pharma or biotech companies processing health-related information on data subjects in the EU or UK. The DPO’s role and responsibilities are distinct from those of the Data Protection Representative (for companies not established in the EU or UK). The role should not be confused with other roles, such as the legal representative under the Clinical Trials Regulation.
Continue Reading...Records and documentation of data processing activities, sharing and retention are mandatory under GDPR. What does this mean for pharmaceutical clinical trials in Europe?
This article provides an overview of your responsibilities under the GDPR, and a brief description of the mandatory documents required to fulfil data protection regulatory obligations.
Continue Reading...Outsourcing Data Protection. A biotech client’s perspective
The GDPR’s widespread effects touch almost every clinical research, biotech and pharmaceutical business – no matter where they are based or what type of work they are doing.
Here we share with you an interview with one of our US clients, describing their engagement with the GDPR and how outsourcing data protection was the best way for them to solve their security, privacy, and compliance challenges.
