Challenges of GDPR compliance for clinical trials spanning multiple international borders – a case study
Clinical trials often occur cross-border, involving sites under different regulatory authorities across multiple countries and continents. In our experience, it can be challenging to understand and comply with the data protection and privacy requirements for clinical trials. There are often differences in local laws and their interpretation relating to the interplay between these regulations and those specific to clinical trials.
Business Benefits of Data Protection and Data Privacy in Clinical Trials in Europe
For US and other non-EU pharmaceutical or biotech companies launching clinical trials in Europe, GDPR compliance could be seen as another data protection hoop to jump through. However, apart from the legal obligation and avoidance of significant financial penalties and sanctions, GDPR compliance can make your business more efficient, secure and competitive.
The Role and Responsibilities of the GDPR Data Protection Officer
The EU GDPR and UK GDPR require organisations to appoint a Data Protection Officer (DPO) if their data processing activities meet specific criteria. The DPO is mandatory for pharma or biotech companies processing health-related information on data subjects in the EU or UK. The DPO’s role and responsibilities are distinct from those of the Data Protection Representative (for companies not established in the EU or UK). The role should not be confused with other roles, such as the legal representative under the Clinical Trials Regulation.
Outsourcing Data Protection. A biotech client’s perspective
The GDPR’s widespread effects touch almost every clinical research, biotech and pharmaceutical business – no matter where they are based or what type of work they are doing.
Here we share with you an interview with one of our US clients, describing their engagement with the GDPR and how outsourcing data protection was the best way for them to solve their security, privacy, and compliance challenges.
Data Protection and Data Privacy Training are Mandatory under GDPR
This article discusses what the regulations say about data protection and privacy training, who should receive training and the benefits to your organisation of raising awareness among your staff.