Data Protection

What are your ongoing GDPR data requirements when closing a clinical trial?

Category: , , , ,

As with all aspects of GDPR compliance, any system, process or infrastructure that uses personal data must be created and designed from the beginning by identifying possible risks to the rights and freedoms of the data subjects and minimising them before they can cause actual damage – privacy by design. GDPR data requirements on closing a clinical trial are no exception.

Data protection concerns: Will the UK’s new data protection bill upset the EU-UK adequacy agreement?

Category: , , ,

In June 2021, the European Commission (EC) granted an ‘adequacy’ decision to the UK – effectively agreeing that UK legislation at the time, the UK GDPR, alongside an amended version of the Data Protection Act 2018 (DPA 2018), offered an equivalent level of data protection to EU citizens in a similar way to the EU GDPR.

Challenges of GDPR compliance for clinical trials spanning multiple international borders – a case study

Category: , , ,

Clinical trials often occur cross-border, involving sites under different regulatory authorities across multiple countries and continents. In our experience, it can be challenging to understand and comply with the data protection and privacy requirements for clinical trials. There are often differences in local laws and their interpretation relating to the interplay between these regulations and those specific to clinical trials.

Business Benefits of Data Protection and Data Privacy in Clinical Trials in Europe

Category: ,

For US and other non-EU pharmaceutical or biotech companies launching clinical trials in Europe, GDPR compliance could be seen as another data protection hoop to jump through. However, apart from the legal obligation and avoidance of significant financial penalties and sanctions, GDPR compliance can make your business more efficient, secure and competitive.

The Role and Responsibilities of the GDPR Data Protection Officer

Category: ,

The EU GDPR and UK GDPR require organisations to appoint a Data Protection Officer (DPO) if their data processing activities meet specific criteria. The DPO is mandatory for pharma or biotech companies processing health-related information on data subjects in the EU or UK. The DPO’s role and responsibilities are distinct from those of the Data Protection Representative (for companies not established in the EU or UK). The role should not be confused with other roles, such as the legal representative under the Clinical Trials Regulation.

Outsourcing Data Protection. A biotech client’s perspective


The GDPR’s widespread effects touch almost every clinical research, biotech and pharmaceutical business – no matter where they are based or what type of work they are doing.
Here we share with you an interview with one of our US clients, describing their engagement with the GDPR and how outsourcing data protection was the best way for them to solve their security, privacy, and compliance challenges.

Data Protection and Data Privacy Training are Mandatory under GDPR

Category: ,

This article discusses what the regulations say about data protection and privacy training, who should receive training and the benefits to your organisation of raising awareness among your staff.

Pharma Data Protection

EU and UK GDPR-compliant privacy programmes that work for you

Talk to us about your data protection needs