Mandatory Documentation for GDPR
Creating, updating or reviewing data protection documentation can be challenging. Without GDPR knowledge or experience, handling mandatory documentation can be a minefield. Let our data protection specialists with a keen eye for detail ensure your documents demonstrate GDPR compliance.
The need to document regulatory compliance within the pharmaceutical or biotech industries is not new. Your organisation will have policies and processes to ensure you follow best practices.
The difference with the GDPR is that accountability and demonstrating compliance are at the core of implementing or reviewing technical or organisational controls. In addition, you will need supporting documentation to show compliance at an organisational level and for each clinical trial.
To do this, you will need documented evidence of your:
- Data protection/ Data Privacy policies and procedures
- Data protection training policy
- Information security policy
- Informed Consent Forms (ICF)
- Data Protection Impact Assessment (DPIA)
- Retention of records procedure
- Subject access request form and procedure
- International (cross-border) data transfer procedure
- Data portability procedure
- Complaints procedure
- Privacy Notice
- Data breach notification forms
- Data Protection Standard Operating Procedures (SOP)
- Data Protection Manual of Operating Procedures (MOP)
- Data Protection Protocol
- Technical and Operational Measures (TOM)
We are data protection specialists who understand pharma working practices. You can trust us at Pharma Data Protection to ensure that your policies, protocols and procedural documents are fit for purpose while meeting GDPR compliance requirements.