The European Union’s (EU) adoption of the General Data Protection Regulation (GDPR) in 2018 resulted in direct effects on the approach, planning and conduct of clinical trials. The sweeping legislation, which is designed to harmonize data privacy laws across Europe, can affect trials in many different ways. Understanding whether and how GDPR impacts your clinical trial is crucial for the protection of your patients and their personal data, as well as the data of all other individuals involved. The GDPR impact may also extend to your company, as significant fines accompany failure to comply with GDPR requirements.
Pharm-Olam’s data protection team delivers peace of mind through our practical and tested solutions, by combining experience in clinical research and knowledge in data protection. Our GDPR consulting and EU representation for GDPR make certain that your trials comply with the applicable regulations.
Additionally, we have a comprehensive, global privacy program designed to respect and protect the personal data we process, including all data processed on your behalf. Our internal privacy program enables us to achieve privacy by design through robust data protections integrated throughout all our processes and technology.
Pharm-Olam offers GDPR consulting services. We are adept at consulting on GDPR requirements as it relates to clinical trial implementation, regardless of whether you are based in the EU or elsewhere. We work with you to confirm that the data privacy in your trials, as well as your internal business operations, is in place and sustained.
Whether at the study or company level, our GDPR consulting service includes:
Implementation plan development
How to word the informed consent form (ICF) to be GDPR-compliant and adjust it to different country requirements
Which types of contracts are required between different parties depending on their role
Mapping data flows of all data subjects: patients, investigators, CRO and vendor employees, sponsors, etc.
Which safeguards need to be implemented for data transfers
Helping non-EU sponsors comply with GDPR obligations for EU representation, which is different than having an EU legal representative for clinical trials
Drafting information that needs to be provided to data subjects
Determining if you are required to have a DPO
Developing internal procedures for handling subject rights and managing data subject rights requests
Developing internal procedures for handling data breaches and managing reported suspected data breaches
Developing internal procedures for DPIAs and conducting DPIAs
Ensuring data protection by design is embedded in all systems and projects
Maintaining required documentation, where legally required
Staff training and on-site assistance, including updating senior management on GDPR compliance status
Managing any other relevant communication between data subjects and supervisory authorities on your behalf
Providing relevant templates
Right before the launch of GDPR, Pharm-Olam held a webinar introducing the concept of GDPR and how it is implemented in the clinical trial setting. You may click the video image to the left to watch this insightful webinar from 2018.
If you would also like to access the latest update on GDPR from experts, then click the button below for our latest update webinar on GDPR implementation - 1 year later.
If you are based outside the European Union (EU), then having an EU representative for GDPR is a legal requirement introduced by the GDPR Art. 27. (Please note that this is different than having an EU legal representative for clinical trials.) Pharm-Olam´s EU representative service fulfills all GDPR elements needed within your study, including:
Rare disease isn’t rare. As a whole, more than 350 million people in the world have at least one...
COVID-19 moved from a ubiquitous virus to a full-on pandemic very quickly. As countries and city...
The onset of the COVID-19 pandemic has introduced a variety of challenges to “business as usual.”...