Helping You Create a Healthier World While Protecting Data Privacy
The European Union’s (EU) adoption of the General Data Protection Regulation (GDPR) in 2018 resulted in direct effects on the approach, planning and conduct of clinical trials. The sweeping legislation, which is designed to harmonize data privacy laws across Europe, can affect trials in many different ways. Understanding whether and how GDPR impacts your clinical trial is crucial for the protection of your patients and their personal data, as well as the data of all other individuals involved. The GDPR impact may also extend to your company, as significant fines accompany failure to comply with GDPR requirements.
Pharm-Olam’s data protection team delivers peace of mind through our practical and tested solutions, by combining experience in clinical research and knowledge in data protection. Our GDPR consulting and EU representation for GDPR make certain that your trials comply with the applicable regulations.
Additionally, we have a comprehensive, global privacy program designed to respect and protect the personal data we process, including all data processed on your behalf. Our internal privacy program enables us to achieve privacy by design through robust data protections integrated throughout all our processes and technology.
GDPR Services & Consultancy
Protecting Data Privacy. Protecting You.
Pharm-Olam offers GDPR consulting services. We are adept at consulting on GDPR requirements as it relates to clinical trial implementation, regardless of whether you are based in the EU or elsewhere. We work with you to confirm that the data privacy in your trials, as well as your internal business operations, is in place and sustained.
Whether at the study or company level, our GDPR consulting service includes:
GDPR compliance assessment
Implementation plan development
How to word the informed consent form (ICF) to be GDPR-compliant and adjust it to different country requirements
Which types of contracts are required between different parties depending on their role
Mapping data flows of all data subjects: patients, investigators, CRO and vendor employees, sponsors, etc.
Which safeguards need to be implemented for data transfers
GDPR EU representation
Helping non-EU sponsors comply with GDPR obligations for EU representation, which is different than having an EU legal representative for clinical trials
Drafting information that needs to be provided to data subjects
Data protection officer (DPO) requirements
Determining if you are required to have a DPO
Data subject rights
Developing internal procedures for handling subject rights and managing data subject rights requests
Developing internal procedures for handling data breaches and managing reported suspected data breaches
Data protection impact assessments (DPIAs)
Developing internal procedures for DPIAs and conducting DPIAs
Security of processing
Ensuring data protection by design is embedded in all systems and projects
Records of processing activities
Maintaining required documentation, where legally required
Staff training and on-site assistance, including updating senior management on GDPR compliance status
Managing any other relevant communication between data subjects and supervisory authorities on your behalf
Providing relevant templates
Our 2018 introductory GDPR Webinar
On-Demand Webinar: What is GDPR? And How Does It Impact Clinical Trials
Right before the launch of GDPR, Pharm-Olam held a webinar introducing the concept of GDPR and how it is implemented in the clinical trial setting. You may click the video image to the left to watch this insightful webinar from 2018.
If you would also like to access the latest update on GDPR from experts, then click the button below for our latest update webinar on GDPR implementation - 1 year later.
If you are based outside the European Union (EU), then having an EU representative for GDPR is a legal requirement introduced by the GDPR Art. 27. (Please note that this is different than having an EU legal representative for clinical trials.) Pharm-Olam´s EU representative service fulfills all GDPR elements needed within your study, including:
Serving as the contact point for data subjects and supervisory authorities for all issues on processing within the study
Supporting finalization of the data protection section of the relevant study documents, such as master and country versions of ICFs and CTAs, and privacy notices
Mapping the data flow for the study and advising on any relevant agreements between parties as well as safeguards for data transfers
Assisting with developing internal procedures for handling subject rights and data breaches, managing data subject rights requests and reported data breaches
Read our latest insights on GDPR or other interests found on our blog. In addition see our latest news headlines or find out where we will be next at industry conferences.