Data Protection for Life Sciences

The GDPR was enacted into European Law in 2018, following Brexit the UK adopted the UK GDPR. It imposes legal obligations on many life sciences organisations relating to how personal data is processed, transferred and managed.

The constant developments within the research, development and manufacturing of pharmaceuticals, therapeutics, biotech and medical devices have made the need for robust personal data protection practices essential.

For many research companies and clinical trial sponsors, appointing a Data Protection Officer (DPO) and a Data Protection Representative (DPR) are now fundamental legal and trial approval requirements.

This page explains what the legislation means for organisations operating in the life sciences sector and the key areas they need to consider when managing and protecting personal data.

Click one of the options below to speak to us

 

Email Call

WHAT DOES DATA PROTECTION LEGISLATION MEAN FOR LIFE SCIENCES ORGANISATIONS?

Life Sciences organisations must:

tick
Be transparent about how you process personal data
tick
Understand the conditions for processing and the transfer safeguards required
tick
Implement appropriate technical and organisational measures to protect your personal data
tick
Understand the categories of personal data being processed, who has access to it and the international data transfers involved
tick
Identify, respond to and where necessary, report data breaches
tick
Be familiar with the EU Clinical Trials Regulation and how data is protected under it
tick
Where necessary, appoint a data protection officer and EU and UK Representatives
tick
Implement appropriate agreements between each controller and processor processing your personal data
iStock-1346675527

DATA PROTECTION SERVICES FOR LIFE SCIENCES ORGANISATIONS

The DPO Centre’s outsourced data protection officer service delivers flexible, tailored data protection support, advice and expertise to your life sciences organisation. The service provides you with a highly experienced data protection officer (DPO) who works on a ‘fractional’ basis as an integral member of your team.

Outsourced Data Protection Officers

Life sciences organisations have particular data protection needs due to the collection and processing of sensitive, special category data. Our outsourced DPOs have a broad range of experience working within the life sciences, medtech and healthcare sectors, so are able to help you to understand our data and implement an appropriate data protection framework. 

Read more

 

GDPR Representative

Life sciences organisation that process personal data on EU or EU residents, but don’t have a physical presence within these territories are required to appoint an EU and or EU Representative to comply with Article 27 of the EU and UK GDPRs. This Representative then acts as your point of contact, assisting you to respond to data subject and regulator enquiries.

Data Protection Advice Line

Integral to our outsourced DPO and EU and UK GDPR Representative services is access to our advice line.  This service delivers month-round access to our experienced DPO team, ensuring you have the additional support and expertise required to support your team, avoid regulatory challenges and avoid delays.

Read more

IMPORTANT DATA PROTECTION CONSIDERATIONS FOR LIFE SCIENCES ORGANISATIONS

Life sciences organisations must protect personal data in a range of areas throughout their organisation and research activities. They must also be aware of multiple regulations and industry standards.
Some of the major considerations include:
icon

Sharing data with others

ok-removebg-preview
Other controllers and processors who have an interest in your product development or clinical studies
ok-removebg-preview
Research partners, CROs and investigator sites
ok-removebg-preview
Clinicians and researchers
ok-removebg-preview
Cloud storage
info

Complimentary regulations

ok-removebg-preview
UK/EU GDPR
ok-removebg-preview
National laws if operating in other non-EU jurisdictions
ok-removebg-preview
Swiss FDAP
ok-removebg-preview
Clinical Trials Regulation
icon

Marketing and communications

ok-removebg-preview
Trial promotions
ok-removebg-preview
Research advertisement (funding and participants)
ok-removebg-preview
Social media posting and publishing in journals
icon

Managing sensitive information

ok-removebg-preview
Data Protection Impact Assessment (DPIAs)
ok-removebg-preview
Data transfer Agreements
ok-removebg-preview
Transfer Impact Assessments
ok-removebg-preview
Selecting a lawful basis for processing appropriate to each jurisdiction
Charities and Not-for-profit

Policies and agreements

ok-removebg-preview
Privacy notices
ok-removebg-preview
Data Sharing, Data Processing and Data Transfer Agreements
ok-removebg-preview
Informed Consent Forms
ok-removebg-preview
Records of Processing Activities
icon

Data gathering and predicting research/clinical outcomes

ok-removebg-preview
Data pseudonymisation and anonymisation
ok-removebg-preview
Automated processing and automated decision making
ok-removebg-preview
Managing research data

 BENEFITS OF OUR OUTSOURCED DATA PROTECTION SERVICE

You will benefit from the proactive support of a knowledgeable, hands-on data protection professional who undertakes all the responsibilities you would expect from a DPO and all delivered extremely cost-effectively. This expertise is then backed up by the vested knowledge within The DPO Centre’s large international team, along with the support, shared best practice and model documentation developed from the experience we have gained from working with many hundreds of clients globally, including a wide variety of life science, research organisations and medical device manufacturers.

gbp
Highly cost effective
thumbs up
Experience and shared best practice gained from working with many hundreds of organisations globally
icon
Designated Data Protection Officer working with your team at the required resource level
DPO_Factsheet_Icons33
Pre-existing model documentation tested and validated across a variety of life science organisations
icon
Pragmatic, straightforward, solution-driven advice
DPO_Factsheet_Icons34
UK and Pan-European expertise delivered to clients globally

WHO WE WORK WITH

icon
Sponsors of Clinical Trials
Healthcare
Medical device companies
Medical and Healthcare
MedTech and Biotech
Software and Technology
Genomic-research organisations
heart
Pharmaceutical and therapeutics organisations
icon
Clinical research organisations

Enquire Today

Fill in your details and we’ll get back to you as soon as possible

Alternatively click one of the options below to speak to us

 

Email Call

WHAT OUR CLIENTS SAY

quote

Heather Hunter

Venatorx

“Following the initial data mapping and construction of our RoPA in 2018, we have a good understanding of our processing activities and practical application of the legislation. The DPO Centre recently provided bespoke annual GDPR staff training as part of Venatorx’s ongoing commitment to accountability and compliance. We are confident in the knowledge that our staff understand their responsibilities and The DPO Centre’s team is on hand to assist when required.”

venatorx
quote

Drew Davies

PCCTC Contracts Manager

“By having The DPO Centre take responsibility for the role of GDPR representative for the PCCTC we are confident we are meeting the legal requirements of the GDPR.

The DPO Centre’s team are always on hand to answer any queries we may have and to help us respond to any Data Subject Access Requests from any trial member across the EU.”

pcctc

To view our Animal Testing Policy, please click here.