+390677209020 | +39 0267380552 info@direnzo.biz | sedemilano@direnzo.biz


Regulatory privacy, data protection above all

The entering into force of the Data Protection General Regulation, two years ago, has deeply changed the approach of companies to their clients and on the processing of data and information from relations and agreements with them.

Such radical transformation also significantly affected the management of pharmaceutical regulatory affairs, in particular for consultants and contractors.

The regulatory sectors concerned by the application of the new norms on privacy and personal data processing are in fact several, all linked to the presence of subjects outside the pharmaceutical company providing data for the performance of the required activities.

The first compartment one thinks of is vigilance: safety monitoring of drugs, medical devices, food supplements, cosmetics, implies the collection of personal data of patients, users and consumers, that can be processed only strictly complying with the norms. Therefore, pharmacovigilance, medical device vigilance, cosmetic and food vigilance all had to take the new regulation requirements into account.

The sector of clinical trials was more used to processing personal and sensitive data: here, respecting the patient’s privacy has always be considered an essential element at the base of the relation between the investigators and the subjects taking part to the study.

On the other hand, the world of medical and scientific information was in the past a little more relaxed on this regard: however, the processing of doctors and patients databases has long been strictly regulated.

The protection of patient privacy

What does it mean for a company, – especially a company operating in the health sector – to comply with the new regulation protection the privacy? First of all, a strong impact on the information data organisation should be expected: all information on clients, suppliers, partners, but also employees and consultants should be processes according to the rules, and it is often necessary to look for the assistance of a lawyer to find suitable solution for special issues without violating such rules.

Hence, the extent of the regulation is such as to frequently require a support from specialists to ensure that it is applied correctly. Such support can apply to the drafting of information letters and SOPs on privacy, and personal data processing, but also the drafting of agreements to be signed with partners, suppliers and clients to reshape the processing of such data.

Moreover, regulatory affairs consultants are also able to evaluate the impact of the new regulation on the company regulatory activities, and they usually provide training and information on the technical and organisational measures to be implemented to comply with the norms.

Therefore, in spite of the significant impact, pharmaceutical companies, medical devices manufacturers and food supplements manufacturers can sleep easy: the compliance with the requirements of the new general data protection regulation is possible. With all necessary information, appropriate support and organisational adjustments, the application of these norms can become easy as well as exciting.

Written by: Maria Pia Felici

Foto di Arek Socha da Pixabay