New Privacy Regulations in Europe and its impact on international clinical trials

The New European Union’s General Data Protection Regulation (GDPR) will be brought into action in less than 8 months. The GDPR refers to all kinds of data, however, it is applied to all clinical trials in a special way as well even if these trials are conducted by the foreign companies on the EU territory.

The European Parliament adopted the GDPR in April 2016. This Regulation substitutes the previous one and contains some more aspects: provisions on a right to be forgotten, ensuring that privacy policies are explained in a plain language, guaranteeing “clear and affirmative consent” to the handling the private data; the right of the participant to know if his data were hacked; and stricter prosecution for bending the rules.

The GDPR is applied to all companies which service or goods are distributed on the EU territory. Another new thing in the Regulation is that the definition “sensitive data” now includes genetic and biometric data. Clinical trials are mentioned twice in the GDPR. In these cases, the GDPR refers the readers to the older version of the EU regulation: “For the purpose of consenting to the participation in scientific research activities in clinical trials, the relevant provisions of Regulation (EU) No 536/2014 of the European Parliament and of the Council should apply.” It is also said that the consent “has got to be unambiguous” and given in a written form. New regulations also strictly define paper document workflows, and this can become an issue for certain companies: besides all new technology being implemented, quite a lot of clinical trials didn’t switch to electronic data capture systems.

Source: clinicalinformaticsnews.