Tailored for stakeholders with basic knowledge and experience in the field of GDPR Compliance or General Data Protection Compliance. Educational Session / Workshop is focused on Clinical Research Environment. Suggested participants: Clinical Trial Sponsors, Clinical Trial participating CROs, Freelance Clinical Research professionals.
- Applicable Data Protection Regulation/Legislation: Extraterritorial Application of the GDPR, Local Specifics
- Personal Data Protection Fundamentals: What is Personal Data, Examples, Pseudonymization vs Anonymization, Categories of Personal Data, Special Categories of Personal Data, Common misconception, Data Subjects in Clinical Research Environment
- Processing Roles Allocation: Data Controller vs Data Processor, Responsibilities, Sponsor vs CRO vs Sites, Clinical Sites: Processors or Joint or Independent Controllers
- Data Protection Officer vs EU GDPR Representative: Data Protection Representative vs Legal representative
- Data Processing Principles
- Legal Basis for Processing and Purpose: Consent vs Legitimate Interest in Clinical Research
- Consent: Processing Consent vs Informed Consent Form, Personal Data Information Notices for Study Staff; Emergency Enrolment
- Records of Processing Activities: Obligation to maintain RoPA; Responsibilities; Characteristics of RoPA
- Data Breach Management: Personal Data Breach Management, Confidentiality Breach Management, Security Breach Mangement
- Data Subject Requests Management
- International Transfers: Appropriate Safeguards in Clinical Research Environment, List of Adequacy, New European Commission’s SCCs, Other Transfer mechanisms
- Data Retention in Clinical Research
- Data Processing Agreements with Third parties (CDAs, MSAs, CTAs, DPAs, DSAs)
- Vendor Management
- Security of Data: Technical and Organizational Measures
- Data Protection Training for Clinical Research Participants
- Data Protection By Design: Accountability – Trial Set-Up
- Data Protection Non-Compliance Consequences