Tailored for stakeholders with basic knowledge and experience in the field of GDPR Compliance or General Data Protection Compliance. Educational Session / Workshop is focused on Clinical Research Environment. Suggested participants: Clinical Trial Sponsors, Clinical Trial participating CROs, Freelance Clinical Research professionals.

 

  • Applicable Data Protection Regulation/Legislation: Extraterritorial Application of the GDPR, Local Specifics
  • Personal Data Protection Fundamentals: What is Personal Data, Examples, Pseudonymization vs Anonymization, Categories of Personal Data, Special Categories of Personal Data, Common misconception, Data Subjects in Clinical Research Environment
  • Processing Roles Allocation: Data Controller vs Data Processor, Responsibilities, Sponsor vs CRO vs Sites, Clinical Sites: Processors or Joint or Independent Controllers
  • Data Protection Officer vs EU GDPR Representative: Data Protection Representative vs Legal representative
  • Data Processing Principles
  • Legal Basis for Processing and Purpose: Consent vs Legitimate Interest in Clinical Research
  • Consent: Processing Consent vs Informed Consent Form, Personal Data Information Notices for Study Staff; Emergency Enrolment
  • Records of Processing Activities: Obligation to maintain RoPA; Responsibilities; Characteristics of RoPA
  • Data Breach Management: Personal Data Breach Management, Confidentiality Breach Management, Security Breach Mangement
  • Data Subject Requests Management
  • International Transfers: Appropriate Safeguards in Clinical Research Environment, List of Adequacy, New European Commission’s SCCs, Other Transfer mechanisms
  • Data Retention in Clinical Research
  • Data Processing Agreements with Third parties (CDAs, MSAs, CTAs, DPAs, DSAs)
  • Vendor Management
  • Security of Data: Technical and Organizational Measures
  • Data Protection Training for Clinical Research Participants
  • Data Protection By Design: Accountability – Trial Set-Up
  • Data Protection Non-Compliance Consequences