By Victoria Watts
Since it took effect May 25, 2018, the European Union’s General Data Protection Regulation has been reshaping the way data is handled across every industry sector, including clinical research. The objective of the GDPR is to strengthen and standardize the protection of personal data across the EU, including ex-EU data that is processed within the union. While the regulation is intended to cover the data of individuals within the EU, entities outside Europe — including contract research organizations — may still be impacted by the new requirements if they handle EU personal data.
GDPR contains a number of articles that present unique challenges to the pharmaceutical clinical trials industry. Unfortunately, there is no industry-specific guidance on the GDPR compliance for CROs and no case law to guide CROs on official interpretation. In this blog series, we focus on defining the regulation, on key aspects of GDPR that are relevant to clinical trial professionals, and on providing insight on how CROs can achieve compliance in data handling throughout the clinical trial process.