By Joshua Merkel, Manager, Information Assurance at SynteractHCR
On May 25, 2018, the new General Data Protection Regulation (GDPR), is set to replace the current Data Protection Directive (DPD) as the European Union’s data protection law. Any company that handles personal data—including drug developers and those involved in clinical trials—will be affected by the new compliance requirements from the GDPR. Noncompliance with the GDPR can result in fines of up to $24 million (USD) or four percent of an organization’s worldwide revenue, necessitating that companies invest in GDPR compliance and data processing planning. And with changes expected to start next spring, no time is better to start preparing than now.
With privacy viewed as a fundamental human right by the EU, GDPR sets out to further protect personal information. Aimed at improving the existing Data Protection Directive (DPD) and the fragmented nature of data privacy laws amongst EU member states, the GDPR’s robust common baseline will apply to organizations worldwide.