Blog

GDPR Readiness

What is GDPR?

Approved and adopted by the EU Parliament and Council in December 2015, General Data Protection Regulation (GDPR) is a new privacy directive that will enhance and tighten loopholes around the protection of personal information related to EU citizens. This directive is scheduled to take effect in May 2018 and will apply to non-EU companies who process personal data of individuals in the EU.

What can you expect

GDPR will implement additional security measures and regulatory enhancements to strengthen the rights of EU citizens and further protect personal data.  As part of this initiative, the definition of Personally Identifiable Information (PII) will be expanded to include components such as device ID’s, cookies and data locations. In addition, provisions will be enacted, including the “Right to erasure (right to be forgotten)”, requiring vendors to delete personal information once intended use is fulfilled. GDPR’s primary focus will be around patients/consumers, giving them increased access to and control over their personal information via ‘data disclosure’, specifying where the data goes and the path it takes.

How innovation plays a key role

GDPR will instill a comprehensive data protection law for EU citizens to emphasize the need for data flow structure and security. Regarding the clinical space, GDPR will ensure that data is properly protected, promoting workflow efficiencies, reduction of administrative burdens and data tracking, improving outcomes and experiences for both clinical staff and patients. Ultimately, implementing innovative technologies like Greenphire’s ClinCard and eClinicalGPS solutions, not only improves processes but supports GDPR’s goal of patient-centricity and data security.

GDPR readiness

While preparing for the execution of GDPR may seem like a daunting task for clinical sites and pharma companies, Greenphire provides reassurance in that we are equipped to support our clients as it relates to the adherence of these enhanced regulations (e.g., data protection, breach notification, privacy impact assessments, audits, etc.). We will continue taking all necessary steps to ensure compliance as applicable with existing requirements and those of GDPR, employing appropriate measures to prevent loss, misuse, unauthorized access, disclosure, alteration, or destruction of personal information for the highest level of data security.

Protecting data and delivering compliant solutions is our core business. It’s what we do! Greenphire’s HIPAA compliant, best-in-class solutions have been designed with an emphasis on data security, incorporating a full audit trail that tracks data flow through the payment lifecycle. While Greenphire is trusted by top pharma companies to provide expertise in clinical research, finance and technology, it is our robust experience and focus in compliance and security of personal information that will ensure Greenphire and our clients are prepared for the implementation of GDPR. 

Norma Rodriguez
Written by Norma Rodriguez

As VP, QA & Regulatory, Norma is responsible for quality framework and ensuring regulatory compliance at Greenphire.