Module 15 2022

20/05/2022

EU-GDPR – General Data Protection Regulation 2016/679

The GDPR covers the rights of EU citizens regarding Data Protection when being in- and outside of the EU, so all non-EU countries need to comply with the GDPR for EU citizens. For non-EU citizens: whilst in the EU, the GDPR also applies to handling their data. There will be made no difference for nationalities; the GDPR regulates data protection for all data collected in the EU. In addition the GDPR does also protect Site personnel, and other staff like Monitors (CVs, financial data, financial interest, etc.). It is recommended that a Declaration of Consent for Processing of Personal Data is collected from Site personnel and Monitors, etc. For study subjects, the rights outlined in Art. 12 ff, need to be addressed in the ICF

The Organisation for Professionals in Regulatory Affairs

Module 15 Lecture 8

45

Data Protection 2018

The Data Protection Act 2018 is the UK’s implementation of the General Data Protection Regulation (GDPR) and controls how our personal information is used by organisations, businesses or the government – including medical organisations (NHS and Sponsor). • Provides strong legal protection for sensitive personal data such as health data. • Under the Data Protection Act 2018, you have the right to find out what information the government and other organisations store about you.

The Organisation for Professionals in Regulatory Affairs

Module 15 Lecture 8

46

23