This is the first sectorial code of conduct approved by the Spanish Data Protection Authority (AEPD) under the General Data Protection Regulation (GDPR), and it is already available here (in Spanish).
The CoC, promoted by Farmaindustria (i.e. the National Business Association of the Pharmaceutical Industry), regulates how data protection rules impact the development of clinical trials and compliance with pharmacovigilance obligations.
While we are reviewing it in detail (Stay tuned as we will be updating this post in the coming days with its highlights!), we wanted to give you a sneak peek at some of its content:
- With regards to clinical trials, the CoC establishes protocols which facilitate the application of the GDPR and provides certainty on how its provisions apply to this particular context.
The following matters, among others, are analysed therein: the application of data protection principles, the different roles of the parties involved in a trial (e.g. Sponsors and sites as separate controllers, Clinical Research Organizations (CRO) as processors, etc.), clinical trials’ data protection impact assessments, codification of personal data, legal bases for the processing activities involved and derogations under art. 9 GDPR (i.e. no consent needed from a data protection standpoint), international data transfers, and obligations related to data breaches and the exercise of rights.
It also includes several templates to be used between the parties to a clinical trial.
- In the area of pharmacovigilance, the CoC distinguishes between the processing of directly identifiable and coded personal data, establishes uniform pharmacovigilance protocols, analyses different data communications (including those within the group of companies), and assesses different reporting procedures.
It also includes several templates to be used to address pharmacovigilance.
Although the code of conduct is applicable at the national level, it could become a benchmark at the European level as it is the first code in this field to be approved in Europe. Therefore, it could serve as a beacon to be followed by other EU Authorities.
To be continued soon!
Authored by Santiago de Ampuero and Graciela Martín.
