Context
Within R&D department (patient data clinical trial data, investigators & Study Staff) of a major pharmaceutical company, support a major corporate-level program to reach GDPR Compliance as of May 2018
Objectives
- Need for arbitrage between Privacy & the specific regulations of the pharmaceutical sector
- Need for feedback to the Corporate management regarding practical issues
Our Approach
- Identifying sensitive information broader than privacy
- Implementing and executing operations to improve Data privacy within Vaccines R&D
- Coordinating the risks response plan related to data privacy risks within R&D
- Supporting the business to identify and report Data Privacy breaches
- Updating procedures to anticipate GDPR implementation
- Organizing the R&D contact for Information Protection (organization of workshops, formalization of requirements)
Results
- Set up of the procedures and quick wins, after weeks in the projects
- Identification of Data Breaches
- Real and visible impact on GDPR awareness