Association Française de Pharmacologie Translationnelle (AFPT)’s Post

🚀 Flash News for All #CROs 🚀 After months of hard-work, we are proud to announce the official approval of the EUCROF Code of Conduct 🥳 To help you stay compliant with Industry Standards, #MyDataTRUST is already ahead of the curve and has developed a brand-new service: https://lnkd.in/eVTpxXaz 📩 Contact us: contact@mydata-trust.com ✅ This approval ensures that Contract Research Organizations (CROs) now have access to a well-defined, consistent, and practical framework for the processing of #personaldata, fully aligned with the #GDPR. By adhering to the #EUCROF Code, organizations can not only enhance #datasecurity but also unlock competitive advantages by building #trust with patients and partners alike. 🌟 MyData-TRUST, always ahead to better serve you! Special thanks to our COO Anastassia Negrouk for the hard work in this project 👏🏻 European Data Protection Board CNIL - Commission Nationale de l'Informatique et des Libertés #EUCROFCODE

Major breakthrough alert! The European #CRO Federation (#EUCROF) announces that after the European Data Protection Board (EDPB) adopted the opinion 12/2024 on June 18th and the CNIL1 adopted resolution no.2024-064, the #GDPR EUCROF Code of Conduct for Service Providers in Clinical Rsearch is now approved. Marie-Laure Denis, the President of CNIL, informed EUCROF of this decision in a letter dated September 19th addressed to Yoani Matsakis, chairman of the EUCROF Code Task Force and member of the Executive Board with the following remarks: This accessible tool, of European dimension and intended for clinical research service providers, will allow a harmonised dissemination of good practices to many stakeholders. The work carried out by the working group has made it possible to consolidate, in this code, pragmatic and concrete responses, adapted to the challenges of professionals in the sector. This is why, aware of the involvement required to successfully carry out such a project, I wanted to salute the investment of the EUCROF in this process, which demonstrates its commitment and that of its members to providing more legal security to their activities involving personal data. As reminded in EDPB's opinion, the EUCROF Code is transnational and applies across the whole European Union, as per Article 40 (7) GDPR. Read the full press-release here: https://lnkd.in/eXnGiyMZ #cro #clinicalresearch #clinicaltrialservices

The processes to follow to get BCRs approved is quite hectic so that most companies would rather opt for other transfer mechanisms. Hopefully the EDPB comes up with something rather streamlined.

🌍 Moving data internationally? Check out this comprehensive guide from the European Data Protection Board! It explains key Art. 46 GDPR transfer tools to help you comply with GDPR requirements. 🛡️ #GDPRCompliance #DataProtection #PrivacyRegulations #DataSecurity #InternationalDataTransfer 📑

You may know about GDPR and PDPA. These are more based on specific country regulations and thus may not be applicable cross- border. The APEC Cross-Border Privacy Rules (CBPR) System was developed by APEC economies with input and assistance from industry and civil society to build consumer, business and regulator trust in cross border flows of personal information. The APEC CBPR System requires participating businesses to implement data privacy policies consistent with the APEC Privacy Framework. These policies and practices must be assessed as compliant with the program requirements of the APEC CBPR System by an Accountability Agent (an independent APEC CBPR system recognised public or private sector entity) and be enforceable by law.

📢 Minister O'Dowd announced a new provision to enable Councils to put in place application validation checklists. The power comes into operation on 1 April 2025. The Planning (General Development Procedure) (Amendment) Order (Northern Ireland) 2024 (S.R. No.176) will amend The Planning (General Development Procedure) Order (Northern Ireland) 2015. (S.R. No.72) (the 2015 Order).  The Order includes a provision to appeal a decision of non-conformance with a validation checklist to the PAC. The Order also updates the definition of outline planning permission to refer to the role of Councils in determining Reserved Matters approvals. It is hoped that Council will adopt a consistent and uniform approach to validation checklists. #planninglaw #validation #GDPO #planning

🔎 One of main sanctions for infringement of personal data protection principles is liability for damages, stipulated in Article 82 of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Official Journal of the European Union L 119, English edition, Legislation Volume 59, 4 May 2016, hereinafter referred to as the "GDPR").   Check out the 📝#article titled POLAND | Claims for damages for infringement of GPDR enforcement in Poland - new perspectives published on the Chambers and Partners website, authored by Grzegorz Pobożniak and Agnieszka Trzaska-Śmieszek.   Click here to read the article ➡️ https://lnkd.in/gaxPJEzG #GrzegorzPobożniak #AgnieszkaTrzaskaŚmieszek

Don’t miss Oskar J. Gstrein 🟥’s Op-Ed analyzing the Másdi (C-169/23) case decided by the Court of Justice of the European Union (CJEU), focusing on the intersection of personal data protection under the GDPR and the issuance of COVID-19 certificates during the pandemic in Hungary. It delves into legal and institutional challenges around data privacy, transparency, and accountability when governments use personal data during emergencies. Read more at EU Law Live. https://lnkd.in/dVjtiy3Q

From the information currently available, the draft #DISD Bill announced in the King's Speech yesterday (2024-07-18) represents the best parts of the failed #DPDI Bill. The difference is that the draft DISD Bill rescues the good ideas from the DPDI Bill which would have otherwise been resigned to the cutting room floor, such as reforming the structure of the regulator, introducing a digital identification scheme (seemingly to mirror the EU eIDAS scheme), and making it easier to collect broad consent to participate in scientific research in the UK.    There is one area which raise eyebrows. The DISD Bill will "apply information standards to IT suppliers in the health and social care system". UK IG professionals know that rigorous standards already apply in the form of the Data Security and Protection Toolkit (#DSPT), DCB 0129, DCB 0160, etc. These standards have already seen a sea change in recent years requiring considerable effort and expense from IT suppliers to remain compliant. From the information available, it is concerning that the government may be introducing yet more hoops through which one must jump in order to offer IT services to our healthcare system.   Importantly, there are no signs of the heavy handed cuts to data protection requirements, such as removing the need for DPOs, UK Representatives, ROPAs, DPIAs, etc. The DPDI Bill attempted to remove all of these and more. Let us hope that these short-sighted half-baked policies don't resurface in later drafts of the DISD. #UK #GDPR #KingsSpeech

While we wait for the possible EDPB's guidelines on the interplay between the Digital Services Act (DSA) and the GDPR, here's the EDPS' opinion on the European Commission's proposal for a Digital Services Act: