Data Protection Services - EU GDPR Quality and IT Audits - Life Sciences
Data Protection Services - EU GDPRQuality and IT Audits - Life Sciences 

Consulting on Data Protection, QA and IT

Specialised in pharma, healthcare, professional services and IT sectors

Europe, Middle-East and Africa

Member of the Board of Directors of Professional Associations DMB and ACDM

Active Member of AFAR

LinkedIn

Twitter

Silicon Marketing

2018 Insurance Certificate Silicon Marketing
2018 Insurance Certificate Silicon Marke[...]
Document Adobe Acrobat [593.6 KB]

Consulting in Data Management, Compliance, Quality and IT Systems

  • Consulting on Data Protection (GDPR)
     
  • External Part-Time DPO
     
  • Audit of Sub-Contractors
     
  • Business Process Reengineering
     
  • Audit (Business and IT)
     
  • Quality Assurance Management

 

Contact us at: contact@pharmarketing.net

 

or +33 1 48 83 87 25 (CET)

 

 

 

 

 

 

 

Facebook scandal: Passwords of Hundreds of Millions of Customers Unencrypted

21/03/2019 #GDPR Facebook announced today that for years the Passwords of Hundreds of Millions of customers were Unencrypted on internal servers and so were accessible to more than 20,000 employees. ==> change immediately your passwords! and check your organisation stores passwords in a crypted way, wish hashing techniques. Ulrich Kelber , the Federal Commissioner for Data Protection and Freedom of Information of Germany said: "it must be clarified whether Facebook has violated the reporting regulations under the GDPR in this case. The problem seems to have been known since January. We will also discuss the case in the European Data Protection Board." Full official article (in German): https://www.bfdi.bund.de/DE/Infothek/Pressemitteilungen/2019/13_Facebook_Passwortskandal.html   Press article in French: https://www.lemonde.fr/pixels/article/2019/03/21/facebook-a-conserve-des-centaines-de-millions-de-mots-de-passe-de-maniere-non-securisee_5439366_4408996.html  In English: https://www.theguardian.com/technology/2019/mar/21/facebook-admits-passwords-unprotected  #cryptography #itsecurity

 

 

 

 

 

 

 

Framework from IAB Europe to simplify Consent Management

Does your organisation publish content on its corporate website, on microsites, social media pages, or on publication websites? Then this framework, will simplify the way external publishers obtain consent on your behalf.

The Transparency & Consent Framework has been developed by IAB Europe with industry organisations and complies with GDPR. To download the factsheet: https://www.iabeurope.eu/wp-content/uploads/2018/08/final_publisherfactsheet.pdf

To read the article, or access the framework, visit https://advertisingconsent.eu/

 

 

 

 

 

 

 

11/03/2019 Annual Conference of the Association for Clinical Data Management

PharMarketing to talk on "GDPR: Lessons learned 10 months after – impacts for the role of the Data Managers" at ACDM Conference in Amsterdam on Monday.

To receive a copy of the presentation, write to us at contact@pharmarketing.net

www.acdmconference.org

 

 

 

 

 

 

 

07/02/2019 The Belgian Agency updates its list of Processes needing a DPIA

Following its submission to the EDPB last year, the APB has updated its list of Personal Data Processes for which a DPIA is mandatory. Processes collection biometry data, or collecting health data through implantable devices, or collecting vast volimes of personal data through connected devices are in the list.  Surprisingly, clinical studies or vigilance management are not in the list.

 

To read full text: https://bit.ly/2HVMBsc

 

New template « DPIA Prior Consultation »


The APD just issued a template for asking advice when a personal data process is critical, and the DPIA revealed that there is a high remaining risk, event after risk mitigation measures. Organisations should also use this template when they are not sure if the risk is high or not.

To read full article and download the template: Available only in French https://bit.ly/2WN94La  Dutch https://bit.ly/2TBklfD and German https://bit.ly/2HXGeEL

06/02/2019 EU makes it easier for citizens to access health data securely across borders

Brussels, 6 February 2019 - Commission makes it easier for citizens to access health data securely across borders  - This a HUGE step towards healthcare interoperability of #ehr or ePrescriptions and for possibilities of transnational registries for example. #Software providers should now start to implement the recommandations. But this raises questions regarding Data Privacy #GDPR (do we have the right to transfer the patient's records to this recipient, what is the new objective of this data transfer? ,  (do we have the right to transfer the patient's records to this recipient, what is the new legal basis and objective of this data transfer, do we need to inform patient again, etc. etc. ? And considering it is alreday at a time a challenge to share patients records between 2 #hospitals or 2 healthcare professionals  in the same city or region!

This raises also a question regarding which data formats to use: HL7, formats recommended by local health ministries?

Also how should ehr data be transfered? For example the French Health ministry has set up a secured email system, but the other health networks in other countries are not using it: will EU set up a secured portal, or email service?

The  EU Commission reminds also the best practices on secure electronic identification and authentication (Regulation (EU) No 910/2014).

 

The EU recommandation C(2019) 800 reminds on page 4 that "in order to facilitate the interoperability of European eHealth systems, a number of Member States participating in the eHealth Network have worked together with the Commission to build the eHealth Digital Services Infrastructure, supported by the Connecting Europe Facility (CEF) Programme16.".

 

It says on page 5 that "Member States should ensure that citizens and their healthcare professionals have online access to their electronic health records". "...Member States should use the tools and building blocks provided by the eHealth Digital Services Infrastructure supported under the Connecting Europe Facility Programme and refer to the Refined eHealth European Interoperability Framework17 as the common framework for managing interoperability in the eHealth domain."

 

On page 6, it says: ", each Member State should set up a national digital health network". And that... "European electronic health record exchange format: (a) Patient Summary; (b) ePrescription/eDispensation; (c) Laboratory results; (d) Medical imaging and reports; EN 7 EN (e) Hospital discharge reports." 

 

This text stays obviously at a very general level. It doesn't refer to any already existing healthcare data formats like HL7 for example. We will keep you updated on future developments. 

 

To read full text: http://europa.eu/rapid/press-release_MEMO-19-853_en.htm

25/01/2019 Data Protection Day: Bilan RGPD UE après 8 mois

Le 25 janvier, la Commission Européenne a publié un communiqué de presse faisant le bilan 8 mois après la mise en oeuvre du RGPD. Ceci à l'occasion du "Data Protection Day". Cette journée a été lancée par le Conseil de l'Europe en 2006, et est célébrée chaque année le 28 janvier. Il en ressort essentiellement que les Autorités de Protection des Données de l'UE ont reçu 95 000 plaintes de citoyens et 45 000 fuites de données ont été signalées. La commission rappelle la page et les outils qu'elle a mis à disposition des entreprises et des citoyens européens, la consulter ici. Le communiqué rappelle que 23 pays de l'UE ont déjà adapté leurs lois locales, les 5 pays étant encore en cours sont la Bulgarie, la Grèce, la Slovénie, le Portugal et la République Tchèque. Seulement 3 amendes ont été prononcées, dont celle à l'encontre de Google par la CNIL en janvier 2019.

Lire le texte complet : http://europa.eu/rapid/press-release_STATEMENT-19-662_en.htm

23/01/2019 Japan becomes an adequate country today!

What does it mean for us all in the healthsciences business? It means a LOT of simplification! Personal infomation collected or processed either in the EU or in Japan will be subject to the same rules, and will be able to flow seamlessly across both geos, provided oif course each entity is GDPR compliant at every end. And as Japan is one (very) big country in healthsciences, this is a big step towards simplication! This is not very surprising given the long time 'tradition' of high level regulations in Japan, for example for CT submissions or AEs declarations. Now let's wait for South-Korea!

FR: http://europa.eu/rapid/press-release_IP-19-421_fr.htm

EN: http://europa.eu/rapid/press-release_IP-19-421_en.htm

Newsletter RGPD Santé/Pharma du 28 juin 2018 : pour la recevoir, écrivez à contact@pharmarketing.net

Newsletter RGPD Santé/Pharma du 14 juin 2018 : pour la recevoir, écrivez à contact@pharmarketing.net

Newsletter RGPD Santé/Pharma du 29 mai 2018 : pour la recevoir, écrivez à contact@pharmarketing.net

Newsletter RGPD Santé/Pharma du 23 mai 2018 : pour la recevoir, écrivez à contact@pharmarketing.net

Newsletter RGPD Santé/Pharma du 17 mai 2018 : pour la recevoir, écrivez à contact@pharmarketing.net

27/05/2018 - PharMarketing wins contract with UK CRO For Data Protection GDPR RGPD

 

This mid-size CRO is conducting Phase I/II trials accross UK, in its own clinics.

PharMarketing will act as a Data Protection Officer for all its personal data processes, including clinical trials activities and vigilance.

 

For any question on our consulting services for healthcare and pharma companies, contact us at contact@pharmarketing.net

30/03/2018 - PharMarketing wins contract with French CRO for Data Protection GDPR RGPD

 

This Professional Services company based in France has been helping pharma laboratories in their Discovery, Clinical Development, Regulatory, and Market Access and Manufacturing for the past 20 years. Recognized as a strong and experienced partner by the industry, this trusted advisor has helped put several drugs on the market.

As part of its business, this CRO outsources most of the different activities to specialists, but still they do receive personal data from EU residents that fall under the GDPR European law. 

Also they want to use GDPR compliance as a new argument to maintain their clients' confidence, and as a marketing argument to win new prospects.

 

PharMarketing will help this Professional Service company to become compliant with the new European Data Protection Law. (eugdpr.org), but also local French variances from DPA CNIL and recently voted local French law. PharMarketing will also take into account the already existing numerous guidances in the pharmaceutical industry (GXP, ICH, CFR 21 Part 11, etc.).

 

For any question on our consulting services for healthcare and pharma companies, contact us at contact@pharmarketing.net

28/03/2018 - PharMarketing comments on French Parliament GDPR Law

 

Last Thursday, The French parliament adopted a 'localised' version of the EU GDPR regulation. Below you will find some comments / views of our team, in regards to our Pharma sector, especially Pharmacovigilance, Regulatory Affairs, Clinical and Observational Research. These comments will be updated on a regular basis, as the law evolves , or CNIL publishes new information, or we receive guidelines from regulatory bodies in EU.The full text of the French parliament can be accessed here: http://www.assemblee-nationale.fr/15/projets/pl0809.asp

 

For any question on our consulting services for healthcare and pharma companies, please contact us at contact@pharmarketing.net

 

#RGPD Point clé dans le Projet de Loi adopté par le Sénat le 22 mars dernier: le secret médical sera opposable à la CNIL, en particulier concernant aux traitements de recherche médicale.  (article 4 alinéa 8, page 8)

 

#RGPD : Le Sénat français vient de préciser la loi (article 12 alinea 3) concernant les archives historiques en les excluant du droit de rectification: indication importante pour notre secteur de la recherche clinique et de la pharmacovigilance, qui rejoint des réflexions déjà entamées par @DMB - Data Management Biomédical et ACDM Conference : le patient pourra-t-il demander à ce que ses données soient retirées d'un essai clinique auquel il a participé ?

26/03/2018 - PharMarketing wins contract with French Mid-Size Pharma Company

 

PharMarketing will help this well-known Pharma and Cosmetics Laboratory getting compliant with the new European Data Protection Law GDPR / RGPD (eugdpr.org), but also local French variances from DPA CNIL and recently voted local French data protection law. @PharMarketing will also take into account the already existing numerous guidances in the #pharmaceutical industry (GXP, ICH, CFR 21 Part 11, etc.).

 

With its HQ in France and several offices around the globe, this pharmaceutical company has been active for decades in developing and selling drugs, medical devices and cosmetics for improving patients' health and wellness.

 

PharMarketing will be working for this company-wide project with the following departments: HR, IT, Regulatory, Clinical Development, and more.

 

For any question on our consulting services for healthcare and pharma companies, contact us at contact@pharmarketing.net

09/03/2018 - PharMarketing delivers GDPRTraining and Gap Analysis to a Healthcare Software Company

 

This European small startup software company is providing a very innovative portal to investigators within clinical trials, and has already several clients in the academic and pharma industry sectors in several countries.

 

Even if the personal data collected is anonymised, as per clinical research general guidelines (GCP), they are considered by European Data Protection Law GDPR law as 'Pseudonymised' and as such fall under the GDPR / RGPD law.

 

Pharmarketing, a division of SiliconMarketing, organised an interactive workshop to several people from the software company and one of its client. During this half day, PharMarketing identified the strengths of its client in regards to GDPR, but also the actions needed until 25 May 2018 and beyond. 

 

The key success factor was that PharMarketing personel have 15 years+experience in the 3 key fields for Data Protection and GDPR: IT systems and Data Management, Business Process Audit and Quality Assurance standards, and lastly with Clinical Research Business and industry regulations and guidelines.

 

The day after the workshop, PharMarketing sent a report identifying the tasks to do, with a workload estimate and a recommended planning.

 

PharMarketing will cintinue working for this company to provide Data Protection Officer services.

 

For any question on our consulting services for healthcare and pharma companies, contact us at contact@pharmarketing.net

23/01/2018 - PharMarketing delivers GDPR Training and Gap Analysis to a UK CRO

 

This mid-size CRO is headquartered in the UK with offices in the US. They provide services in Business Intelligence, Market Access. Observational Studies to their clients in Europe. 

 

Even if the personal data collected during observational studies is anonymised, and the National UK Healthcare Databases they use contain anonymised patient records also, as per clinical research general guidelines (GCP), they are considered by European Data Protection Law GDPR law as 'Pseudonymised' and as such fall under the GDPR / RGPD law.

 

Pharmarketing, a division of SiliconMarketing, organised an interactive workshop to 14 people from this fast growing CRO in January 2018 in London. During the day, PharMarketing identified the strengths of its client in regards to GDPR, but also the actions needed until 25 May 2018 and beyond. Several managers accross the companies' departments were interviewed, including the CEO, and an overall IT audit has been conducted.

 

The key success factor was that PharMarketing personel have 15 years+experience in the Pharma and Clinical Research sector, plus knowledge of what ICO (the UK Data Protection Agency) and the US Privacy Shield scheme require.

The day after the workshop, PharMarketing sent a report identifying the tasks to do, with a workload estimate and a recommended planning.

 

Since then, the UK CRO has started implementing themselves the most important points for the 25 May deadline. PharMarketing will continue working for this company to provide Data Protection Officer services.

 

For any question on our Data Protection or IT Audit consulting services for healthcare and pharma companies, contact us at contact@pharmarketing.net

22/01/2018 - PharMarketing signs contract with European Data Management Service company

 

PharMarketing will advise this mid size service company on the quality of their processes and IT systems.

 

For any question on our services for pharma and CRO companies, contact us at contact@pharmarketing.net

15/01/2018 - PharMarketing signs contract with UK CRO for Data Protection Compliance (GDPR / RGPD)

 

PharMarketing will advise this mid size CRO on their data management processes, to streamline them, and stay compliant with industry guidelines and regulations. The perimeter emcompasses EU and the US as this Pharma service company has offices on both continents.

 

For any question on our services for pharma and CRO companies, contact us at contact@pharmarketing.net

Client testimonials

Testimonial from a UK CRO following a quality and IT Audit: "We were so impressed by your company! Please keep in touch with us and let us know of any other different training courses that you can help us with!"  CFO, UK CRO with offices in Europe and the US

Version imprimable Version imprimable | Plan du site
© Silicon Marketing SAS. PharMarketing is a registered trademark of Silicon Marketing in Europe and in the US