SlideShare a Scribd company logo

Life Science Patient Data Privacy

Tracey Zdravkovic
Tracey Zdravkovic
1 of 4
Download to read offline
Ensuring Robust Data Privacy Policies & Systems that Maintain Security, Mitigate Breaches and Potential Reputational Harm, while Upholding Compliance with Evolving Regulations and Jurisdictions on a State-wide as well as International Level 500 N. DEARBORN STREET, SUITE 500 CHICAGO, IL 60654 (P) 312.822.8100 (F) 312.602.3834 www.q1productions.com Tracy Hickey Associate Director Compliance— Operations, Training, & Communications SHIRE PHARMACEUTICALS John Baur Former Senior Manager—Privacy Compliance, Health Care Compliance & Privacy JOHNSON & JOHNSON Jacob G. Springer Global Privacy Officer & Compliance Counsel ABBOTT LABORATORIES Michael Mcneil Global Product Security & Services Officer PHILIPS HEALTHCARE Brad Rostolsky Partner REED SMITH Jeremy Livianu Privacy Officer NEVRO CORP. Agatha O’Malley Co-Lead Commercial Privacy Practice BOOZ ALLEN HAMILTON Former Head of Privacy SHIRE PHARMACEUTICALS Michael D. Molinaro Chief Information Security Officer BIOREFERENCE LABORATORIES INC. Patricia Hilbrands Privacy Officer ARTHREX Jennifer Couture Counsel, PENAC Privacy & Commercial Counsel PHILIPS NORTH AMERICA Daniel J. McBride Director, Privacy Office MERCK Megan Mikkelsen North America Chief Privacy Officer TEVA PHARMACEUTICALS Gail ObryckI Former Senior Manager Global Privacy Policy & Communications JOHNSON & JOHNSON President GO 2 CONSULTING Murali Mani Senior Privacy Officer PHILIPS GROUP INNOVATION Priya Mannan Executive Director and Associate GC of Global Pharma Compliance & Data Privacy NOVARTIS K Royal, CIPP/US, CIPP/E VP, AGC, Privacy and Compliance Privacy Officer CELLTRUST CORPORATION Aldo M. Leiva, ESQ. Partner LUBELL | ROSEN Gregory Albertyn Global Privacy Officer BIOGEN IDEC DISTINGUISHED PRESENTERS INCLUDE: LIFE SCIENCE DATA PRIVACY JULY 27-28, 2015 | PHILADELPHIA, PA OPEN DIALOGUE & GROUP SHARE Each formal presentation is followed by a minimum of 10 minutes of open dialogue and all attendees are invited to become participants. UNPARALLELED NETWORKING Multiple networking opportunities will take place throughout the course of the two-day meeting. NO SALES PITCHES Sales presentations from outside con- sultants are prohibited to ensure confer- ence content and focus remains strictly educational.
LIFE SCIENCE DATA PRIVACY DAY ONE | MONDAY, JULY 27 500 N. DEARBORN STREET, SUITE 500 CHICAGO, IL 60654 (P) 312.822.8100 (F) 312.602.3834 www.q1productions.com 8:00 REGISTRATION AND MORNING COFFEE 8:50 OPENING REMARKS 9:00 BALANCING RISK, REPUTATIONAL & FINANCIAL HARM IN PATIENT DATA PRIVACY As the number of security breaches and privacy regulations continue to in- crease in number and complexity, executives throughout the life sciences industry are working to ensure data remains protected and private. Potential non-compliance or data breaches result in not only financial harm, but can also result in tremendous reputational harm, which is often seen as more damaging than financial damages. Executives must take a forward thinking approach to mitigating risks, developing comprehensive policies and procedures, and at the same time increase the visibility and importance of privacy throughout the life science corporation. • Elevating the importance of data privacy throughout the corporation • Methods for evaluating and mitigating potential risk factors • Forecasting for future threats and privacy regulations John Baur, Former Sr. Mgr.—Privacy Compliance, Health Care Compliance & Privacy JOHNSON & JOHNSON Gail ObryckI, Former Sr. Manager Global Privacy Policy & Communications JOHNSON & JOHNSON President, GO 2 CONSULTING 9:45 BEST PRACTICES FOR BUILDING A PRIVACY INFRASTRUCTURE FROM THE GROUND UP While many companies have data privacy initiatives in place, looking at how a company may begin building a privacy policy from the beginning stages will help industry executives better understand ways to improve their own programs. Cre- ating new frameworks for patient data privacy policies will allow companies to find pitfalls within their privacy structures, allowing them to be highlighted and addressed. By dissecting one company’s experience implementing new data privacy standards, executives will better focus on ways to create new and im- prove old data privacy regulations within their organizations. • Challenges in the execution of new privacy policies • Mitigating issues in changing company culture • Working to identify potential partners • Positive lessons learned Jeremy Livianu, Privacy Officer NEVRO CORP. 10:30 COFFEE & NETWORKING BREAK 11:00 PANEL: COLLABORATION BETWEEN PRIVACY & TECHNOLOGY TEAMS Privacy and technology teams in life science organizations must work together to develop and maintain privacy measures and to ensure the protection of data throughout all avenues within organizations. Teams must ensure that privacy reaches beyond policy and is embedded within the infrastructure of training and technological safeguards from the ground up. Understanding how priva- cy and technology teams can work better together is one way executives can strong ground on which to build upon. • Ensuring privacy is more than just a policy • Evaluating various technologies for data protection • Development of internal safeguards with security • Issues surrounding intranet security internally • Understanding the importance & opportunities in encryption Megan Mikkelsen, North America Chief Privacy Officer TEVA PHARMACEUTICALS Gregory Albertyn, Global Privacy Officer, BIOGEN IDEC Jacob G. Springer, Global Privacy Officer & Compliance Counsel ABBOTT LABORATORIES 11:45 ADDRESSING PRIVACY CONSIDERATIONS IN VARIED US JURISDICTIONS Organizations must participate in the responsible sharing of patient data, es- pecially when transferring patient level data across state jurisdictions. Patient data privacy regulations vary state-by-state, with some of the stricter regula- tions in California and Texas, and an examination of data transfer rules and regulations will help executives develop better privacy policies in regards to these regulations. Companies that operate state to state will find the dissection of jurisdictional requirements beneficial to developing company-wide policies. • Overview of states with strict privacy regulations • California • Texas • Ensuring a corporate-wide privacy policy covers all requirements • Considerations when transferring data across state-lines • Recent cases of interest to life sciences organizations Jennifer Couture, Counsel, PENAC Privacy & Commercial Counsel PHILIPS NORTH AMERICA 12:30 LUNCHEON FOR ALL CONFERENCE PARTICIPANTS 1:30 DEVELOPING ADVANCED TRAINING PROGRAMS TO ENSURE COMPLETE DATA PRIVACY Life science companies employ thousands of individuals at varying levels of security clearance who have access to sensitive patient level data that must remain private. Organizations must create privacy policies, as well as evolve them based on technological advances, to ensure that data is secure. The ap- propriate and continual training of employees on company privacy policies, the correct handling of personal data, as well as relevant data-use procedures, will reduce the likelihood of a data breach occurrence at the hands of human error. • Development of comprehensive training programs • Providing a thorough and clear definition of privacy • Proactive training and re-training opportunities • Security concerns surrounding mobile devices • Handling situations of employee data theft Agatha O’Malley, Co-Lead Commercial Privacy Practice BOOZ ALLEN HAMILTON Former Head of Privacy, SHIRE PHARMACEUTICALS Tracy Hickey, Associate Dir. of Compliance, SHIRE PHARMACEUTICALS 2:15 PROACTIVE MANAGEMENT OF A PRIVACY BREACH Given the immense amount of data being collected and managed by life sciences companies, there is a tremendous need for proactive management of potential breach situations. Organizations that have experienced such a breach, where data has been compromised, including potentially patient data, have learned considerable lessons and have taken great steps to ensure data is recovered and suitably protected moving forward. A retrospective analysis from an organi- zation that has handled a privacy breach, learning what could have been done differently and how the aftermath was tackled, will assist executives in learning how to better avoid a breach, as well as develop internal response protocols. • Initial steps taken to identify the breach • Systematic resolution of privacy breach • Lessons learned & preventative steps for the future Jacob G. Springer, Global Privacy Officer & Compliance Counsel ABBOTT LABORATORIES 3:00 COFFEE & NETWORKING BREAK 3:15 METHODS FOR PROTECTING PATIENT DATA IN THE BIG DATA REVOLUTION The analysis of large data sets at lightening speeds has fueled the big data rev- olution and its use in targeted marketing and sales techniques. The life science industry must work to utilize big data technology to its fullest potential, while also ensuring that all patient data remains private. Working to understand ways in which to ensure that all patient data remains anonymous and fully de-identi- fied, as well as dissecting anxieties surrounding privacy and mobile devices, life science executives will learn how to use big data to its fullest potential. • Understanding where data privacy falls within big data • Strategies and methods for anonymizing data • Data privacy concerns within mobile devices K Royal, VP, AGC, Privacy & Compliance Privacy Officer CELLTRUST CORPORATION 4:00 ENSURING DATA PRIVACY THROUGH HIPAA AND HITECH REGULATORY FRAMEWORKS Although in many cases, not directly affected by HIPAA and HITECH regulatory constraints, the industry remains at time in contact with patient data and as such must have a thorough awareness of these privacy frameworks. With the Office of Civil Rights is currently conducting the second round of audits for cov- ered entities to ensure compliance with ongoing HIPAA regulations, assessing and ensuring reasonable safeguards are in place is required. Through clarifica- tion of current interpretation on where HIPAA and HITECH offer guidelines to the life science industry, executives will ensure privacy guidelines are being met. • Relevance of HIPAA and HITECH within the life science corporation • Clarifications of the Final Rule for HIPAA and HITECH • Integrating privacy rules into informed consent • Implications of HITECH on medical technology & imaging Michael D. Molinaro, Chief Information Security Officer BIOREFERENCE LABORATORIES INC. 4:45 LIMITING LIABILITY THROUGH ELIMINATING PATIENT DATA CONTACT As uncovered entities, device and diagnostic companies developing equipment and technologies that encounter sensitive patient identifying data need to make efforts to limit their encounters with that patient data. Restricting the amount of patient identifying data that organizations interact with reduces potential data breaches as well as acting as a safety measure against other liabilities. Ex- ploring ways in which organizations can limit their own access to unnecessary patient information, and the benefits of such, life science executives will better understand how to limit their own liability. • Reducing access to patient data • Benefits of limiting access to data • Reducing prospective liability Priya Mannan, Executive Director and Associate GC of Global Pharma Compliance & Data Privacy, NOVARTIS 5:30 CONCLUSION OF DAY ONE SESSIONS
500 N. DEARBORN STREET, SUITE 500 CHICAGO, IL 60654 (P) 312.822.8100 (F) 312.602.3834 www.q1productions.com LIFE SCIENCE DATA PRIVACY DAY TWO | TUESDAY, JULY 28 8:00 REGISTRATION AND MORNING COFFEE 8:20 CHAIRPERSON OPENING REMARKS Aldo M. Leiva, ESQ., Partner, LUBELL | ROSEN 8:30 FDA REGULATIONS ON CYBERSECURITY Technological advances made in the life science industry are integral to the forward movement and progress of developing medical devices and diagnostic equipment. In 2014 the FDA issued a final ruling concerning cybersecurity and the life science industry titled “Content of Premarket Submissions for Manage- ment of Cybersecurity in Medical Devices,” specifically targeting medical de- vices, which outlined the FDA’s main concerns as well as steps organizations should take in order to minimize and prevent cybersecurity risks. Identifying rec- ommendations made by the FDA will assist life science executives in the pres- ervation of patient privacy as well as the prevention of cybersecurity breaches. • Concerns surrounding proliferation of new multi-function devices • Understanding potential risks early on in product design • Creating effective management systems for potential threats Michael McNeil, Global Product Security & Services Officer PHILIPS HEALTHCARE 9:15 GLOBAL PATIENT DATA PRIVACY REGULATIONS As pharmaceutical and medical device corporations continue to commercial- ize products around the world, compliance with evolving international privacy considerations is a top priority. With the rapid pace of regulatory change, and varied policies on both a country-by-country as well as regional basis, ensuring ongoing global compliance is a considerable challenge. Understanding the crit- ical points of international regulatory frameworks and how to formulate policies and procedures that protect data on a global scale is essential in the rapidly evolving life science market. ONGOING EUROPEAN PRIVACY REFORMS European Union laws and regulations stand at the forefront of patient data pri- vacy laws with a 27-country directive restricting the use, sharing, storage and collection of personal data. Countries across the European Union view data privacy holistically, allowing the directive to become the paradigm for other pa- tient data privacy laws and initiatives. Dissecting what makes the EU directives distinct will help executives develop strategies for their continual global growth. • Data Protection Directive 1995/46/EC • e-Privacy Directive 2002/58/EC • Strict penalties for violations Murali Mani, Senior Privacy Officer, PHILIPS GROUP INNOVATION 10:00 COFFEE & NETWORKING BREAK 10:30 DEVELOPING POLICIES ACROSS LATIN AMERICA As Latin American countries continue to develop and become contenders in the life science industry, many countries are developing and implementing new patient data privacy regulations and standards at great speed. Some countries have adopted regulations similar to the EU directives; others have begun to develop regulations that are tailored to their own country. While a number of countries have developed polices that mirror European standards and regula- tions, others have taken a more individual approach, developing unique regu- latory frameworks from the ground up. Understanding specific Latin American regulations will allow for executives to better move within patient data privacy guidelines relative to specific Latin American countries. • Rule of habeas data • Adoption of omnibus data privacy legislation • Rooted in EU directive, yet differ country-to-country Aldo M. Leiva, ESQ., Partner, LUBELL | ROSEN 11:15 ENSURING PATIENT PRIVACY WITHIN SALES & MARKETING STRATEGIES As life science companies work to promote sales and marketing strategies to ensure consumers are being reached in the most effective ways possible, ex- ecutives must endeavor to make certain patient data privacy is maintained. While targeted sales and marketing strategies are an ideal way to promote new drugs, therapies and technologies, using specific patient data to reach con- sumers presents issues concerning the maintenance of personally identifiable information via social media marketing and targeted ads. Focusing on privacy policies and their roles in sales and marketing campaigns, while also identifying ways to prevent breach and ways to employ social media channels in these campaigns, executives will be better able to ensure patient privacy while using patient information for targeted ads. • Addressing unclear guidelines surrounding privacy • Potential privacy breaches in sales & marketing initiatives • Balancing a need for greater marketing success with privacy • Utilizing online and social media outlets while maintaining privacy Megan Mikkelsen, North America Chief Privacy Officer TEVA PHARMACEUTICALS Brad Rostolsky, Partner, REED SMITH 12:00 LUNCHEON FOR ALL CONFERENCE GUESTS 1:00 DATA PRIVACY RISKS WITH THE DEVELOPMENT OF MOBILE TECHNOLOGY The privacy risks associated with the development of mobile applications and the use of data from mobile devices are less obvious and more nuanced than most existing technologies and data collection environments. Mobile devices, such as smart phones, tablets, wearable technologies, personal navigation de- vices and other devices that are continuously associated with their users have changed traditional data collection paradigms. These devices are often always on, digitally connected to the Internet or to each other, capable of generating vast quantities of data about the daily lives of their users that can be made readily accessible through apps, wireless networking, Bluetooth connectivity, radio frequency identification, and global positioning system logging. The po- tential for ubiquitous collection, generation, analysis and sharing of data raises new privacy risks and also challenges existing models for protecting privacy. Daniel J. McBride Director, Privacy Office MERCK 1:45 PRIVACY CONSIDERATIONS IN SECONDARY USE OF CLINICAL DATA Biotech and pharmaceutical companies collect vast amounts of data for use in extensive research; the storing of that data for later use poses challenge as well as controversy. Informed consent allows the signal use of patient level data, and the ethicality of multiple uses of data comes into question when determin- ing if secondary uses violate privacy rules and informed consent. Exploring the instances in which secondary usage of data is reasonable will facilitate discus- sion amongst executives allowing the determination of how informed consent plays a role in data privacy. • Areas of privacy considerations within informed consent documents • Communicating privacy stipulations to clinical research teams • Determining where secondary use of data might breach privacy rules • Ensuring de-identification and anonymization of clinical data Patricia Hilbrands Privacy Officer ARTHREX 2:30 PRIVACY AND PROTECTION OF DATA WHEN WORKING WITH 3RD PARTY PROVIDERS Ensuring appropriate privacy safeguards surrounding consumer data is a con- tinued challenge for life science corporations, especially as they evolve into mobile health applications and partner with developers to further engage and connect with consumers online. When working with third party vendors, ensur- ing the privacy and security of data must be at the forefront of importance, and privacy executives are eager to ensure data is protected. Through thoughtful front-end communication with third party suppliers that focuses on the need for privacy and security to ongoing monitoring of suppliers, privacy will be main- tained and assured. • Monitoring third-party vendors for privacy rules • Safe harbor regulatory requirements for privacy • Protection of clinical and insurance patient data Gregory Albertyn Global Privacy Officer BIOGEN IDEC 3:15 PROGRAM CONCLUSION
LIFE SCIENCE TRANSPARENCY REPORTING DECEMBER 7-8, 2015 DALLAS, TX 500 N. DEARBORN STREET, SUITE 500 CHICAGO, IL 60654 (P) 312.822.8100 (F) 312.602.3834 www.q1productions.com Clarifying Inconsistent Interpretations of Reporting both Monetary & Non-Monetary Transactions with Healthcare Professionals on a Federal, State & International Level to Maintain a Risk-Based Approach to Transparency Reporting & Compliance TOPICS TO BE ADDRESSED INCLUDE: KEY SPEAKERS INCLUDE: CMS PERSPECTIVE ON THE FUTURE OF TRANSPARENCY REPORTING & INITIATIVES TO INCREASE EFFICIENCY LIMITING COMPLIANCE RISK WHILE STREAMLINING REPORTING AT THE STATE LEGISLATIVE LEVEL DATA INTEGRITY PANEL: BEST PRACTICES AND LESSONS LEARNED DEVELOPING EFFECTIVE TRAINING PROCESSES FOR EXECUTIVES REPORTING COLLECTED DATA MITIGATING COMPLIANCE RISK IN TRANSPARENCY REPORTING PANEL DISCUSSION: HCP PERSPECTIVES ON TRANSPARENCY REPORTING AND ITS EFFECTS ON THE INDUSTRY MONITORING EVOLVING INTERNATIONAL REGULATIONS FOR AGGREGATE SPEND REPORTING PANEL DISCUSSION: CAPTURING INTERNATIONAL SPEND TO ENSURE COMPLIANCE PANEL: GLOBAL REPORTING SYSTEMS AND PLATFORMS TO STREAMLINE TRANSPARENCY REPORTING UPCOMING EVENT Kelly J. Tope Director of Compliance Operations & Transparency, US & Canada ZIMMER BIOMET John Sheehan Associate Director, Global Transparency Change Management Operations BRISTOL-MYERS SQUIBB Lee H. Rosebush Partner BAKER HOSTETLER Colleen Martin Roberts Of Counsel KRIEG DEVAULT

Recommended

Keep It Secret, Keep It Safe: Security and Privacy in 21st Century Health IT
Keep It Secret, Keep It Safe: Security and Privacy in 21st Century Health IT Keep It Secret, Keep It Safe: Security and Privacy in 21st Century Health IT
Keep It Secret, Keep It Safe: Security and Privacy in 21st Century Health IT Health Informatics New Zealand
 
An information security governance framework
An information security governance frameworkAn information security governance framework
An information security governance frameworkAnne ndolo
 
Mis ethical social
Mis ethical socialMis ethical social
Mis ethical socialuniversity of education,Lahore
 
Ethical issues of IS
Ethical issues of ISEthical issues of IS
Ethical issues of ISuniversity of education,Lahore
 
4th EDPD 2014 European Data Protection Days
4th EDPD 2014 European Data Protection Days4th EDPD 2014 European Data Protection Days
4th EDPD 2014 European Data Protection DaysAstrid Mestrovic
 
SME- Developing an information governance strategy 2016
SME- Developing an information governance strategy 2016 SME- Developing an information governance strategy 2016
SME- Developing an information governance strategy 2016 Hybrid Cloud
 
The Myth of Zero-Risk Solutions; The Benefits of Privacy by Design
The Myth of Zero-Risk Solutions; The Benefits of Privacy by DesignThe Myth of Zero-Risk Solutions; The Benefits of Privacy by Design
The Myth of Zero-Risk Solutions; The Benefits of Privacy by DesignDr. Ann Cavoukian
 
Clinical Data Management Agenda
Clinical Data Management AgendaClinical Data Management Agenda
Clinical Data Management AgendaTracey Zdravkovic
 

Recommended

Keep It Secret, Keep It Safe: Security and Privacy in 21st Century Health IT
Keep It Secret, Keep It Safe: Security and Privacy in 21st Century Health IT Keep It Secret, Keep It Safe: Security and Privacy in 21st Century Health IT
Keep It Secret, Keep It Safe: Security and Privacy in 21st Century Health IT Health Informatics New Zealand
 
An information security governance framework
An information security governance frameworkAn information security governance framework
An information security governance frameworkAnne ndolo
 
Mis ethical social
Mis ethical socialMis ethical social
Mis ethical socialuniversity of education,Lahore
 
Ethical issues of IS
Ethical issues of ISEthical issues of IS
Ethical issues of ISuniversity of education,Lahore
 
4th EDPD 2014 European Data Protection Days
4th EDPD 2014 European Data Protection Days4th EDPD 2014 European Data Protection Days
4th EDPD 2014 European Data Protection DaysAstrid Mestrovic
 
SME- Developing an information governance strategy 2016
SME- Developing an information governance strategy 2016 SME- Developing an information governance strategy 2016
SME- Developing an information governance strategy 2016 Hybrid Cloud
 
The Myth of Zero-Risk Solutions; The Benefits of Privacy by Design
The Myth of Zero-Risk Solutions; The Benefits of Privacy by DesignThe Myth of Zero-Risk Solutions; The Benefits of Privacy by Design
The Myth of Zero-Risk Solutions; The Benefits of Privacy by DesignDr. Ann Cavoukian
 
Clinical Data Management Agenda
Clinical Data Management AgendaClinical Data Management Agenda
Clinical Data Management AgendaTracey Zdravkovic
 
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Soumodeep Nanee Kundu
 
Webinar: Overcoming it challenges
Webinar: Overcoming it challengesWebinar: Overcoming it challenges
Webinar: Overcoming it challengesModern Healthcare
 
How to Build a Privacy Program
How to Build a Privacy ProgramHow to Build a Privacy Program
How to Build a Privacy Programsecratic
 
The Role of Information Security Policy
The Role of Information Security PolicyThe Role of Information Security Policy
The Role of Information Security PolicyRobot Mode
 
1200 clare sanderon hse ireland
1200 clare sanderon hse ireland1200 clare sanderon hse ireland
1200 clare sanderon hse irelandinvestnethealthcare
 
pc15257_brochure original
pc15257_brochure originalpc15257_brochure original
pc15257_brochure originalDaria Binder
 
Data Ethics and Privacy.pdf
Data Ethics and Privacy.pdfData Ethics and Privacy.pdf
Data Ethics and Privacy.pdfAmirKhan811717
 
SOCI11- Day One - Monday Morning - June 13, 2016
SOCI11- Day One - Monday Morning - June 13, 2016SOCI11- Day One - Monday Morning - June 13, 2016
SOCI11- Day One - Monday Morning - June 13, 2016Michael Kerr
 
DOC-20230410-WA0041..pptx
DOC-20230410-WA0041..pptxDOC-20230410-WA0041..pptx
DOC-20230410-WA0041..pptxJyotiPandey43595
 
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docx
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docxCHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docx
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docxchristinemaritza
 
DATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATA
DATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATADATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATA
DATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATAUncodemy
 
Ann Cavoukian Presentation
Ann Cavoukian PresentationAnn Cavoukian Presentation
Ann Cavoukian PresentationCityAge
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudNetskope
 
Navigating the Complex Terrain of Data Governance in Data Analysis.pdf
Navigating the Complex Terrain of Data Governance in Data Analysis.pdfNavigating the Complex Terrain of Data Governance in Data Analysis.pdf
Navigating the Complex Terrain of Data Governance in Data Analysis.pdfSoumodeep Nanee Kundu
 
Data security and Privacy in Clinical Research -Compliance and Best Practices...
Data security and Privacy in Clinical Research -Compliance and Best Practices...Data security and Privacy in Clinical Research -Compliance and Best Practices...
Data security and Privacy in Clinical Research -Compliance and Best Practices...ClinosolIndia
 
Challenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsChallenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsRobert 'Bob' Reyes
 
Big Data and Goverment Analytics
Big Data and Goverment AnalyticsBig Data and Goverment Analytics
Big Data and Goverment AnalyticsKhaled Ghadban
 
Ethical Considerations in Data Analytics
Ethical Considerations in Data AnalyticsEthical Considerations in Data Analytics
Ethical Considerations in Data Analyticspriyanka rajput
 
SEMHIMA Presentation Final 06052012
SEMHIMA Presentation Final 06052012SEMHIMA Presentation Final 06052012
SEMHIMA Presentation Final 06052012mrpchcchpc
 
Privacy (1).pptx
Privacy (1).pptxPrivacy (1).pptx
Privacy (1).pptxEng. Ala' Zayadeen- MBA,CEH,ISO Lead Implementer, MCP
 

More Related Content

Similar to Life Science Patient Data Privacy

Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Soumodeep Nanee Kundu
 
Webinar: Overcoming it challenges
Webinar: Overcoming it challengesWebinar: Overcoming it challenges
Webinar: Overcoming it challengesModern Healthcare
 
How to Build a Privacy Program
How to Build a Privacy ProgramHow to Build a Privacy Program
How to Build a Privacy Programsecratic
 
The Role of Information Security Policy
The Role of Information Security PolicyThe Role of Information Security Policy
The Role of Information Security PolicyRobot Mode
 
pc15257_brochure original
pc15257_brochure originalpc15257_brochure original
pc15257_brochure originalDaria Binder
 
Data Ethics and Privacy.pdf
Data Ethics and Privacy.pdfData Ethics and Privacy.pdf
Data Ethics and Privacy.pdfAmirKhan811717
 
SOCI11- Day One - Monday Morning - June 13, 2016
SOCI11- Day One - Monday Morning - June 13, 2016SOCI11- Day One - Monday Morning - June 13, 2016
SOCI11- Day One - Monday Morning - June 13, 2016Michael Kerr
 
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docx
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docxCHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docx
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docxchristinemaritza
 
DATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATA
DATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATADATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATA
DATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATAUncodemy
 
Ann Cavoukian Presentation
Ann Cavoukian PresentationAnn Cavoukian Presentation
Ann Cavoukian PresentationCityAge
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudNetskope
 
Navigating the Complex Terrain of Data Governance in Data Analysis.pdf
Navigating the Complex Terrain of Data Governance in Data Analysis.pdfNavigating the Complex Terrain of Data Governance in Data Analysis.pdf
Navigating the Complex Terrain of Data Governance in Data Analysis.pdfSoumodeep Nanee Kundu
 
Data security and Privacy in Clinical Research -Compliance and Best Practices...
Data security and Privacy in Clinical Research -Compliance and Best Practices...Data security and Privacy in Clinical Research -Compliance and Best Practices...
Data security and Privacy in Clinical Research -Compliance and Best Practices...ClinosolIndia
 
Challenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsChallenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsRobert 'Bob' Reyes
 
Big Data and Goverment Analytics
Big Data and Goverment AnalyticsBig Data and Goverment Analytics
Big Data and Goverment AnalyticsKhaled Ghadban
 
Ethical Considerations in Data Analytics
Ethical Considerations in Data AnalyticsEthical Considerations in Data Analytics
Ethical Considerations in Data Analyticspriyanka rajput
 
SEMHIMA Presentation Final 06052012
SEMHIMA Presentation Final 06052012SEMHIMA Presentation Final 06052012
SEMHIMA Presentation Final 06052012mrpchcchpc
 

Similar to Life Science Patient Data Privacy (20)

Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
Ethical Considerations in Data Analysis_ Balancing Power, Privacy, and Respon...
 
Webinar: Overcoming it challenges
Webinar: Overcoming it challengesWebinar: Overcoming it challenges
Webinar: Overcoming it challenges
 
How to Build a Privacy Program
How to Build a Privacy ProgramHow to Build a Privacy Program
How to Build a Privacy Program
 
The Role of Information Security Policy
The Role of Information Security PolicyThe Role of Information Security Policy
The Role of Information Security Policy
 
1200 clare sanderon hse ireland
1200 clare sanderon hse ireland1200 clare sanderon hse ireland
1200 clare sanderon hse ireland
 
pc15257_brochure original
pc15257_brochure originalpc15257_brochure original
pc15257_brochure original
 
Data Ethics and Privacy.pdf
Data Ethics and Privacy.pdfData Ethics and Privacy.pdf
Data Ethics and Privacy.pdf
 
SOCI11- Day One - Monday Morning - June 13, 2016
SOCI11- Day One - Monday Morning - June 13, 2016SOCI11- Day One - Monday Morning - June 13, 2016
SOCI11- Day One - Monday Morning - June 13, 2016
 
DOC-20230410-WA0041..pptx
DOC-20230410-WA0041..pptxDOC-20230410-WA0041..pptx
DOC-20230410-WA0041..pptx
 
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docx
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docxCHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docx
CHAPTER 7Standards on Privacyand Confidentiality4. Privacy a.docx
 
DATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATA
DATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATADATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATA
DATA ETHICS: BEST PRACTICES FOR HANDLING SENSITIVE DATA
 
Ann Cavoukian Presentation
Ann Cavoukian PresentationAnn Cavoukian Presentation
Ann Cavoukian Presentation
 
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the CloudCure for the Common Cloud: How Healthcare can Safely Enable the Cloud
Cure for the Common Cloud: How Healthcare can Safely Enable the Cloud
 
Navigating the Complex Terrain of Data Governance in Data Analysis.pdf
Navigating the Complex Terrain of Data Governance in Data Analysis.pdfNavigating the Complex Terrain of Data Governance in Data Analysis.pdf
Navigating the Complex Terrain of Data Governance in Data Analysis.pdf
 
Data security and Privacy in Clinical Research -Compliance and Best Practices...
Data security and Privacy in Clinical Research -Compliance and Best Practices...Data security and Privacy in Clinical Research -Compliance and Best Practices...
Data security and Privacy in Clinical Research -Compliance and Best Practices...
 
Challenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act BringsChallenges & Opportunities the Data Privacy Act Brings
Challenges & Opportunities the Data Privacy Act Brings
 
Big Data and Goverment Analytics
Big Data and Goverment AnalyticsBig Data and Goverment Analytics
Big Data and Goverment Analytics
 
Ethical Considerations in Data Analytics
Ethical Considerations in Data AnalyticsEthical Considerations in Data Analytics
Ethical Considerations in Data Analytics
 
SEMHIMA Presentation Final 06052012
SEMHIMA Presentation Final 06052012SEMHIMA Presentation Final 06052012
SEMHIMA Presentation Final 06052012
 
Privacy (1).pptx
Privacy (1).pptxPrivacy (1).pptx
Privacy (1).pptx
 

Life Science Patient Data Privacy

  • 1. Ensuring Robust Data Privacy Policies & Systems that Maintain Security, Mitigate Breaches and Potential Reputational Harm, while Upholding Compliance with Evolving Regulations and Jurisdictions on a State-wide as well as International Level 500 N. DEARBORN STREET, SUITE 500 CHICAGO, IL 60654 (P) 312.822.8100 (F) 312.602.3834 www.q1productions.com Tracy Hickey Associate Director Compliance— Operations, Training, & Communications SHIRE PHARMACEUTICALS John Baur Former Senior Manager—Privacy Compliance, Health Care Compliance & Privacy JOHNSON & JOHNSON Jacob G. Springer Global Privacy Officer & Compliance Counsel ABBOTT LABORATORIES Michael Mcneil Global Product Security & Services Officer PHILIPS HEALTHCARE Brad Rostolsky Partner REED SMITH Jeremy Livianu Privacy Officer NEVRO CORP. Agatha O’Malley Co-Lead Commercial Privacy Practice BOOZ ALLEN HAMILTON Former Head of Privacy SHIRE PHARMACEUTICALS Michael D. Molinaro Chief Information Security Officer BIOREFERENCE LABORATORIES INC. Patricia Hilbrands Privacy Officer ARTHREX Jennifer Couture Counsel, PENAC Privacy & Commercial Counsel PHILIPS NORTH AMERICA Daniel J. McBride Director, Privacy Office MERCK Megan Mikkelsen North America Chief Privacy Officer TEVA PHARMACEUTICALS Gail ObryckI Former Senior Manager Global Privacy Policy & Communications JOHNSON & JOHNSON President GO 2 CONSULTING Murali Mani Senior Privacy Officer PHILIPS GROUP INNOVATION Priya Mannan Executive Director and Associate GC of Global Pharma Compliance & Data Privacy NOVARTIS K Royal, CIPP/US, CIPP/E VP, AGC, Privacy and Compliance Privacy Officer CELLTRUST CORPORATION Aldo M. Leiva, ESQ. Partner LUBELL | ROSEN Gregory Albertyn Global Privacy Officer BIOGEN IDEC DISTINGUISHED PRESENTERS INCLUDE: LIFE SCIENCE DATA PRIVACY JULY 27-28, 2015 | PHILADELPHIA, PA OPEN DIALOGUE & GROUP SHARE Each formal presentation is followed by a minimum of 10 minutes of open dialogue and all attendees are invited to become participants. UNPARALLELED NETWORKING Multiple networking opportunities will take place throughout the course of the two-day meeting. NO SALES PITCHES Sales presentations from outside con- sultants are prohibited to ensure confer- ence content and focus remains strictly educational.
  • 2. LIFE SCIENCE DATA PRIVACY DAY ONE | MONDAY, JULY 27 500 N. DEARBORN STREET, SUITE 500 CHICAGO, IL 60654 (P) 312.822.8100 (F) 312.602.3834 www.q1productions.com 8:00 REGISTRATION AND MORNING COFFEE 8:50 OPENING REMARKS 9:00 BALANCING RISK, REPUTATIONAL & FINANCIAL HARM IN PATIENT DATA PRIVACY As the number of security breaches and privacy regulations continue to in- crease in number and complexity, executives throughout the life sciences industry are working to ensure data remains protected and private. Potential non-compliance or data breaches result in not only financial harm, but can also result in tremendous reputational harm, which is often seen as more damaging than financial damages. Executives must take a forward thinking approach to mitigating risks, developing comprehensive policies and procedures, and at the same time increase the visibility and importance of privacy throughout the life science corporation. • Elevating the importance of data privacy throughout the corporation • Methods for evaluating and mitigating potential risk factors • Forecasting for future threats and privacy regulations John Baur, Former Sr. Mgr.—Privacy Compliance, Health Care Compliance & Privacy JOHNSON & JOHNSON Gail ObryckI, Former Sr. Manager Global Privacy Policy & Communications JOHNSON & JOHNSON President, GO 2 CONSULTING 9:45 BEST PRACTICES FOR BUILDING A PRIVACY INFRASTRUCTURE FROM THE GROUND UP While many companies have data privacy initiatives in place, looking at how a company may begin building a privacy policy from the beginning stages will help industry executives better understand ways to improve their own programs. Cre- ating new frameworks for patient data privacy policies will allow companies to find pitfalls within their privacy structures, allowing them to be highlighted and addressed. By dissecting one company’s experience implementing new data privacy standards, executives will better focus on ways to create new and im- prove old data privacy regulations within their organizations. • Challenges in the execution of new privacy policies • Mitigating issues in changing company culture • Working to identify potential partners • Positive lessons learned Jeremy Livianu, Privacy Officer NEVRO CORP. 10:30 COFFEE & NETWORKING BREAK 11:00 PANEL: COLLABORATION BETWEEN PRIVACY & TECHNOLOGY TEAMS Privacy and technology teams in life science organizations must work together to develop and maintain privacy measures and to ensure the protection of data throughout all avenues within organizations. Teams must ensure that privacy reaches beyond policy and is embedded within the infrastructure of training and technological safeguards from the ground up. Understanding how priva- cy and technology teams can work better together is one way executives can strong ground on which to build upon. • Ensuring privacy is more than just a policy • Evaluating various technologies for data protection • Development of internal safeguards with security • Issues surrounding intranet security internally • Understanding the importance & opportunities in encryption Megan Mikkelsen, North America Chief Privacy Officer TEVA PHARMACEUTICALS Gregory Albertyn, Global Privacy Officer, BIOGEN IDEC Jacob G. Springer, Global Privacy Officer & Compliance Counsel ABBOTT LABORATORIES 11:45 ADDRESSING PRIVACY CONSIDERATIONS IN VARIED US JURISDICTIONS Organizations must participate in the responsible sharing of patient data, es- pecially when transferring patient level data across state jurisdictions. Patient data privacy regulations vary state-by-state, with some of the stricter regula- tions in California and Texas, and an examination of data transfer rules and regulations will help executives develop better privacy policies in regards to these regulations. Companies that operate state to state will find the dissection of jurisdictional requirements beneficial to developing company-wide policies. • Overview of states with strict privacy regulations • California • Texas • Ensuring a corporate-wide privacy policy covers all requirements • Considerations when transferring data across state-lines • Recent cases of interest to life sciences organizations Jennifer Couture, Counsel, PENAC Privacy & Commercial Counsel PHILIPS NORTH AMERICA 12:30 LUNCHEON FOR ALL CONFERENCE PARTICIPANTS 1:30 DEVELOPING ADVANCED TRAINING PROGRAMS TO ENSURE COMPLETE DATA PRIVACY Life science companies employ thousands of individuals at varying levels of security clearance who have access to sensitive patient level data that must remain private. Organizations must create privacy policies, as well as evolve them based on technological advances, to ensure that data is secure. The ap- propriate and continual training of employees on company privacy policies, the correct handling of personal data, as well as relevant data-use procedures, will reduce the likelihood of a data breach occurrence at the hands of human error. • Development of comprehensive training programs • Providing a thorough and clear definition of privacy • Proactive training and re-training opportunities • Security concerns surrounding mobile devices • Handling situations of employee data theft Agatha O’Malley, Co-Lead Commercial Privacy Practice BOOZ ALLEN HAMILTON Former Head of Privacy, SHIRE PHARMACEUTICALS Tracy Hickey, Associate Dir. of Compliance, SHIRE PHARMACEUTICALS 2:15 PROACTIVE MANAGEMENT OF A PRIVACY BREACH Given the immense amount of data being collected and managed by life sciences companies, there is a tremendous need for proactive management of potential breach situations. Organizations that have experienced such a breach, where data has been compromised, including potentially patient data, have learned considerable lessons and have taken great steps to ensure data is recovered and suitably protected moving forward. A retrospective analysis from an organi- zation that has handled a privacy breach, learning what could have been done differently and how the aftermath was tackled, will assist executives in learning how to better avoid a breach, as well as develop internal response protocols. • Initial steps taken to identify the breach • Systematic resolution of privacy breach • Lessons learned & preventative steps for the future Jacob G. Springer, Global Privacy Officer & Compliance Counsel ABBOTT LABORATORIES 3:00 COFFEE & NETWORKING BREAK 3:15 METHODS FOR PROTECTING PATIENT DATA IN THE BIG DATA REVOLUTION The analysis of large data sets at lightening speeds has fueled the big data rev- olution and its use in targeted marketing and sales techniques. The life science industry must work to utilize big data technology to its fullest potential, while also ensuring that all patient data remains private. Working to understand ways in which to ensure that all patient data remains anonymous and fully de-identi- fied, as well as dissecting anxieties surrounding privacy and mobile devices, life science executives will learn how to use big data to its fullest potential. • Understanding where data privacy falls within big data • Strategies and methods for anonymizing data • Data privacy concerns within mobile devices K Royal, VP, AGC, Privacy & Compliance Privacy Officer CELLTRUST CORPORATION 4:00 ENSURING DATA PRIVACY THROUGH HIPAA AND HITECH REGULATORY FRAMEWORKS Although in many cases, not directly affected by HIPAA and HITECH regulatory constraints, the industry remains at time in contact with patient data and as such must have a thorough awareness of these privacy frameworks. With the Office of Civil Rights is currently conducting the second round of audits for cov- ered entities to ensure compliance with ongoing HIPAA regulations, assessing and ensuring reasonable safeguards are in place is required. Through clarifica- tion of current interpretation on where HIPAA and HITECH offer guidelines to the life science industry, executives will ensure privacy guidelines are being met. • Relevance of HIPAA and HITECH within the life science corporation • Clarifications of the Final Rule for HIPAA and HITECH • Integrating privacy rules into informed consent • Implications of HITECH on medical technology & imaging Michael D. Molinaro, Chief Information Security Officer BIOREFERENCE LABORATORIES INC. 4:45 LIMITING LIABILITY THROUGH ELIMINATING PATIENT DATA CONTACT As uncovered entities, device and diagnostic companies developing equipment and technologies that encounter sensitive patient identifying data need to make efforts to limit their encounters with that patient data. Restricting the amount of patient identifying data that organizations interact with reduces potential data breaches as well as acting as a safety measure against other liabilities. Ex- ploring ways in which organizations can limit their own access to unnecessary patient information, and the benefits of such, life science executives will better understand how to limit their own liability. • Reducing access to patient data • Benefits of limiting access to data • Reducing prospective liability Priya Mannan, Executive Director and Associate GC of Global Pharma Compliance & Data Privacy, NOVARTIS 5:30 CONCLUSION OF DAY ONE SESSIONS
  • 3. 500 N. DEARBORN STREET, SUITE 500 CHICAGO, IL 60654 (P) 312.822.8100 (F) 312.602.3834 www.q1productions.com LIFE SCIENCE DATA PRIVACY DAY TWO | TUESDAY, JULY 28 8:00 REGISTRATION AND MORNING COFFEE 8:20 CHAIRPERSON OPENING REMARKS Aldo M. Leiva, ESQ., Partner, LUBELL | ROSEN 8:30 FDA REGULATIONS ON CYBERSECURITY Technological advances made in the life science industry are integral to the forward movement and progress of developing medical devices and diagnostic equipment. In 2014 the FDA issued a final ruling concerning cybersecurity and the life science industry titled “Content of Premarket Submissions for Manage- ment of Cybersecurity in Medical Devices,” specifically targeting medical de- vices, which outlined the FDA’s main concerns as well as steps organizations should take in order to minimize and prevent cybersecurity risks. Identifying rec- ommendations made by the FDA will assist life science executives in the pres- ervation of patient privacy as well as the prevention of cybersecurity breaches. • Concerns surrounding proliferation of new multi-function devices • Understanding potential risks early on in product design • Creating effective management systems for potential threats Michael McNeil, Global Product Security & Services Officer PHILIPS HEALTHCARE 9:15 GLOBAL PATIENT DATA PRIVACY REGULATIONS As pharmaceutical and medical device corporations continue to commercial- ize products around the world, compliance with evolving international privacy considerations is a top priority. With the rapid pace of regulatory change, and varied policies on both a country-by-country as well as regional basis, ensuring ongoing global compliance is a considerable challenge. Understanding the crit- ical points of international regulatory frameworks and how to formulate policies and procedures that protect data on a global scale is essential in the rapidly evolving life science market. ONGOING EUROPEAN PRIVACY REFORMS European Union laws and regulations stand at the forefront of patient data pri- vacy laws with a 27-country directive restricting the use, sharing, storage and collection of personal data. Countries across the European Union view data privacy holistically, allowing the directive to become the paradigm for other pa- tient data privacy laws and initiatives. Dissecting what makes the EU directives distinct will help executives develop strategies for their continual global growth. • Data Protection Directive 1995/46/EC • e-Privacy Directive 2002/58/EC • Strict penalties for violations Murali Mani, Senior Privacy Officer, PHILIPS GROUP INNOVATION 10:00 COFFEE & NETWORKING BREAK 10:30 DEVELOPING POLICIES ACROSS LATIN AMERICA As Latin American countries continue to develop and become contenders in the life science industry, many countries are developing and implementing new patient data privacy regulations and standards at great speed. Some countries have adopted regulations similar to the EU directives; others have begun to develop regulations that are tailored to their own country. While a number of countries have developed polices that mirror European standards and regula- tions, others have taken a more individual approach, developing unique regu- latory frameworks from the ground up. Understanding specific Latin American regulations will allow for executives to better move within patient data privacy guidelines relative to specific Latin American countries. • Rule of habeas data • Adoption of omnibus data privacy legislation • Rooted in EU directive, yet differ country-to-country Aldo M. Leiva, ESQ., Partner, LUBELL | ROSEN 11:15 ENSURING PATIENT PRIVACY WITHIN SALES & MARKETING STRATEGIES As life science companies work to promote sales and marketing strategies to ensure consumers are being reached in the most effective ways possible, ex- ecutives must endeavor to make certain patient data privacy is maintained. While targeted sales and marketing strategies are an ideal way to promote new drugs, therapies and technologies, using specific patient data to reach con- sumers presents issues concerning the maintenance of personally identifiable information via social media marketing and targeted ads. Focusing on privacy policies and their roles in sales and marketing campaigns, while also identifying ways to prevent breach and ways to employ social media channels in these campaigns, executives will be better able to ensure patient privacy while using patient information for targeted ads. • Addressing unclear guidelines surrounding privacy • Potential privacy breaches in sales & marketing initiatives • Balancing a need for greater marketing success with privacy • Utilizing online and social media outlets while maintaining privacy Megan Mikkelsen, North America Chief Privacy Officer TEVA PHARMACEUTICALS Brad Rostolsky, Partner, REED SMITH 12:00 LUNCHEON FOR ALL CONFERENCE GUESTS 1:00 DATA PRIVACY RISKS WITH THE DEVELOPMENT OF MOBILE TECHNOLOGY The privacy risks associated with the development of mobile applications and the use of data from mobile devices are less obvious and more nuanced than most existing technologies and data collection environments. Mobile devices, such as smart phones, tablets, wearable technologies, personal navigation de- vices and other devices that are continuously associated with their users have changed traditional data collection paradigms. These devices are often always on, digitally connected to the Internet or to each other, capable of generating vast quantities of data about the daily lives of their users that can be made readily accessible through apps, wireless networking, Bluetooth connectivity, radio frequency identification, and global positioning system logging. The po- tential for ubiquitous collection, generation, analysis and sharing of data raises new privacy risks and also challenges existing models for protecting privacy. Daniel J. McBride Director, Privacy Office MERCK 1:45 PRIVACY CONSIDERATIONS IN SECONDARY USE OF CLINICAL DATA Biotech and pharmaceutical companies collect vast amounts of data for use in extensive research; the storing of that data for later use poses challenge as well as controversy. Informed consent allows the signal use of patient level data, and the ethicality of multiple uses of data comes into question when determin- ing if secondary uses violate privacy rules and informed consent. Exploring the instances in which secondary usage of data is reasonable will facilitate discus- sion amongst executives allowing the determination of how informed consent plays a role in data privacy. • Areas of privacy considerations within informed consent documents • Communicating privacy stipulations to clinical research teams • Determining where secondary use of data might breach privacy rules • Ensuring de-identification and anonymization of clinical data Patricia Hilbrands Privacy Officer ARTHREX 2:30 PRIVACY AND PROTECTION OF DATA WHEN WORKING WITH 3RD PARTY PROVIDERS Ensuring appropriate privacy safeguards surrounding consumer data is a con- tinued challenge for life science corporations, especially as they evolve into mobile health applications and partner with developers to further engage and connect with consumers online. When working with third party vendors, ensur- ing the privacy and security of data must be at the forefront of importance, and privacy executives are eager to ensure data is protected. Through thoughtful front-end communication with third party suppliers that focuses on the need for privacy and security to ongoing monitoring of suppliers, privacy will be main- tained and assured. • Monitoring third-party vendors for privacy rules • Safe harbor regulatory requirements for privacy • Protection of clinical and insurance patient data Gregory Albertyn Global Privacy Officer BIOGEN IDEC 3:15 PROGRAM CONCLUSION
  • 4. LIFE SCIENCE TRANSPARENCY REPORTING DECEMBER 7-8, 2015 DALLAS, TX 500 N. DEARBORN STREET, SUITE 500 CHICAGO, IL 60654 (P) 312.822.8100 (F) 312.602.3834 www.q1productions.com Clarifying Inconsistent Interpretations of Reporting both Monetary & Non-Monetary Transactions with Healthcare Professionals on a Federal, State & International Level to Maintain a Risk-Based Approach to Transparency Reporting & Compliance TOPICS TO BE ADDRESSED INCLUDE: KEY SPEAKERS INCLUDE: CMS PERSPECTIVE ON THE FUTURE OF TRANSPARENCY REPORTING & INITIATIVES TO INCREASE EFFICIENCY LIMITING COMPLIANCE RISK WHILE STREAMLINING REPORTING AT THE STATE LEGISLATIVE LEVEL DATA INTEGRITY PANEL: BEST PRACTICES AND LESSONS LEARNED DEVELOPING EFFECTIVE TRAINING PROCESSES FOR EXECUTIVES REPORTING COLLECTED DATA MITIGATING COMPLIANCE RISK IN TRANSPARENCY REPORTING PANEL DISCUSSION: HCP PERSPECTIVES ON TRANSPARENCY REPORTING AND ITS EFFECTS ON THE INDUSTRY MONITORING EVOLVING INTERNATIONAL REGULATIONS FOR AGGREGATE SPEND REPORTING PANEL DISCUSSION: CAPTURING INTERNATIONAL SPEND TO ENSURE COMPLIANCE PANEL: GLOBAL REPORTING SYSTEMS AND PLATFORMS TO STREAMLINE TRANSPARENCY REPORTING UPCOMING EVENT Kelly J. Tope Director of Compliance Operations & Transparency, US & Canada ZIMMER BIOMET John Sheehan Associate Director, Global Transparency Change Management Operations BRISTOL-MYERS SQUIBB Lee H. Rosebush Partner BAKER HOSTETLER Colleen Martin Roberts Of Counsel KRIEG DEVAULT