SlideShare a Scribd company logo

Data Privacy and consent management .. .

Download as PPTX, PDF
C
ClinosolIndia

Data privacy and consent management are critical aspects of ensuring that individuals' personal information is handled responsibly and ethically, particularly in healthcare settings where sensitive medical data is involved. Data privacy refers to the protection of personal information from unauthorized access, use, or disclosure, while consent management involves obtaining and managing individuals' permissions for the collection, storage, and processing of their data. In healthcare, patients entrust providers with their sensitive medical information, expecting that it will be kept confidential and used only for legitimate purposes related to their care. Robust data privacy measures include encryption, access controls, and anonymization techniques to safeguard patient data from unauthorized access or breaches. Additionally, healthcare organizations must adhere to regulatory standards such as HIPAA in the United States or GDPR in the European Union, which outline specific requirements for the protection of patient information and impose penalties for non-compliance. Consent management plays a crucial role in ensuring that individuals have control over how their data is used. Patients should be informed about the purposes for which their data will be collected and processed, as well as any potential risks or benefits associated with its use. Obtaining informed consent involves providing individuals with clear and transparent information about their privacy rights and giving them the opportunity to consent to or decline the use of their data for specific purposes. Consent management systems help healthcare organizations track and manage patients' consent preferences, ensuring that data is used in accordance with their wishes and legal requirements. Effective data privacy and consent management practices not only protect individuals' privacy rights but also foster trust and transparency in healthcare relationships. By implementing robust security measures, respecting patients' autonomy, and promoting informed decision-making, healthcare organizations can uphold the principles of data privacy and consent while leveraging data responsibly to improve patient care and outcomes.

Healthcare
1 of 17
Welcome “Data Privacy and consent management in Clinical Research” Student’s Name :- K. Sailaja Student’s Qualification :- Pharm. D Student ID :- 022/022024 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 1
Overview Data Privacy ( What and Why ). • Regulatory Framework • GDPR(principles ,Rights, Terminology), • HIPAA(Rules, Types of safeguards) • DPDPA-2023 • Difference between GDPR and DPDPA • Informed Consent Process • Consent Management Strategies. • Emerging Trends in Data Privacy & Consent Management 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 2
Data Privacy VS Data Security VS Data protection What is Data Privacy? “Data Privacy” is an area of data protection that concerns the proper handling, processing, storage and usage of sensitive data including personal data, confidential data. The main aim is to meet the regulatory requirements and data protection laws as well as protecting the confidentiality of the data. What is Data Security ? “Data Security ” is focused on protecting personal data from any unauthorized third-party access or malicious attacks and exploitation of data. It is set up to protect personal data using different methods and techniques like network security, access control, breach response, encryption and multi-factor authentication. What is Data Protection? Roughly speaking data protection falls under three broad categories, namely traditional data protection such as back up and restore copies, data security, and data privacy. 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 3
Regulatory Frameworks 1950 - European Convention on Human Rights 2003-2005 - Healthcare Insurance Portability and Accountability Act (HIPAA) – Privacy and Security Rules (USA) 2016-18 - General Data Protection Regulation (GDPR)(Europe) 2023 - Digital Personal Data Protection Act (DPDPA) (INDIA) 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 4
General Data Protection Regulation (GDPR) ACT- 2018: What is GDPR? GDPR is a comprehensive data protection law in the European Union (EU) that regulates the processing of personal data. It aims to strengthen individuals' rights regarding their personal information and imposes obligations on organizations handling such data to ensure transparency, accountability and the lawful processing of data. GDPR Data Protection Principles ( Article 5.1-2) 1.”Lawfullness ,fairness and transparency 2. Data Minimization 3. Confidentiality and integrity 4. Accuracy 5. Accountability 6. Storage limitations 7. Purpose Limitations 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 5
GDPR Terminology Personal Data: Any information related to an identified or identifiable natural person. This includes names, identification numbers, location data, online identifiers, or factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person. Data Subject: An identifiable natural person whose personal data is processed by a controller or processor. Data Controller: The entity that determines the purposes, conditions, and means of the processing of personal data. This could be an organization, business, or individual. Data Processor: An entity that processes personal data on behalf of the data controller. This could be a service provider or another organization. Processing: Any operation or set of operations performed on personal data, whether by automated means or not. This includes collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of data. Consent: Freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of their personal data. Data Protection Officer (DPO): An individual or organization appointed by a data controller or processor to oversee GDPR compliance and data protection strategy. 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 6
GDPR Data Subjects Privacy Rights GDPR 2018 Right to Access Right to Rectification Right to Erasure (Right to be Forgotten) Right to Restrict Processing Right to Data Portability Right to Object Rights in Relation to Automated Decision Making and Profiling Right to Withdraw Consent 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 7 The General Data Protection Regulation (GDPR) grants several rights to individuals (subjects) regarding their personal data. Here is a list of the main rights granted to individuals under GDPR:
Health Insurance Portability and Accountability Act,(HIPAA) 2003-2005 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch Privacy rule Security rule Breach notification rule Enforcement rule Healthcare Providers: This includes healthcare professionals such as doctors, nurses, psychologists, chiropractors, clinics, hospitals, nursing homes, and pharmacies, among others, who transmit any health information electronically in connection with transactions for which HHS has adopted standards. Health Plans: Health plans include health insurance companies, HMOs (Health Maintenance Organizations), company health plans, government programs such as Medicare and Medicaid, and other types of health insurance issuers. Healthcare Clearinghouses: These are entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa. This can include billing services, repricing companies, and community health management information systems. Health care /Business associates, which are persons or entities (other than members of the covered entity's workforce) who perform functions or activities on behalf of, or provide certain services to, a covered entity that involves the use or disclosure of protected health information (PHI). Examples of business associates include third-party administrators, billing companies, and legal services
Rules of HIPAA PRIVACY RULE 2003 • The Privacy Rule of HIPAA, officially known as the Standards for Privacy of Individually Identifiable Health Information, sets national standards to protect individuals' medical records and personal health information (PHI). It regulates how covered entities use and disclose PHI, granting individuals rights over their health information and ensuring its confidentiality and security. The Privacy Rule applies to healthcare providers, health plans, and healthcare clearinghouses that transmit health information electronically. SECURITY RULE 2005 • The Security Rule of HIPAA establishes standards to safeguard electronic protected health information (ePHI). It requires covered entities to implement administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and availability of ePHI. The Security Rule aims to protect healthcare data from unauthorized access, use, or disclosure, thereby enhancing the overall security of electronic health information. Breach Notification Rule: The HIPAA Breach Notification Rule requires covered entities to notify affected individuals, the U.S. Department of Health and Human Services (HHS), and, in some cases, the media, following a breach of unsecured PHI. Covered entities must also notify HHS annually of breaches affecting fewer than 500 individuals and maintain documentation of breaches. Enforcement Rule: The HIPAA Enforcement Rule outlines the procedures and requirements for investigations and penalties related to HIPAA violations. It establishes the authority of the HHS Office or Civil Rights (OCR) to enforce HIPAA and impose civil monetary penalties for non-compliance) 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 9
TYPES OF SAFEGUARDS 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 10 Organizations must document their security management process, analyze risks to ePHI and implement security measures to mitigate them EX: risk assessment , assigning a privacy official, staff training. Administrative Safeguards Organizations must control access to the physical facilities where ePHI and is stored and secure all workstations and devices that store or transmit ePHI EX:Alarm systems, Security systems, Locking areas where PHI is stored Physical safeguard Organizations must implement the technical safeguards that include hardware , software, and other technology to limit access to ePHI EX: Data encryption, antivirus software, automatic logoff and audit control. Technical safeguards
Digital Personal Data Protection Act (DPDPA) The Digital Personal Data Protection Act (DPDP Act) of 2023 is a significant legislation enacted in India to regulate the processing, storage, and protection of personal data. SCOPE:. It aims to enhance data privacy and security standards within the country's digital ecosystem Consent: It emphasizes the importance of obtaining explicit and informed consent from data subjects before collecting, processing or sharing their personal data REQUIREMENTS:- • Obtain consent from individuals before processing their personal data • Use personal data only for the purposes for which it is collected • Protect personal data from unauthorized access, use, disclosure, alteration , or destruction • Respond to individual’s requests for access, correction , deletion and objection . • Report data breaches to the DPA • KEY DATES: Effective from 1/01/2024,complained to be determined but could be as soon as June 2024 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 11
Differences between GDPR and DPDP 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 12 PROPERTY GDPR –EUROPEAN UNION DPDPA -INDIA Jurisdiction applies to all member states of the European Union and also governs the processing of personal data of EU citizens wherever it occurs globally. applies solely to India, Scope: GDPR covers a broader range of data including personal data, sensitive personal data, and data related to criminal convictions and offenses. DPDPA regulates the processing of personal data within India Definitions and Categories: PII(Personal identifiable information) It applies to a broader range of personal data ,including data that is not stored /processed electronically PII:-This act only applies to digital personal data Penalties €20 million or 4% of the company's global annual revenue, 150 crore INR- 250crore INR DPDP -INDIA GDPR-EU WHAT IS IT Data Principal Data Subject Person whose data is being referred to Data Fiduciary Data Controller Decision maker of how data is to be processed Data Processor Data Processor Entity that performs the processing of data Data Protection Officer(DPO) Data Protection Officer(DPO)
INFORMED CONSENT PROCESS Record Keeping. Method of Consent Withdrawal of Consent Consequences of Consent: Rights of the Data Subject Legal Basis for Processing Purpose of Data Processing Description of Data Identity of the Data Controller Provide Clear Information 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 13
CONSENT MANAGEMENT STRATEGIES Clear Documentation: Provide clear and comprehensive consent forms that outline the purpose of the research, procedures involved, potential risks and benefits, confidentiality measures and participant rights. Use simple language understandable to the target population. Informed Consent Process: Conduct face-to-face meetings between researchers and participants to explain the research study thoroughly. Allow ample time for participants to ask questions and make an informed decision. Ensure that participants understand the information provided before obtaining their consent. Consent Training for Researchers: Train researchers and staff involved in obtaining consent to ensure they understand the importance of informed consent and how to communicate effectively with participants. This training should include ethical considerations, communication skills, and protocols for obtaining and documenting consent. Respect for Autonomy: Respect participants' autonomy by allowing them to make voluntary and informed decisions about participating in the research study. Avoid coercion or undue influence and ensure participants have the freedom to withdraw from the study at any time without consequences. 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 14
CONSENT MANAGEMENT STRATEGIES Consent Reiteration: Reinforce consent throughout the research process, reminding participants of their rights and the study's procedures. Provide ongoing opportunities for participants to ask questions and seek clarification as needed. Consent Tracking and Documentation: Maintain accurate records of the consent process, including signed consent forms, documentation of discussions with participants, and any amendments to the consent documents. Ensure confidentiality and secure storage of consent- related information. Adaptation to Participants' Needs: Tailor the consent process to accommodate participants' cultural, linguistic, and cognitive needs. Use interpreters or translated materials when necessary, and provide additional support for participants with limited literacy or comprehension skills. Regular Review and Updates: Regularly review consent procedures to ensure they comply with current ethical guidelines and regulatory requirements. Update consent forms and processes as needed based on feedback from participants, researchers, and ethical review boards. 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 15
Emerging Trends in Data Privacy &Consent management • Block chain technology • Decentralized identifiers • Artificial Intelligence(AI) consent process • Consent Management Platforms • Enhanced participant Education Tools • Consent for Digital Health Ecosystems • Biometric Authentication for Consent 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 16
Thank You! www.clinosol.com (India | Canada) 9121151622/623/624 info@clinosol.com 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 17

Recommended

The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationThe U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
Cognizant
 
Data Privacy and Security in Clinical Trials: Safeguarding Patient Information
Data Privacy and Security in Clinical Trials: Safeguarding Patient InformationData Privacy and Security in Clinical Trials: Safeguarding Patient Information
Data Privacy and Security in Clinical Trials: Safeguarding Patient Information
ClinosolIndia
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
EMMAIntl
 
My presentation- Ala about privacy and GDPR
My presentation- Ala about privacy and GDPRMy presentation- Ala about privacy and GDPR
My presentation- Ala about privacy and GDPR
zayadeen2003
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for Dummies
Caroline Boscher
 
GDPR Changing Mindset
GDPR Changing MindsetGDPR Changing Mindset
GDPR Changing Mindset
NetworkIQ
 
General Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRGeneral Data Protection Regulation or GDPR
General Data Protection Regulation or GDPR
Nupur Samaddar
 
HIPAA vs GDPR The How, What, and Why ?
HIPAA vs GDPR The How, What, and Why ? HIPAA vs GDPR The How, What, and Why ?
HIPAA vs GDPR The How, What, and Why ?
Magda CHELLY, Ph.D, S-CISO, CISSP®
 

Recommended

The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy RegulationThe U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
The U.S. Healthcare Implications of Europe’s Stricter Data Privacy Regulation
Cognizant
 
Data Privacy and Security in Clinical Trials: Safeguarding Patient Information
Data Privacy and Security in Clinical Trials: Safeguarding Patient InformationData Privacy and Security in Clinical Trials: Safeguarding Patient Information
Data Privacy and Security in Clinical Trials: Safeguarding Patient Information
ClinosolIndia
 
GDPR in the Healthcare Industry
GDPR in the Healthcare IndustryGDPR in the Healthcare Industry
GDPR in the Healthcare Industry
EMMAIntl
 
My presentation- Ala about privacy and GDPR
My presentation- Ala about privacy and GDPRMy presentation- Ala about privacy and GDPR
My presentation- Ala about privacy and GDPR
zayadeen2003
 
GDPR for Dummies
GDPR for DummiesGDPR for Dummies
GDPR for Dummies
Caroline Boscher
 
GDPR Changing Mindset
GDPR Changing MindsetGDPR Changing Mindset
GDPR Changing Mindset
NetworkIQ
 
General Data Protection Regulation or GDPR
General Data Protection Regulation or GDPRGeneral Data Protection Regulation or GDPR
General Data Protection Regulation or GDPR
Nupur Samaddar
 
HIPAA vs GDPR The How, What, and Why ?
HIPAA vs GDPR The How, What, and Why ? HIPAA vs GDPR The How, What, and Why ?
HIPAA vs GDPR The How, What, and Why ?
Magda CHELLY, Ph.D, S-CISO, CISSP®
 
Ready for the GDPR, Ready for the Digital Economy
Ready for the GDPR, Ready for the Digital EconomyReady for the GDPR, Ready for the Digital Economy
Ready for the GDPR, Ready for the Digital Economy
Ray ABOU
 
Information governance
Information governanceInformation governance
Information governance
Gerardo Medina
 
Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018
amirhannan
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
Ulf Mattsson
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready?
SecurityScorecard
 
2017-01-24 Introduction of PCI and HIPAA Compliance
2017-01-24 Introduction of PCI and HIPAA Compliance2017-01-24 Introduction of PCI and HIPAA Compliance
2017-01-24 Introduction of PCI and HIPAA Compliance
Raffa Learning Community
 
2016 02-23 Is it time for a Security and Compliance Assessment?
2016 02-23 Is it time for a Security and Compliance Assessment?2016 02-23 Is it time for a Security and Compliance Assessment?
2016 02-23 Is it time for a Security and Compliance Assessment?
Raffa Learning Community
 
Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)
Acquia
 
UAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfUAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdf
DaviesParker
 
2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance 2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance
Raffa Learning Community
 
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdfData Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
CIOWomenMagazine
 
Hipaa omnibus
Hipaa omnibusHipaa omnibus
Hipaa omnibus
wardell henley
 
GDPR: how IT works
GDPR: how IT worksGDPR: how IT works
GDPR: how IT works
Morris Dorfer
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
The Pathway Group
 
An Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway GroupAn Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway Group
The Pathway Group
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
Harrison Clark Rickerbys
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
Harrison Clark Rickerbys
 
Protection of patient data in EU vs. US
Protection of patient data in EU vs. USProtection of patient data in EU vs. US
Protection of patient data in EU vs. US
Erik R. Ranschaert, MD, PhD
 
Data Privacy Laws: A Global Overview and Compliance Strategies
Data Privacy Laws: A Global Overview and Compliance StrategiesData Privacy Laws: A Global Overview and Compliance Strategies
Data Privacy Laws: A Global Overview and Compliance Strategies
ShyamMishra72
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
Harrison Clark Rickerbys
 
Role of Drug Regulatory agencies in Clinical Research.
Role of Drug Regulatory agencies in Clinical Research.Role of Drug Regulatory agencies in Clinical Research.
Role of Drug Regulatory agencies in Clinical Research.
ClinosolIndia
 
Clinical data security and Integrity in Clinical Research
Clinical data security and Integrity in Clinical ResearchClinical data security and Integrity in Clinical Research
Clinical data security and Integrity in Clinical Research
ClinosolIndia
 

More Related Content

Similar to Data Privacy and consent management .. .

New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
Ulf Mattsson
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready?
SecurityScorecard
 
2017-01-24 Introduction of PCI and HIPAA Compliance
2017-01-24 Introduction of PCI and HIPAA Compliance2017-01-24 Introduction of PCI and HIPAA Compliance
2017-01-24 Introduction of PCI and HIPAA Compliance
Raffa Learning Community
 
Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)
Acquia
 
2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance 2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance
Raffa Learning Community
 

Similar to Data Privacy and consent management .. . (20)

Ready for the GDPR, Ready for the Digital Economy
Ready for the GDPR, Ready for the Digital EconomyReady for the GDPR, Ready for the Digital Economy
Ready for the GDPR, Ready for the Digital Economy
 
Information governance
Information governanceInformation governance
Information governance
 
Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018Slides dr farah jameel's gdpr presentation april 2018
Slides dr farah jameel's gdpr presentation april 2018
 
New opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulationsNew opportunities and business risks with evolving privacy regulations
New opportunities and business risks with evolving privacy regulations
 
GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready? GDPR Enforcement is here. Are you ready?
GDPR Enforcement is here. Are you ready?
 
2017-01-24 Introduction of PCI and HIPAA Compliance
2017-01-24 Introduction of PCI and HIPAA Compliance2017-01-24 Introduction of PCI and HIPAA Compliance
2017-01-24 Introduction of PCI and HIPAA Compliance
 
2016 02-23 Is it time for a Security and Compliance Assessment?
2016 02-23 Is it time for a Security and Compliance Assessment?2016 02-23 Is it time for a Security and Compliance Assessment?
2016 02-23 Is it time for a Security and Compliance Assessment?
 
Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)Understanding the EU's new General Data Protection Regulation (GDPR)
Understanding the EU's new General Data Protection Regulation (GDPR)
 
UAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdfUAE-Personal-Data-Protection-Law.pdf
UAE-Personal-Data-Protection-Law.pdf
 
2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance 2018 01-25 Introduction to PCI and HIPAA Compliance
2018 01-25 Introduction to PCI and HIPAA Compliance
 
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdfData Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
Data Privacy Compliance Navigating the Evolving Regulatory Landscape.pdf
 
Hipaa omnibus
Hipaa omnibusHipaa omnibus
Hipaa omnibus
 
GDPR: how IT works
GDPR: how IT worksGDPR: how IT works
GDPR: how IT works
 
An Overview of GDPR
An Overview of GDPR An Overview of GDPR
An Overview of GDPR
 
An Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway GroupAn Overview of GDPR by Pathway Group
An Overview of GDPR by Pathway Group
 
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
GDPR Breakfast Briefing - For Business Owners, HR Directors, Marketing Direct...
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 
Protection of patient data in EU vs. US
Protection of patient data in EU vs. USProtection of patient data in EU vs. US
Protection of patient data in EU vs. US
 
Data Privacy Laws: A Global Overview and Compliance Strategies
Data Privacy Laws: A Global Overview and Compliance StrategiesData Privacy Laws: A Global Overview and Compliance Strategies
Data Privacy Laws: A Global Overview and Compliance Strategies
 
GDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business AdvisorsGDPR Breakfast Briefing for Business Advisors
GDPR Breakfast Briefing for Business Advisors
 

More from ClinosolIndia

Role of Drug Regulatory agencies in Clinical Research.
Role of Drug Regulatory agencies in Clinical Research.Role of Drug Regulatory agencies in Clinical Research.
Role of Drug Regulatory agencies in Clinical Research.
ClinosolIndia
 
Clinical data security and Integrity in Clinical Research
Clinical data security and Integrity in Clinical ResearchClinical data security and Integrity in Clinical Research
Clinical data security and Integrity in Clinical Research
ClinosolIndia
 
Pharmacovigilance in Patriatics and Geriatrics
Pharmacovigilance in Patriatics and GeriatricsPharmacovigilance in Patriatics and Geriatrics
Pharmacovigilance in Patriatics and Geriatrics
ClinosolIndia
 
Presenting- Signal mining in Pharmacovigilance
Presenting- Signal mining in PharmacovigilancePresenting- Signal mining in Pharmacovigilance
Presenting- Signal mining in Pharmacovigilance
ClinosolIndia
 
Patient centered Pharmacovigilance .. .
Patient centered Pharmacovigilance .. .Patient centered Pharmacovigilance .. .
Patient centered Pharmacovigilance .. .
ClinosolIndia
 
Patient-Centric Approaches in Precision Medicine Trials: Strategies for Success
Patient-Centric Approaches in Precision Medicine Trials: Strategies for SuccessPatient-Centric Approaches in Precision Medicine Trials: Strategies for Success
Patient-Centric Approaches in Precision Medicine Trials: Strategies for Success
ClinosolIndia
 
Collaborative Initiatives: How Patient Advocacy Groups Contribute to the Succ...
Collaborative Initiatives: How Patient Advocacy Groups Contribute to the Succ...Collaborative Initiatives: How Patient Advocacy Groups Contribute to the Succ...
Collaborative Initiatives: How Patient Advocacy Groups Contribute to the Succ...
ClinosolIndia
 
Ethical Dilemmas in Precision Medicine: Navigating the Intersection of Scienc...
Ethical Dilemmas in Precision Medicine: Navigating the Intersection of Scienc...Ethical Dilemmas in Precision Medicine: Navigating the Intersection of Scienc...
Ethical Dilemmas in Precision Medicine: Navigating the Intersection of Scienc...
ClinosolIndia
 

More from ClinosolIndia (20)

Role of Drug Regulatory agencies in Clinical Research.
Role of Drug Regulatory agencies in Clinical Research.Role of Drug Regulatory agencies in Clinical Research.
Role of Drug Regulatory agencies in Clinical Research.
 
Clinical data security and Integrity in Clinical Research
Clinical data security and Integrity in Clinical ResearchClinical data security and Integrity in Clinical Research
Clinical data security and Integrity in Clinical Research
 
Pharmacovigilance in Patriatics and Geriatrics
Pharmacovigilance in Patriatics and GeriatricsPharmacovigilance in Patriatics and Geriatrics
Pharmacovigilance in Patriatics and Geriatrics
 
Presenting- Signal mining in Pharmacovigilance
Presenting- Signal mining in PharmacovigilancePresenting- Signal mining in Pharmacovigilance
Presenting- Signal mining in Pharmacovigilance
 
Patient centered Pharmacovigilance .. .
Patient centered Pharmacovigilance .. .Patient centered Pharmacovigilance .. .
Patient centered Pharmacovigilance .. .
 
Introduction to Blogs, Presentations and Review Articles- Noorush Shifa Nizami
Introduction to Blogs, Presentations and Review Articles- Noorush Shifa NizamiIntroduction to Blogs, Presentations and Review Articles- Noorush Shifa Nizami
Introduction to Blogs, Presentations and Review Articles- Noorush Shifa Nizami
 
Patient-Centric Approaches in Precision Medicine Trials: Strategies for Success
Patient-Centric Approaches in Precision Medicine Trials: Strategies for SuccessPatient-Centric Approaches in Precision Medicine Trials: Strategies for Success
Patient-Centric Approaches in Precision Medicine Trials: Strategies for Success
 
Collaborative Initiatives: How Patient Advocacy Groups Contribute to the Succ...
Collaborative Initiatives: How Patient Advocacy Groups Contribute to the Succ...Collaborative Initiatives: How Patient Advocacy Groups Contribute to the Succ...
Collaborative Initiatives: How Patient Advocacy Groups Contribute to the Succ...
 
Ethical Dilemmas in Precision Medicine: Navigating the Intersection of Scienc...
Ethical Dilemmas in Precision Medicine: Navigating the Intersection of Scienc...Ethical Dilemmas in Precision Medicine: Navigating the Intersection of Scienc...
Ethical Dilemmas in Precision Medicine: Navigating the Intersection of Scienc...
 
Regulatory Considerations in Precision Medicine: Navigating the Approval Process
Regulatory Considerations in Precision Medicine: Navigating the Approval ProcessRegulatory Considerations in Precision Medicine: Navigating the Approval Process
Regulatory Considerations in Precision Medicine: Navigating the Approval Process
 
Emerging Technologies and Tools in Precision Medicine Research
Emerging Technologies and Tools in Precision Medicine ResearchEmerging Technologies and Tools in Precision Medicine Research
Emerging Technologies and Tools in Precision Medicine Research
 
Precision Medicine in Action: Case Studies and Success Stories
Precision Medicine in Action: Case Studies and Success StoriesPrecision Medicine in Action: Case Studies and Success Stories
Precision Medicine in Action: Case Studies and Success Stories
 
Harnessing Big Data and Artificial Intelligence for Pharmacovigilance in Prec...
Harnessing Big Data and Artificial Intelligence for Pharmacovigilance in Prec...Harnessing Big Data and Artificial Intelligence for Pharmacovigilance in Prec...
Harnessing Big Data and Artificial Intelligence for Pharmacovigilance in Prec...
 
Integration of Clinical Trial Systems: Enhancing Collaboration and Efficiency
Integration of Clinical Trial Systems: Enhancing Collaboration and EfficiencyIntegration of Clinical Trial Systems: Enhancing Collaboration and Efficiency
Integration of Clinical Trial Systems: Enhancing Collaboration and Efficiency
 
Pharmacovigilance (PV) Companies: Ensuring Drug Safety in Personalized Treatm...
Pharmacovigilance (PV) Companies: Ensuring Drug Safety in Personalized Treatm...Pharmacovigilance (PV) Companies: Ensuring Drug Safety in Personalized Treatm...
Pharmacovigilance (PV) Companies: Ensuring Drug Safety in Personalized Treatm...
 
Adoptive Design: Optimizing Clinical Trial Strategies for Precision Medicine
Adoptive Design: Optimizing Clinical Trial Strategies for Precision MedicineAdoptive Design: Optimizing Clinical Trial Strategies for Precision Medicine
Adoptive Design: Optimizing Clinical Trial Strategies for Precision Medicine
 
Artificial Intelligence In Clinical Trial
Artificial Intelligence In Clinical TrialArtificial Intelligence In Clinical Trial
Artificial Intelligence In Clinical Trial
 
Emerging Technologies Shaping the Future of Precision Medicine
Emerging Technologies Shaping the Future of Precision MedicineEmerging Technologies Shaping the Future of Precision Medicine
Emerging Technologies Shaping the Future of Precision Medicine
 
Innovations in Liquid Biopsies for Precision Cancer Diagnosis
Innovations in Liquid Biopsies for Precision Cancer DiagnosisInnovations in Liquid Biopsies for Precision Cancer Diagnosis
Innovations in Liquid Biopsies for Precision Cancer Diagnosis
 
Machine Learning Algorithms for Predictive Analytics in Precision Medicine
Machine Learning Algorithms for Predictive Analytics in Precision MedicineMachine Learning Algorithms for Predictive Analytics in Precision Medicine
Machine Learning Algorithms for Predictive Analytics in Precision Medicine
 

Recently uploaded

Russian Call Girls Delhi 🧍🏼‍♀️🧍🏼‍♀️(91X0X0X912🧍🏼‍♀️🧍🏼‍♀️ Russian Call Girls S...
Russian Call Girls Delhi 🧍🏼‍♀️🧍🏼‍♀️(91X0X0X912🧍🏼‍♀️🧍🏼‍♀️ Russian Call Girls S...Russian Call Girls Delhi 🧍🏼‍♀️🧍🏼‍♀️(91X0X0X912🧍🏼‍♀️🧍🏼‍♀️ Russian Call Girls S...
Russian Call Girls Delhi 🧍🏼‍♀️🧍🏼‍♀️(91X0X0X912🧍🏼‍♀️🧍🏼‍♀️ Russian Call Girls S...
Inaayaeventcompany
 
OBAT PENGGUGUR KANDUNGAN 081466799220 PIL ABORSI CYTOTEC PELUNTUR JANIN
OBAT PENGGUGUR KANDUNGAN 081466799220 PIL ABORSI CYTOTEC PELUNTUR JANINOBAT PENGGUGUR KANDUNGAN 081466799220 PIL ABORSI CYTOTEC PELUNTUR JANIN
OBAT PENGGUGUR KANDUNGAN 081466799220 PIL ABORSI CYTOTEC PELUNTUR JANIN
JUAL OBAT GASTRUL MISOPROSTOL 081466799220 PIL ABORSI CYTOTEC 1 2 3 4 5 6 7 BULAN TERPERCAYA
 
Cash Payment 😋 +9316020077 Goa Call Girl No Advance *Full Service
Cash Payment 😋 +9316020077 Goa Call Girl No Advance *Full ServiceCash Payment 😋 +9316020077 Goa Call Girl No Advance *Full Service
Cash Payment 😋 +9316020077 Goa Call Girl No Advance *Full Service
Real Sex Provide In Goa
 
Agra Call Girl 📲 ( 9084454195 ) ⏎ Independent Call Girls In Agra By Meera
Agra Call Girl 📲 ( 9084454195 ) ⏎ Independent Call Girls In Agra By MeeraAgra Call Girl 📲 ( 9084454195 ) ⏎ Independent Call Girls In Agra By Meera
Agra Call Girl 📲 ( 9084454195 ) ⏎ Independent Call Girls In Agra By Meera
Inaayaeventcompany
 
💚Mature Women / Aunty Call Girl Chandigarh Escorts Service 💯Call Us 🔝 9352988...
💚Mature Women / Aunty Call Girl Chandigarh Escorts Service 💯Call Us 🔝 9352988...💚Mature Women / Aunty Call Girl Chandigarh Escorts Service 💯Call Us 🔝 9352988...
💚Mature Women / Aunty Call Girl Chandigarh Escorts Service 💯Call Us 🔝 9352988...
Chandigarh Call Girls
 
@Safe Abortion pills IN Jeddah(+918133066128) Un_wanted kit Buy Jeddah
@Safe Abortion pills IN Jeddah(+918133066128) Un_wanted kit Buy Jeddah@Safe Abortion pills IN Jeddah(+918133066128) Un_wanted kit Buy Jeddah
@Safe Abortion pills IN Jeddah(+918133066128) Un_wanted kit Buy Jeddah
Abortion pills in Kuwait Cytotec pills in Kuwait
 
Call Girls In Kharar 💯Call Us 🔝 9915851334🔝 💃 Top Class ☎️ Call Girl Service ...
Call Girls In Kharar 💯Call Us 🔝 9915851334🔝 💃 Top Class ☎️ Call Girl Service ...Call Girls In Kharar 💯Call Us 🔝 9915851334🔝 💃 Top Class ☎️ Call Girl Service ...
Call Girls In Kharar 💯Call Us 🔝 9915851334🔝 💃 Top Class ☎️ Call Girl Service ...
daljeetkaur2026
 
Pathways to Equality: The Role of Men and Women in Gender Equity
Pathways to Equality: The Role of Men and Women in Gender EquityPathways to Equality: The Role of Men and Women in Gender Equity
Pathways to Equality: The Role of Men and Women in Gender Equity
Atharv Kurhade
 
Goa Call Girls Service +9316020077 Call GirlsGoa By Russian Call Girlsin Goa
Goa Call Girls Service +9316020077 Call GirlsGoa By Russian Call Girlsin GoaGoa Call Girls Service +9316020077 Call GirlsGoa By Russian Call Girlsin Goa
Goa Call Girls Service +9316020077 Call GirlsGoa By Russian Call Girlsin Goa
Real Sex Provide In Goa
 
Spauldings classification ppt by Dr C P PRINCE
Spauldings classification ppt by Dr C P PRINCESpauldings classification ppt by Dr C P PRINCE
Spauldings classification ppt by Dr C P PRINCE
DR.PRINCE C P
 
❤️ Chandigarh Call Girls Service ☎️99158-51334☎️ Escort service in Chandigarh...
❤️ Chandigarh Call Girls Service ☎️99158-51334☎️ Escort service in Chandigarh...❤️ Chandigarh Call Girls Service ☎️99158-51334☎️ Escort service in Chandigarh...
❤️ Chandigarh Call Girls Service ☎️99158-51334☎️ Escort service in Chandigarh...
rajveerescorts2022
 
TIME FOR ACTION: MAY 2024 Securing A Strong Nursing Workforce for North Carolina
TIME FOR ACTION: MAY 2024 Securing A Strong Nursing Workforce for North CarolinaTIME FOR ACTION: MAY 2024 Securing A Strong Nursing Workforce for North Carolina
TIME FOR ACTION: MAY 2024 Securing A Strong Nursing Workforce for North Carolina
Mebane Rash
 
Top 10 Famous Indian Pornstar - Top 10 Female Porn Star Name List 2024
Top 10 Famous Indian Pornstar - Top 10 Female Porn Star Name List 2024Top 10 Famous Indian Pornstar - Top 10 Female Porn Star Name List 2024
Top 10 Famous Indian Pornstar - Top 10 Female Porn Star Name List 2024
Inaayaeventcompany
 
The Events of Cardiac Cycle - Wigger's Diagram
The Events of Cardiac Cycle - Wigger's DiagramThe Events of Cardiac Cycle - Wigger's Diagram
The Events of Cardiac Cycle - Wigger's Diagram
MedicoseAcademics
 

Recently uploaded (20)

Russian Call Girls Delhi 🧍🏼‍♀️🧍🏼‍♀️(91X0X0X912🧍🏼‍♀️🧍🏼‍♀️ Russian Call Girls S...
Russian Call Girls Delhi 🧍🏼‍♀️🧍🏼‍♀️(91X0X0X912🧍🏼‍♀️🧍🏼‍♀️ Russian Call Girls S...Russian Call Girls Delhi 🧍🏼‍♀️🧍🏼‍♀️(91X0X0X912🧍🏼‍♀️🧍🏼‍♀️ Russian Call Girls S...
Russian Call Girls Delhi 🧍🏼‍♀️🧍🏼‍♀️(91X0X0X912🧍🏼‍♀️🧍🏼‍♀️ Russian Call Girls S...
 
OBAT PENGGUGUR KANDUNGAN 081466799220 PIL ABORSI CYTOTEC PELUNTUR JANIN
OBAT PENGGUGUR KANDUNGAN 081466799220 PIL ABORSI CYTOTEC PELUNTUR JANINOBAT PENGGUGUR KANDUNGAN 081466799220 PIL ABORSI CYTOTEC PELUNTUR JANIN
OBAT PENGGUGUR KANDUNGAN 081466799220 PIL ABORSI CYTOTEC PELUNTUR JANIN
 
Cash Payment 😋 +9316020077 Goa Call Girl No Advance *Full Service
Cash Payment 😋 +9316020077 Goa Call Girl No Advance *Full ServiceCash Payment 😋 +9316020077 Goa Call Girl No Advance *Full Service
Cash Payment 😋 +9316020077 Goa Call Girl No Advance *Full Service
 
Agra Call Girl 📲 ( 9084454195 ) ⏎ Independent Call Girls In Agra By Meera
Agra Call Girl 📲 ( 9084454195 ) ⏎ Independent Call Girls In Agra By MeeraAgra Call Girl 📲 ( 9084454195 ) ⏎ Independent Call Girls In Agra By Meera
Agra Call Girl 📲 ( 9084454195 ) ⏎ Independent Call Girls In Agra By Meera
 
💚Mature Women / Aunty Call Girl Chandigarh Escorts Service 💯Call Us 🔝 9352988...
💚Mature Women / Aunty Call Girl Chandigarh Escorts Service 💯Call Us 🔝 9352988...💚Mature Women / Aunty Call Girl Chandigarh Escorts Service 💯Call Us 🔝 9352988...
💚Mature Women / Aunty Call Girl Chandigarh Escorts Service 💯Call Us 🔝 9352988...
 
TEST BANK For Little and Falace's Dental Management of the Medically Compromi...
TEST BANK For Little and Falace's Dental Management of the Medically Compromi...TEST BANK For Little and Falace's Dental Management of the Medically Compromi...
TEST BANK For Little and Falace's Dental Management of the Medically Compromi...
 
@Safe Abortion pills IN Jeddah(+918133066128) Un_wanted kit Buy Jeddah
@Safe Abortion pills IN Jeddah(+918133066128) Un_wanted kit Buy Jeddah@Safe Abortion pills IN Jeddah(+918133066128) Un_wanted kit Buy Jeddah
@Safe Abortion pills IN Jeddah(+918133066128) Un_wanted kit Buy Jeddah
 
Post marketing surveillance in Japan, legislation and.pptx
Post marketing surveillance in Japan, legislation and.pptxPost marketing surveillance in Japan, legislation and.pptx
Post marketing surveillance in Japan, legislation and.pptx
 
RESPIRATORY ALKALOSIS & RESPIRATORY ACIDOSIS.pdf
RESPIRATORY ALKALOSIS & RESPIRATORY ACIDOSIS.pdfRESPIRATORY ALKALOSIS & RESPIRATORY ACIDOSIS.pdf
RESPIRATORY ALKALOSIS & RESPIRATORY ACIDOSIS.pdf
 
Call Girls In Kharar 💯Call Us 🔝 9915851334🔝 💃 Top Class ☎️ Call Girl Service ...
Call Girls In Kharar 💯Call Us 🔝 9915851334🔝 💃 Top Class ☎️ Call Girl Service ...Call Girls In Kharar 💯Call Us 🔝 9915851334🔝 💃 Top Class ☎️ Call Girl Service ...
Call Girls In Kharar 💯Call Us 🔝 9915851334🔝 💃 Top Class ☎️ Call Girl Service ...
 
Nursing Care Plan for Surgery (Risk for Infection)
Nursing Care Plan for Surgery (Risk for Infection)Nursing Care Plan for Surgery (Risk for Infection)
Nursing Care Plan for Surgery (Risk for Infection)
 
Pathways to Equality: The Role of Men and Women in Gender Equity
Pathways to Equality: The Role of Men and Women in Gender EquityPathways to Equality: The Role of Men and Women in Gender Equity
Pathways to Equality: The Role of Men and Women in Gender Equity
 
Goa Call Girls Service +9316020077 Call GirlsGoa By Russian Call Girlsin Goa
Goa Call Girls Service +9316020077 Call GirlsGoa By Russian Call Girlsin GoaGoa Call Girls Service +9316020077 Call GirlsGoa By Russian Call Girlsin Goa
Goa Call Girls Service +9316020077 Call GirlsGoa By Russian Call Girlsin Goa
 
Spauldings classification ppt by Dr C P PRINCE
Spauldings classification ppt by Dr C P PRINCESpauldings classification ppt by Dr C P PRINCE
Spauldings classification ppt by Dr C P PRINCE
 
zencortex suppliment-health and benefit (1).pdf
zencortex suppliment-health and benefit (1).pdfzencortex suppliment-health and benefit (1).pdf
zencortex suppliment-health and benefit (1).pdf
 
❤️ Chandigarh Call Girls Service ☎️99158-51334☎️ Escort service in Chandigarh...
❤️ Chandigarh Call Girls Service ☎️99158-51334☎️ Escort service in Chandigarh...❤️ Chandigarh Call Girls Service ☎️99158-51334☎️ Escort service in Chandigarh...
❤️ Chandigarh Call Girls Service ☎️99158-51334☎️ Escort service in Chandigarh...
 
TIME FOR ACTION: MAY 2024 Securing A Strong Nursing Workforce for North Carolina
TIME FOR ACTION: MAY 2024 Securing A Strong Nursing Workforce for North CarolinaTIME FOR ACTION: MAY 2024 Securing A Strong Nursing Workforce for North Carolina
TIME FOR ACTION: MAY 2024 Securing A Strong Nursing Workforce for North Carolina
 
Top 10 Famous Indian Pornstar - Top 10 Female Porn Star Name List 2024
Top 10 Famous Indian Pornstar - Top 10 Female Porn Star Name List 2024Top 10 Famous Indian Pornstar - Top 10 Female Porn Star Name List 2024
Top 10 Famous Indian Pornstar - Top 10 Female Porn Star Name List 2024
 
Bobath Technique (Samrth Pareta) .ppt.pptx
Bobath Technique (Samrth Pareta) .ppt.pptxBobath Technique (Samrth Pareta) .ppt.pptx
Bobath Technique (Samrth Pareta) .ppt.pptx
 
The Events of Cardiac Cycle - Wigger's Diagram
The Events of Cardiac Cycle - Wigger's DiagramThe Events of Cardiac Cycle - Wigger's Diagram
The Events of Cardiac Cycle - Wigger's Diagram
 

Data Privacy and consent management .. .

  • 1. Welcome “Data Privacy and consent management in Clinical Research” Student’s Name :- K. Sailaja Student’s Qualification :- Pharm. D Student ID :- 022/022024 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 1
  • 2. Overview Data Privacy ( What and Why ). • Regulatory Framework • GDPR(principles ,Rights, Terminology), • HIPAA(Rules, Types of safeguards) • DPDPA-2023 • Difference between GDPR and DPDPA • Informed Consent Process • Consent Management Strategies. • Emerging Trends in Data Privacy & Consent Management 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 2
  • 3. Data Privacy VS Data Security VS Data protection What is Data Privacy? “Data Privacy” is an area of data protection that concerns the proper handling, processing, storage and usage of sensitive data including personal data, confidential data. The main aim is to meet the regulatory requirements and data protection laws as well as protecting the confidentiality of the data. What is Data Security ? “Data Security ” is focused on protecting personal data from any unauthorized third-party access or malicious attacks and exploitation of data. It is set up to protect personal data using different methods and techniques like network security, access control, breach response, encryption and multi-factor authentication. What is Data Protection? Roughly speaking data protection falls under three broad categories, namely traditional data protection such as back up and restore copies, data security, and data privacy. 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 3
  • 4. Regulatory Frameworks 1950 - European Convention on Human Rights 2003-2005 - Healthcare Insurance Portability and Accountability Act (HIPAA) – Privacy and Security Rules (USA) 2016-18 - General Data Protection Regulation (GDPR)(Europe) 2023 - Digital Personal Data Protection Act (DPDPA) (INDIA) 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 4
  • 5. General Data Protection Regulation (GDPR) ACT- 2018: What is GDPR? GDPR is a comprehensive data protection law in the European Union (EU) that regulates the processing of personal data. It aims to strengthen individuals' rights regarding their personal information and imposes obligations on organizations handling such data to ensure transparency, accountability and the lawful processing of data. GDPR Data Protection Principles ( Article 5.1-2) 1.”Lawfullness ,fairness and transparency 2. Data Minimization 3. Confidentiality and integrity 4. Accuracy 5. Accountability 6. Storage limitations 7. Purpose Limitations 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 5
  • 6. GDPR Terminology Personal Data: Any information related to an identified or identifiable natural person. This includes names, identification numbers, location data, online identifiers, or factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person. Data Subject: An identifiable natural person whose personal data is processed by a controller or processor. Data Controller: The entity that determines the purposes, conditions, and means of the processing of personal data. This could be an organization, business, or individual. Data Processor: An entity that processes personal data on behalf of the data controller. This could be a service provider or another organization. Processing: Any operation or set of operations performed on personal data, whether by automated means or not. This includes collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of data. Consent: Freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of their personal data. Data Protection Officer (DPO): An individual or organization appointed by a data controller or processor to oversee GDPR compliance and data protection strategy. 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 6
  • 7. GDPR Data Subjects Privacy Rights GDPR 2018 Right to Access Right to Rectification Right to Erasure (Right to be Forgotten) Right to Restrict Processing Right to Data Portability Right to Object Rights in Relation to Automated Decision Making and Profiling Right to Withdraw Consent 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 7 The General Data Protection Regulation (GDPR) grants several rights to individuals (subjects) regarding their personal data. Here is a list of the main rights granted to individuals under GDPR:
  • 8. Health Insurance Portability and Accountability Act,(HIPAA) 2003-2005 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch Privacy rule Security rule Breach notification rule Enforcement rule Healthcare Providers: This includes healthcare professionals such as doctors, nurses, psychologists, chiropractors, clinics, hospitals, nursing homes, and pharmacies, among others, who transmit any health information electronically in connection with transactions for which HHS has adopted standards. Health Plans: Health plans include health insurance companies, HMOs (Health Maintenance Organizations), company health plans, government programs such as Medicare and Medicaid, and other types of health insurance issuers. Healthcare Clearinghouses: These are entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa. This can include billing services, repricing companies, and community health management information systems. Health care /Business associates, which are persons or entities (other than members of the covered entity's workforce) who perform functions or activities on behalf of, or provide certain services to, a covered entity that involves the use or disclosure of protected health information (PHI). Examples of business associates include third-party administrators, billing companies, and legal services
  • 9. Rules of HIPAA PRIVACY RULE 2003 • The Privacy Rule of HIPAA, officially known as the Standards for Privacy of Individually Identifiable Health Information, sets national standards to protect individuals' medical records and personal health information (PHI). It regulates how covered entities use and disclose PHI, granting individuals rights over their health information and ensuring its confidentiality and security. The Privacy Rule applies to healthcare providers, health plans, and healthcare clearinghouses that transmit health information electronically. SECURITY RULE 2005 • The Security Rule of HIPAA establishes standards to safeguard electronic protected health information (ePHI). It requires covered entities to implement administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and availability of ePHI. The Security Rule aims to protect healthcare data from unauthorized access, use, or disclosure, thereby enhancing the overall security of electronic health information. Breach Notification Rule: The HIPAA Breach Notification Rule requires covered entities to notify affected individuals, the U.S. Department of Health and Human Services (HHS), and, in some cases, the media, following a breach of unsecured PHI. Covered entities must also notify HHS annually of breaches affecting fewer than 500 individuals and maintain documentation of breaches. Enforcement Rule: The HIPAA Enforcement Rule outlines the procedures and requirements for investigations and penalties related to HIPAA violations. It establishes the authority of the HHS Office or Civil Rights (OCR) to enforce HIPAA and impose civil monetary penalties for non-compliance) 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 9
  • 10. TYPES OF SAFEGUARDS 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 10 Organizations must document their security management process, analyze risks to ePHI and implement security measures to mitigate them EX: risk assessment , assigning a privacy official, staff training. Administrative Safeguards Organizations must control access to the physical facilities where ePHI and is stored and secure all workstations and devices that store or transmit ePHI EX:Alarm systems, Security systems, Locking areas where PHI is stored Physical safeguard Organizations must implement the technical safeguards that include hardware , software, and other technology to limit access to ePHI EX: Data encryption, antivirus software, automatic logoff and audit control. Technical safeguards
  • 11. Digital Personal Data Protection Act (DPDPA) The Digital Personal Data Protection Act (DPDP Act) of 2023 is a significant legislation enacted in India to regulate the processing, storage, and protection of personal data. SCOPE:. It aims to enhance data privacy and security standards within the country's digital ecosystem Consent: It emphasizes the importance of obtaining explicit and informed consent from data subjects before collecting, processing or sharing their personal data REQUIREMENTS:- • Obtain consent from individuals before processing their personal data • Use personal data only for the purposes for which it is collected • Protect personal data from unauthorized access, use, disclosure, alteration , or destruction • Respond to individual’s requests for access, correction , deletion and objection . • Report data breaches to the DPA • KEY DATES: Effective from 1/01/2024,complained to be determined but could be as soon as June 2024 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 11
  • 12. Differences between GDPR and DPDP 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 12 PROPERTY GDPR –EUROPEAN UNION DPDPA -INDIA Jurisdiction applies to all member states of the European Union and also governs the processing of personal data of EU citizens wherever it occurs globally. applies solely to India, Scope: GDPR covers a broader range of data including personal data, sensitive personal data, and data related to criminal convictions and offenses. DPDPA regulates the processing of personal data within India Definitions and Categories: PII(Personal identifiable information) It applies to a broader range of personal data ,including data that is not stored /processed electronically PII:-This act only applies to digital personal data Penalties €20 million or 4% of the company's global annual revenue, 150 crore INR- 250crore INR DPDP -INDIA GDPR-EU WHAT IS IT Data Principal Data Subject Person whose data is being referred to Data Fiduciary Data Controller Decision maker of how data is to be processed Data Processor Data Processor Entity that performs the processing of data Data Protection Officer(DPO) Data Protection Officer(DPO)
  • 13. INFORMED CONSENT PROCESS Record Keeping. Method of Consent Withdrawal of Consent Consequences of Consent: Rights of the Data Subject Legal Basis for Processing Purpose of Data Processing Description of Data Identity of the Data Controller Provide Clear Information 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 13
  • 14. CONSENT MANAGEMENT STRATEGIES Clear Documentation: Provide clear and comprehensive consent forms that outline the purpose of the research, procedures involved, potential risks and benefits, confidentiality measures and participant rights. Use simple language understandable to the target population. Informed Consent Process: Conduct face-to-face meetings between researchers and participants to explain the research study thoroughly. Allow ample time for participants to ask questions and make an informed decision. Ensure that participants understand the information provided before obtaining their consent. Consent Training for Researchers: Train researchers and staff involved in obtaining consent to ensure they understand the importance of informed consent and how to communicate effectively with participants. This training should include ethical considerations, communication skills, and protocols for obtaining and documenting consent. Respect for Autonomy: Respect participants' autonomy by allowing them to make voluntary and informed decisions about participating in the research study. Avoid coercion or undue influence and ensure participants have the freedom to withdraw from the study at any time without consequences. 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 14
  • 15. CONSENT MANAGEMENT STRATEGIES Consent Reiteration: Reinforce consent throughout the research process, reminding participants of their rights and the study's procedures. Provide ongoing opportunities for participants to ask questions and seek clarification as needed. Consent Tracking and Documentation: Maintain accurate records of the consent process, including signed consent forms, documentation of discussions with participants, and any amendments to the consent documents. Ensure confidentiality and secure storage of consent- related information. Adaptation to Participants' Needs: Tailor the consent process to accommodate participants' cultural, linguistic, and cognitive needs. Use interpreters or translated materials when necessary, and provide additional support for participants with limited literacy or comprehension skills. Regular Review and Updates: Regularly review consent procedures to ensure they comply with current ethical guidelines and regulatory requirements. Update consent forms and processes as needed based on feedback from participants, researchers, and ethical review boards. 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 15
  • 16. Emerging Trends in Data Privacy &Consent management • Block chain technology • Decentralized identifiers • Artificial Intelligence(AI) consent process • Consent Management Platforms • Enhanced participant Education Tools • Consent for Digital Health Ecosystems • Biometric Authentication for Consent 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 16
  • 17. Thank You! www.clinosol.com (India | Canada) 9121151622/623/624 info@clinosol.com 10/18/2022 www.clinosol.com | follow us on social media @clinosolresearch 17