Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Paula Garcia

Posts by Paula Garcia
Posted in International/EU Privacy

New Data Protection-Friendly eCommercial Model Clinical Trial Agreements Now Available

Updated versions of the UK model Clinical Trial Agreement and the Clinical Research Organisation model Clinical Trial Agreement have been published. Given the increasing importance of safe but swift clinical trials in the time of coronavirus, this post outlines the main changes introduced from a data protection perspective and what they mean for contracting parties.

Posted in International/EU Privacy

EU-U.S. Privacy Shield Passes Its Third Annual Review

Following the joint press statement from Commissioner Věra Jourová and Secretary of Commerce Wilbur Ross of 13 September, on 23 October 2019 the European Commission published its report on the third annual review of the functioning of the EU-U.S. Privacy Shield. In a nutshell, the report of the third review found that the U.S. continues to provide an adequate level of protection for personal data transferred under the Privacy Shield from the EU to participating companies in the U.S.

Posted in Health Privacy/HIPAA, International/EU Privacy

Medical Research Council Advises on How to Anonymise Information for Research Purposes

Anonymisation has always been (and still is) a real challenge for those carrying out clinical research. To shed some light on this matter, the Medical Research Council – which is part of UK Research and Innovation – has recently published guidance on Identifiability, anonymisation and pseudonymisation. Although the guidance itself states that it has been developed with the participation of the Information Commissioner’s Office, it is not ICO-approved and so institutes and organisations should be cautious when relying on the criteria set out in the guidance.

Posted in International/EU Privacy

The ICO Updates Its Data Sharing Code of Practice

On 9 July 2019 the UK data protection authority updated its Data Sharing Code of Practice (first published in 2011). On the same day, the ICO also announced its intention to fine Marriott International just over £99m for infringements of the General Data Protection Regulation, highlighting the importance of due diligence in the context of data sharing.