Exco InTouch partners with Regulatory Strategies to meet data regulations
The upcoming reforms, which are expected to take effect in 2018, are designed to strengthen data protection policies, procedures, systems, and controls of UK and European organizations.
“EU regulation changes can be complex and there are currently quite a few changes happening right now,” Dale Jessop, Chief Technology Officer, Exco InTouch, told Outsourcing-Pharma.com.
Regulatory Strategies’ experience is in data protection within the financial industry, where regulations levels are notoriously high. According to Jessop, through the new partnership, Exco InTouch will be able to meet the higher standards which will soon be required for data security and protection in the pharmaceutical industry.
“At Exco InTouch we recognize that it is vital for us to fully understand what is happening and how this will impact our business to ensure we protect our clients’ data,” added Jessop. “Data protection standards continue to be raised within the clinical trials and healthcare markets.”
As part of this, companies responsible for handling sensitive data will be required to have a designated Data Protection Officer. Additionally, Jessop explained that companies should be aware of implications following the European Court of Justice’s ruling invalidating the US-EU Safe Harbor Framework on October 6, 2015.
The new framework, the EU-US Privacy Shield, was agreed upon in February of this year and will help protect personal data transferred to US companies.
“Another important change the industry must prepare for relates to the General Data Protection Regulation (GDPR) that the European Commission intends to replace the Data Protection Directive,” added Jessop.
Under the GDPR, companies responsible for handling sensitive data will be required to have Data Protection Officers in place by 2018.
“The new regulation looks to strengthen and unify data protection for individuals within the European Union. It also addresses export of personal data outside the EU,” explained Jessop. “Companies who act as Data Controllers or Data Processors must understand the legal ramifications of this act and update their processes according.”