Pharmaceutical Company to Plead Guilty and Settle Drug Marketing Charges

Hunton Privacy

Recently, Aegerion Pharmaceuticals announced that it will enter into several settlements and plead guilty to two misdemeanors in connection with alleged violations of HIPAA, drug marketing regulations and securities laws. The specific violations of HIPAA have not been made public, but an Aegerion spokesperson stated that it “does not relate to a breach of our privacy or security with respect to patient health information.”. Enforcement Health Privacy U.S.

Using a 'Privacy by Design' Approach to GDPR Compliance

Data Breach Today

To prepare for compliance with the EU's GDPR, which will be enforced beginning in May, organizations must adopt a "privacy by design" approach, says Subhajit Deb, CISO at Dr. Reddy's Laboratories, an India headquartered pharmaceutical company that does business in 11 countries

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

My Health Record 'identical' to failed UK scheme, privacy expert says

The Guardian Data Protection

Care.data was cancelled because drug and insurance companies were able to buy patient data Australia’s impending My Health Record system is “identical” to a failed system in England that was cancelled after it was found to be selling patient data to drug and insurance companies , a British privacy expert has said. Related: My Health Record: privacy, cybersecurity and the hacking risk Continue reading. Health Data protection Australia news Technology Privacy Pharmaceuticals industr

Business Process Modeling Use Cases and Definition

erwin

s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) are requiring businesses across industries to think about their compliance efforts. What is business process modeling (BPM)? A visual representation of what your business does and how it does it.

Maintaining Regulatory-Compliant Cloud Solutions

Perficient Data & Analytics

But there are also several risks to consider, including physical and technical security, privacy and confidentiality, technical support, enhancements, application uptime/availability, vendor stability, and data mobility – the ability to extract data from the system.

Cloud 45

Australian government secretly releasing sensitive medical records to police

The Guardian Data Protection

Lawyers and health privacy advocates condemn laxness of privacy provisions in guidelines The Australian government is releasing highly sensitive medical records to police through a secret regime that experts say contains fundamentally flawed privacy protections.

How To Qualify Cloud Vendors

Perficient Data & Analytics

Because the ultimate responsibility for regulatory compliance lies with you – the pharmaceutical or medical device company – you need to be much more proactive and critical. Security, privacy, and confidentiality of customer data. We recently completed a 21 CFR Part 11 gap analysis engagement for a client that was largely using SaaS applications, but had no cloud vendor qualification process in place.

Cloud 40

Encryption – A Feasible Savior against Prevalent Privacy Issues in Business Communication

Security Affairs

Impact of Privacy & Security Issues in Business Communication. Safeguard the integrity of intellectual property, especially when there’s a risk of corporate espionage, which is prevalent in industries like pharmaceuticals, etc.

Privacy and Cybersecurity Top 10 for 2018

Data Matters

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR. United States , a case that could have wide-ranging effects on the meaning of privacy and the ability to collect records of citizens’ location.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act. The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences companies.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act. The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences companies.

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act. The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences companies.

Your DNA is a valuable asset, so why give it to ancestry websites for free? | Laura Spinney

The Guardian Data Protection

Perhaps they should be paying us The announcement by 23andMe, a company that sells home DNA testing kits, that it has sold the rights to a promising new anti-inflammatory drug to a Spanish pharmaceutical company is cause for celebration. But a few weeks later the same company announced that it was laying off workers amid a shrinking market that its CEO put down to the public’s concerns about privacy. Genetics Biology Science Privacy Data protection Technology World news

CVS Sued for Alleged Privacy Violations

Hunton Privacy

The letters encouraged the physicians to prescribe drugs made by pharmaceutical manufacturers, who paid CVS to send them. This purported disclosure of PHI would violate the HIPAA Privacy Rule’s prohibitions against disclosing PHI for marketing purposes without an individual’s authorization. The Texas complaint alleged that CVS disclosed PHI to pharmaceutical manufacturers for the manufacturers’ marketing purposes.

The Importance of EA/BP for Mergers and Acquisitions

erwin

Industry-specific regulations in areas like healthcare, pharmaceuticals and financial services have been in place for some time.

New Data Protection-Friendly eCommercial Model Clinical Trial Agreements Now Available

HL Chronicle of Data Protection

International/EU Privacy Clinical Research Organisation model Clinical Trial Agreement clinical research organisations COVID-19 CRO CRO-mCTA data protection DPA EU General Data Protection Regulation GDPR guidance mCTA privacy template UK Data Protection Act 2018 UK model Clinical Trial Agreement

Article 29 Working Party Releases Opinion on EU-U.S. Privacy Shield

Hunton Privacy

Privacy Shield (the “ Privacy Shield ”) draft adequacy decision. The Privacy Shield was created to replace the previous Safe Harbor framework invalidated by the Court of Justice of the European Union (“CJEU”) in the Schrems decision. The Working Party also published a Working Document on the justification for interferences with the fundamental rights to privacy and data protection through surveillance measures when transferring personal data (European Essential Guarantees).

Supreme Court Strikes Down Vermont Prescriber Privacy Law

Hunton Privacy

Vermont’s law was intended to limit the process of “detailing” whereby pharmaceutical manufacturers use prescriber-identifiable information to “ascertain which doctors are likely to be interested in a particular drug and how best to present a particular sales message.” The law also mandates that “[p]harmaceutical manufacturers and pharmaceutical marketers shall not use prescriber-identifiable information for marketing or promoting a prescription drug unless the prescriber consents.”.

Anonymization & Pseudonymization as Tools for Cross-Border Discovery Compliance

ARMA International

However, the data privacy and data protection rules of many countries prohibit companies from transferring to the United States (or making accessible in the United States) documents containing personal information of persons within their countries (“data subjects”). Privacy Policy Template.

HHS Issues New Model Privacy Notice for PHR Vendors

Hunton Privacy

On September 12, 2011, the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (“ONC”) unveiled a model privacy notice for personal health records (the “PHR Model Privacy Notice”). The PHR Model Privacy Notice was developed by ONC in collaboration with consumers and vendors of personal health records (“PHRs”).

The Belgian Data Protection Authority Publishes Recommendation Concerning Data Processing for Direct Marketing Purposes

HL Chronicle of Data Protection

For example, a public administration targeting specific groups susceptible to specific diseases does not engage in direct marketing unless a specific medicinal product and/or pharmaceutical company is mentioned.

List of data breaches and cyber attacks in January 2020 – 1.5 billion records breached

IT Governance

Investigation underway into privacy breach at City of Corner Brook’s website (unknown). H&M under investigation amid claims of massive privacy breach (unknown). Four Hyderabad men arrested for stealing sensitive information from a pharmaceutical firm (unknown).

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

The Last Watchdog

Its customer base is comprised of eight of the top 15 banks, four of the top six healthcare insurance and managed care providers, nine of the top 15 property and casualty insurance providers, five of the top 13 pharmaceutical companies, and 11 of the largest 15 federal agencies. All these privacy regulations have a direct impact on IGA service, which help companies automate, as much as possible, governance processes, as a foundation proving compliance. “In

French Court Rules Investigation by Competition Authority Did Not Breach Employee Privacy Rights

Hunton Privacy

The agents had been authorized by a lower court judge to inspect the emails pursuant to an investigation into an alleged abuse of dominant position in the pharmaceutical market. As a result, private documents belonging to employees and third parties were included in the search, in alleged violation of those individuals’ privacy rights, the right to secrecy of correspondence and the right to protection of personal data.

Metadata Management, Data Governance and Automation

erwin

Of course, data governance has evolved with astonishing speed, both in response to data privacy and security regulations and because organizations see the potential for using it to accomplish other organizational objectives. Can the 80/20 Rule Be Reversed?

CIPL Co-Hosts Workshop on GDPR and Scientific Health Research

Hunton Privacy

the “Workshop”) with the European Federation of Pharmaceutical Industries and Associations (“EFPIA”) and the Future of Privacy Forum (“FPF”) to address the challenges raised by the EU General Data Protection Regulation (“GDPR”) in conducting scientific health research. Centre for Information Policy Leadership European Union Events Health Privacy International Article 29 Working Party Belgium Bojana Bellamy EU Regulation Risk-Based Approach

Cryptoassets and Smart Contracts – UK Offers Legal Clarity

Data Matters

Distributed ledger and blockchain-based projects are being launched in a wide range of different industries, from retail consumer goods to pharmaceuticals and electricity and power networks to global shipping. The post Cryptoassets and Smart Contracts – UK Offers Legal Clarity appeared first on Data Matters Privacy Blog. European Union Financial Privacy FinTech International

Cryptoassets and Smart Contracts – UK Offers Legal Clarity

Data Matters

Distributed ledger and blockchain-based projects are being launched in a wide range of different industries, from retail consumer goods to pharmaceuticals and electricity and power networks to global shipping. The post Cryptoassets and Smart Contracts – UK Offers Legal Clarity appeared first on Data Matters Privacy Blog. European Union Financial Privacy FinTech International

Highest European Court Confirms: No Presumption of Confidentiality Over Documents Submitted in Marketing Authorization Dossier

Data Matters

Although the pharmaceutical industry has supported transparency as a principle underpinning the proper functioning of the European institutions, the commercial and strategic implications from wide access to sensitive commercial data cannot be disregarded. Pharmaceutical companies will continue to ensure that they can provide inclusive data supporting their MA applications while considering how best to preserve their valued know-how.

Customer Experience Trends: How To Stand Out From the Crowd

Reltio

Every organization — from mom and pop shops to pharmaceutical manufacturers — must adopt tools and techniques for providing the hyper-personalized experiences customers require at every touchpoint in their journey. .

July 9 – 13, 2019

InfoGovNuggets

Violation of prior consent order involving user privacy leads to big fine and additional controls. Privacy, Governance. “ Schools Wrestle With Privacy of Digital Data Collected on Students ,” The Wall Street Journal , July 11, 2019 (online). Privacy is pricey. District Court judge says Health and Human Services didn’t have the authority to require pharmaceutical companies to publish these prices.

Today We are Launching a new Series of Information Governance Case Studies

IGI

Our first Snapshot focuses on the interplay between IG and privacy by telling the story of Sarah, an attorney in a large pharmaceutical company who leveraged GDPR compliance momentum to build a broader IG program. We are pleased to bring the IGI community another series of case studies about how professionals like you are tackling IG. In 2016, we worked with IG Charter Supporter, OpenText, to create the first series of Snapshots, which is now among our most widely-read publications.

House of Representatives Passes Bill to Permit Broader Use and Disclosure of Protected Health Information for Research Purposes

Hunton Privacy

Currently, the HIPAA Privacy Rule permits the use and disclosure of PHI for research purposes without requiring authorization from an individual but does require that any waiver of the authorization requirement be approved by an institutional review board or a privacy board. Permit remote access to PHI so long as the covered entity and researcher maintain “appropriate security and privacy safeguards” and the PHI is “not copied or otherwise retained by the researcher.”

Information security and compliance training for the healthcare sector

IT Governance

Pharmacies, rehabilitation care, social care, medical research and pharmaceuticals all rely on this data being available to individuals delivering their services. The GDPR provides a single, harmonised data privacy law for the EU.

CIPL and AvePoint Release Global GDPR Readiness Report

Hunton Privacy

The impetuses for the survey were the many significant changes the GDPR will bring to companies’ management and processing of personal data, their privacy compliance programs and their IT systems and infrastructure. Telecommunication and technology companies were the most represented respondents, followed by insurance and financial services companies, as well as pharmaceutical and healthcare companies. Privacy Shield. Privacy Shield.

FINLAND: PARLIAMENT APPROVES NEW ACT ON THE SECONDARY USE OF SOCIAL AND HEALTH CARE PERSONAL DATA

DLA Piper Privacy Matters

All of this means there are better opportunities for innovative product development by e.g. start-ups and pharmaceutical companies, which may generate considerable external societal advantages as well. This way, the principle of publicity and privacy shall be balanced on case-by-case basis. The governmental proposal concerning the Act has provoked plenty of public discussion as regards to sensitive data and privacy. By Joonas Dammert. Background.

Think Outside of the Gartner Magic Quadrant for Master Data Management Solutions to Deliver Connected Customer Experiences

Reltio

And to that earlier PwC data point about trust and privacy, no pure-play MDM tool can manage consent and compliance. . And some enterprises may be so stymied by data privacy and protection mandates that they stop using customer data to its full potential. . Customer experience.

China’s First Data Protection Measures Lifting Its Veils

HL Chronicle of Data Protection

In common with the current requirements set out in the Specification, the draft Data Security Measures require network operators, who collect personal data via cyber tools such as websites or mobile applications (“ Apps “), to formulate and publish a personal data collection statement (which is typically a privacy notice) in a specific, reader-friendly and readily accessible manner.

EDPB’s Position on Clinical Trials Creates Friction with Other EU Legislation

HL Chronicle of Data Protection

A basic legal requirement that pharmaceutical and medical device companies conducting clinical trials must always respect when conducting a clinical trial is the obligation to obtain patients’ consent to their participation for clinical trials.

Security in a World of Physically Capable Computers

Schneier on Security

The European Union is leading the way in this regard: they've passed a comprehensive privacy law , and are now turning to security and safety. It's no secret that computers are insecure.