By Alok Tayi, Ph.D.
The General Data Protection Regulation (GDPR) is a significant advancement of consumer data protection rights. The European member states agreed to a set of principles that would penalize organizations that don’t safeguard personal identifying information (PII). While it was hailed as the most consumer-friendly data protection regulation at the time of passing, many countries followed the EU’s lead and harmonized their laws to match - with some even surpassing- GDPR’s principles-based approach to data privacy.
The EU Regulation often overshadows other regional privacy regulations because it is so broad in scope, the penalties are significant, and it affects the second-largest economic area in the world. But it would be foolish to overlook the regulations in other privacy-minded nations and jurisdictions, some of which you are probably doing business in right now.
If your team or clinical trial operates in the EU, California, S Korea, Australia, or a dozen other countries, your data could be subject to strict privacy laws. Violating GDPR, PIPA, APP, or CCPA, among others, have serious consequences for your program. Learn how to mitigate risk and keep on the right side of regulators.