GDPR, Data integrity, Clinical Research and YOU:

Perhaps you have been hearing a lot about the new EU data protection law, the GDPR, which is set to become effective in May 2018—only a few months from now?

If you . . .

  • run global clinical trials with investigator sites in the EU
  • provide outsourced services for global clinical trials with investigator sites in the EU
  • develop software or devices that collect clinical data for clinical trials with investigator sites in the EU

. . . you need to be thinking of how the GDPR applies to you.

The GDPR is the new comprehensive EU data protection law intended to harmonize data protection across the EU Member States. It also enhances the rights of data subjects in a number of respects, including enhancing the obligations of data processors as well as data controllers and requiring data privacy by design—so outsource organizations like CROs and Central Labs will see an impact as will those who develop software for clinical data collection.

The good news is that your enterprise program for achieving compliance with the GDPR also can be leveraged to achieve enhanced data integrity and GxP compliance overall. The documentation requirements for GDPR and the Article 25 requirement for data privacy by design can strategically reinforce your data integrity and computerized system validation compliance as well.

For more information, contact WT Koch GCP Consulting at


I live in Fabulous New York

but my clients are global in scope.