The new EU General Data Protection Regulation (GDPR) requires non-EU companies operating in the EU who control or process sensitive personal data (such as medical data of patients participating in clinical trials) to appoint an EU representative who will act as a point of contact for requests by the supervisory authorities or data subjects, and who will represent the controller or processor regarding their obligations under the GDPR. The GDPR also requires, under certain conditions, that a Data Protection Officer (DPO) be appointed and it is recommended that such a DPO be located within the EU for accessibility. It is also recommended that a DPO be appointed on a voluntary basis to better ensure compliance with EU data protection issues in general and those related to sensitive personal data and clinical trials in particular. We offer DPR and DPO-related services including the provision and advice on privacy and data protection, monitoring compliance, and acting as a contact point for supervisory authorities. Contact us today to learn more.
