Quick links

Clinical Trials
and Privacy

A cross-border guide on privacy
requirements for clinical trials

Compare privacy requirements for clinical trials

Clinical trials often take place on a cross-border basis, involving sites in a number of different jurisdictions. However, experience shows that it can be difficult to understand and manage the privacy requirements for cross-border trials. In a large part, this is due to differences in local law and interpretation relating to the interplay between privacy laws and clinical trials. This is the case even within the EU: although the GDPR is directly applicable in all member states, there are often differences in the way these countries, and their national privacy and medicines regulators, interpret and apply the Regulation to the context of clinical trials.

This Guide – created by privacy professionals from our global Life Sciences sector team – covers privacy requirements in over 25 jurisdictions and provides useful guidance for industry. 

    • no results

    • no results

Explore by country

Select a country below to start browsing content.

World map

Glossary of terms

Anonymization means the processing of personal data in such a manner that the personal data cannot irreversibly be attributed to a specific individual. Anonymized data is no longer considered personal data under the GDPR and other data privacy laws covered by this Guide.

Encrypted participant data means that in order to protect data participant’s data confidentiality, his/her is translated into another form or code, so that this data can be red only by people with access to a secret decryption key. 

Key-coded clinical trial data is data where the identity of the individual clinical trial participant is replaced with a unique subject identification code, and the ‘key’ which can be used to re-identify the participant is held by the Principal Investigator.

Pharmacovigilance means the activities relating to the detection, assessment, understanding and prevention of adverse effects or any other medicine-related problem.  

Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific individual without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable individual. Pseudonymized data is still considered personal data under the GDPR and other data privacy laws covered by this Guide.