Regulations

The Rise Of The CTIS

The Clinical Trials Information System (CTIS) is the new unified system sponsors must use to obtain the authorization for their clinical trials. This system increases the transparency and availability of information on clinical trials and their results as it makes data accessible to the public. The European Medical Agency released a guide on the management of personal data in structured data fields and documents submitted to the CTIS.

Click to read more

EU Cloud certification headed for tiered approach on sovereignty criteria

The European Cloud Services scheme is a voluntary certification under the EU Cybersecurity Act. It might become mandatory for essential or important entities. Such entities are defined in another european legisaltion, NIS 2.

The draft of this service distinguishes between EU et non-EU entities for its certification criterias. The certification scores entities as different assurance levels: basic, substantial, high and high .  A non EU company won't be able to be scored as high in this service, as only sovereign companies can obtain this score.

Click to read more

AI Act

The new European AI Act passed the vote of the committee on May 11th. The European Parliament’s Civil Liberties and Internal Market committees adopted the text by a large majority. The text is mostly consolidated and thus won't change much more even after the plenary vote in mid-June. This AI Act will define the legal obligations of all companies who develop AI algotihms or wish to use AI.

Click to read more

BioTech & MedTech

Digital Health Technology In Clinical Trials

Recent studies have shown a rise of the use of digital health technology in clinical trials. Some even project that up to 70% of clinical trials will incorporate wearable sensors by 2025. But this also raises a great number of challenges, as the use of such technologies increases the digital divide.  

Click to read more

FDA Encourages Decentralized Trials With New Guidance

The american Food and Drug Administration knows that new technologies present new challenges, especially for decentralized trials. The FDA published a draft guidance titled "Decentralized Clinical Trials for Drugs, Biological Products, and Devices, Guidance for Industry, Investigators, and Other Stakeholders". This guidance covers a vast array of topics, such as the conduct of a decentralized trial, the use of digital health technologies to remotely acquire data,  sponsor and investigators roles...

Click to read more

Artificial Intelligence

WHO Calls For Safe And Ethical AI For Health

The World Health Organization warns against the hasty adoption of untested systems. The use of AI, particularly large language model (LLMs) should respect the values of transparency, inclusion, public engagement, expert supervision, and should be subject to rigorous evaluation. WHO fears that the adoption of AI on a large scale would be delayed as the adoption of untested systems could lead to errors by health care workers and cause harm to patients. WHO suggests that their concerns be taken into account and that new regulations see the day to establish a solid framework around those systems.

Click to read more

ChatGPT The Empathic Doctor

An ER doctor used ChatGPT not as a diagnostic tool, but as a valuable empathic explaining tool. Doctors, short on time, have to explain the situation to family members, who sometimes don't understand what they are trying to say. They might even refuse the treatment because of a misunderstanding. This is where AI intervenes. The doctor rsummarizes the situation to the AI and the AI produces an empathic explanation. This explanation is verified by the medical staff, might be a real gain of time and help the families.Monitoring is however key as sensitive data from patients cannot be shared with AI systems that easily.

Digital Therapeutics

The FTC And The Health Breach Notification Rule

The Federal Trade Commission has been very active these last few months as it enforced the Health Breach Notification Rule pertaining to digital health apps. It is now proposing amendments to clarify the Rule’s applicability to health apps and other similar technologies. The changes include a new definitions for health data and security breaches. This will help regulate the boom of digital health apps and devices that are not covered by the HIPAA.

Click to read more

Data Privacy Enforcement

EU Court Issues ‘Prudent’ Ruling On Compensation For Data Protection Breaches

This ruling decided on the conditions under which damages caused by an infringement of the General Data Protection Regulation (GDPR) could be deemed serious enough that a claimant would expect compensation. It concluded that not every infringement of the GDPR gives rise, in itself, to a right to compensation. There must be a causal link between the infringement and the damage suffered. It also concluded that the right to compensation is not limited to non-material damage that reaches a certain threshold of seriousness. It is up to court Member States courts to define the the criteria that will qualify an infringement that needs to be compensated.

Click to read more

Health Data And Use Of Cookies: French SA Fines DOCTISSIMO

Doctissimo, a website with quizzes and articles related to health, was condemned by the French Supervisory Authority (SA) to a  280 000€ fine for GDPR infringements and 100 000€ fine regarding a breach of  French Data Protection Act rules on cookies and other trackers. All in all  5 breaches in total were found:

 - A failure to store data for longer than it is necessary for the purposes for which they are processed (Article 5.1(e) GDPR)

  - A failure to obtain consent from individuals to collect their health data (Article 9 GDPR)

  - A failure to provide a formal legal framework for the processing operations carried out jointly with another data controller (Article 26 GDPR)

  - A failure to ensure the security of personal data (Article 32 GDPR)

  - A failure to comply with obligations related to the use of cookies (Article 82 of the Data Protection Act)  

Click to read more

Home

Discover our latest newsletter

View All Newsletters
Dec 2024
Regulations & Guidelines
Biotech & Healthtech
AI
Data Governance
Data Privacy Enforcement

Newsletter #20

🌎 This month, key updates include Brazil’s introduction of a new SCC-based framework for international data transfers. 📋 The EDPB shared its evaluation of the EU-US Data Privacy Framework. 🤖 Advancements in AI-driven health solutions, such as Sanofi’s Muse for clinical trial recruitment, were also highlighted. 🧬 Discussions focused on genomics privacy, neural data protection, and the transformative role of AI in healthcare and compliance landscapes.

Nov 2024
Regulations & Guidelines
Podcasts
AI
Data Breach & Cybersecurity
Data Privacy Enforcement

Newsletter #19

In October, key developments in data privacy, AI, and cybersecurity emerged, including new GDPR accountability guidance for controllers, the introduction of the UK’s Data Bill 2024, and the FDA's call for coordinated AI regulation in healthcare. High-profile data breaches also highlighted vulnerabilities in health data, underscoring the need for stronger, globally aligned privacy standards.

Oct 2024
Data Privacy Enforcement
Healthcare
Regulations & Guidelines
AI
Biotech & Healthtech

Newsletter #18

Get up to speed with the latest in data protection regulations and healthtech innovations, including updates from Brazil, the UK, and California, along with advancements in AI-driven healthcare solutions. Plus, explore major privacy enforcement actions and key developments shaping the future of digital health.