Regulations & Guidelines
Brazil Introduces New SCC-Based Framework for International Data Transfers
Realising the imperative of addressing international data transfers, Brazil’s General Data Protection Regulation (LGPD) now regulates such transfers using mechanisms similar—but not identical—to the GDPR, including standard contractual clauses (SCCs), as outlined in the new Resolution of the Brazilian Data Protection Authority (ANPD). This comprehensive legal framework strives to safeguard the rights of Brazilian citizens, by aligning with global data transfer standards.
UK: ICO Urges Collaboration in Genomics Innovation
The UK Information Commissioner’s Office (ICO) emphasises the importance of safeguarding privacy amid rapid advancements in genomics. Highlighting concerns over data protection, the ICO calls for collaboration with developers to ensure innovations align with privacy standards. A newly released report outlines the potential of genomics while advocating for a balanced approach that prioritises data protection and ethical practices.
EDPB Releases First Report on EU-US Data Privacy Framework
The European Data Protection Board (EDPB) has released its first report under the EU-US Data Privacy Framework (DPF), highlighting positive developments and recommending key improvements. The report evaluates the framework’s alignment with EU data protection standards, aiming to ensure it effectively safeguards the privacy rights of EU citizens while facilitating transatlantic data flows. In addition, the EDPB issued a statement focused on access to data by U.S. authorities for law enforcement purposes.
EFPIA Highlights Role of AI in Transforming the Medicinal Product Lifecycle
The European Federation of Pharmaceutical Industries and Associations (EFPIA) has released its position paper on the use of artificial intelligence (AI) across the medicinal product lifecycle. The paper emphasises the transformative potential of AI to improve efficiency and innovation in areas such as drug discovery, clinical trials, and regulatory processes, while addressing ethical, legal, and data protection challenges to ensure responsible AI adoption.
Data Privacy Enforcement
HIPAA Settlement: Plastic Surgery Associates Fined $500K After Data Breach
Plastic Surgery Associates of South Dakota agreed to a $500,000 settlement with the Office for Civil Rights following HIPAA Security Rule violations exposed by a ransomware attack affecting over 10,000 patients. The company must now implement a corrective action plan, including risk analysis, security measures, incident procedures, and HIPAA compliance training.
Techbio & AI
Muse: AI-Powered Tool Enhancing Clinical Trial Recruitment
Sanofi, OpenAI, and Formation Bio have unveiled their first AI-powered tool, Muse, designed to streamline patient recruitment for clinical trials, including upcoming Phase 3 multiple sclerosis studies. Built on OpenAI’s GPT-4, Muse assists with tasks like patient segmentation, engagement strategies, and regulatory compliance, marking a significant step in Sanofi’s ambition to become the first AI-powered pharma company at scale.
AI and Immunoscience: Transforming the Future of Medicine at Sanofi
Sanofi is revolutionizing immunoscience by combining AI with cutting-edge research to accelerate drug discovery, improve clinical trial success rates, and develop precision treatments for a wide range of diseases, including rare conditions. By leveraging AI-powered insights and tools like in silico trials and digital twins, Sanofi is pushing the boundaries of medicine, aiming to deliver innovative therapies faster and more efficiently while maintaining ethical and eco-responsible practices.
Biotech, Healthtech & Healthcare
Unlocking the Potential of Voice Data in Clinical Trials
Voice and speech data are recognized as valuable tools for clinical trials, offering non-invasive methods for health monitoring and supporting decentralized research. Challenges such as the need for standardized protocols and addressing privacy concerns are noted, with collaborative efforts encouraged to establish guidelines and ethical frameworks for effective integration into clinical research.
23andMe Restructures: Shutting Therapeutics Division and Cutting Workforce
23andMe announced the closure of its therapeutics division, the winding down of clinical trials, and a 40% workforce reduction, aiming to save $35 million annually as part of its restructuring. These measures follow ongoing struggles with its dual business model, a significant decline in market valuation, and leadership changes after board disagreements.
Data Governance
NumSpot to Launch Secure Sovereign Cloud for Strategic Sectors in 2025
NumSpot announced the launch of its secure sovereign cloud platform in early 2025, designed to meet the needs of strategic sectors like healthcare, offering enhanced data protection and compliance with stringent European regulations. The platform will include advanced IaaS (Infrastructure as a Service) and PaaS (Platform as a Service) services, targeting public administrations, hospitals, and large enterprises facing data sovereignty challenges.
Food For Thought
Strengthening Neural Data Protection in the Age of AI Neurotech
Experts argue that neural data from brain tech devices requires stronger protection, as it can reveal sensitive personal information and is not adequately safeguarded under current laws for consumer devices. While the EU’s GDPR provides some protections, there are calls for enhanced measures, including specific neural data regulations, to ensure privacy and address the potential risks posed by AI-enhanced neuro technologies.
Podcasts
iliomad's News
IAPP European Data Congress 2024
iliomad attended the European Data Privacy Congress 2024 in Brussels. The event heavily focused on AI while also addressing our field of expertise through a specific panel on clinical trials, where harmonization was a central topic of discussion. NIS2 was also discussed as the second version of the directive comes into force.
AI For Health Summit 2024
iliomad participated in the AI for Health event by Artefact at Station F, the world’s largest startup campus based in Paris. The event focused on AI, with key insights highlighting concerns about compliance with privacy laws and upcoming AI regulations.
Sign up for our newsletter
We like to keep our readers up to date on complex regulatory issues, the latest industry trends and updated guidelines to help you to solve a problem or make an informed decision.
Newsletter #20
🌎 This month, key updates include Brazil’s introduction of a new SCC-based framework for international data transfers. 📋 The EDPB shared its evaluation of the EU-US Data Privacy Framework. 🤖 Advancements in AI-driven health solutions, such as Sanofi’s Muse for clinical trial recruitment, were also highlighted. 🧬 Discussions focused on genomics privacy, neural data protection, and the transformative role of AI in healthcare and compliance landscapes.
Newsletter #19
In October, key developments in data privacy, AI, and cybersecurity emerged, including new GDPR accountability guidance for controllers, the introduction of the UK’s Data Bill 2024, and the FDA's call for coordinated AI regulation in healthcare. High-profile data breaches also highlighted vulnerabilities in health data, underscoring the need for stronger, globally aligned privacy standards.
Newsletter #18
Get up to speed with the latest in data protection regulations and healthtech innovations, including updates from Brazil, the UK, and California, along with advancements in AI-driven healthcare solutions. Plus, explore major privacy enforcement actions and key developments shaping the future of digital health.
