Tag Archives: GDPR interpretation

Takeaways from the EU Pharmaceutical Law Forum in Brussels

I really enjoyed attending and speaking at the EU Pharmaceutical Law Forum in Brussels this week. The event offered a number of insights into the legal challenges faced by the life sciences industry in an ever-evolving regulatory landscape. These are the main takeaways from the conference:

#1: Clearly, the political climate is not favorable to pharma and med-tech companies. A number of measures have been proposed at various levels that would significantly decrease the incentives to innovation that companies currently enjoy. Such proposed measures range from halving the term of protection for orphan drugs exclusivity to compulsory licensing of drug patents, from incentives to drug compounding by pharmacies to mandatory price reductions. The general public and the media continue to have a negative perception of the industry and the regulatory framework appears to be evolving in a restrictive way.

#2: Despite the uniform letter of GDPR throughout the Member States, interpretation of data protection rules continues to be very different throughout Europe. This is especially clear in the field of clinical trials, where there is a patchwork of legal solutions that makes it impossible to multinational corporations to adopt a consistent approach. The recent EDPB opinion on the legal basis for processing of data deriving from clinical trials has further shown that there has been a shift away from consent as the legal basis for the processing, but some countries (like Germany, Italy and Spain, for example) continue to find it hard to accept such a shift.

#3: EU harmonization is expected to occur in the coming years in a number of areas, such as off-label use, artificial intelligence and health technology assessment.

#4: Compliance efforts must be continued, but it is clear that formal compliance is not sufficient to shield a company from risks, especially reputational risks. Even when compliance safeguards are in place, the approach to reputational risks must be perfectionist, as pointed out by Ms. Alice Cabrio, compliance officer at Roche S.p.A.

Enjoy your weekend, and do not forget to celebrate the GDPR’s first birthday!