The Challenges of Privacy

European GDPR requirements have been causing some concern to the FDA in terms of regulatory research reporting.

A blog post written by Heather Messick, currently a regulatory counsel in the FDA’s Office of Compounding Quality and Compliance, formerly of the FDA’s Europe Office, has outlined how BIMO – the FDA’s bioresearch monitoring programme overseeing the conduct and reporting of FDA-regulated research has been impacted by the European Data laws.

GDPR became law in Europe in 2018 to protect the collection and use of personal data of EU residents. Under the law, FDA investigators have found themselves facing challenges rendering completion of in-person BIMO investigations and conducting virtual data reviews impossible, saying that GDPR has impeded the ability to remotely review data during the pandemic, according to Messick.

Beyond BIMO, GDPR has also caused issues with the submission of data from clinical trials involving EU citizens – including valuable demographic data – which could potentially affect the robustness of information submitted to the FDA and have knock-on effects on product reviews and approvals. EU guidelines also mean that if a data subject withdraws consent to having their data processed, that any personal data relating to that subject be deleted or anonymised immediately. The FDA feels that this could compromise the integrity of the research overall.

Earlier this year, the EU and US agreed ‘in principle’ on a new agreement relating to the transfer of personal privacy data for commercial purposes but a full resolution has not yet been found. In the meantime, while they work toward a solution, the FDA Europe Office will be keeping a close eye on the situation.

Back to the list