Description

This first study setup process relates to the design of the study protocol (defines the purpose and means including the justification of the collect of sensitive data) and the CRF (identifies the data to be collected).

Subject matter of processing

Development of guidelines (protocol), project plans, data collection forms including case report forms (CRF).

Purpose processing

Setting up the framework of evidence for privacy by design, including integration of data minimisation, purpose limitation, and confidentiality principles.

Nature processing

Processing of personal data of study subjects is not envisaged.

Types personal data

NA

Duration processing

NA

Created 2021-08-10 13:26
Updated 2026-06-07 13:21
Description

Refers to all activities carried out to design the information and/or Informed Consent Form (ICF) for the study subjects according to the type of study and the applicable regulations.

Subject matter of processing

Development of information for study subjects about study-related data processing

Purpose processing

Compliance with the right to information of study subjects

Nature processing

Processing of personal data of study subjects is not envisaged

Types personal data

NA

Duration processing

NA

Created 2021-08-10 13:29
Updated 2021-08-10 13:29
Description

Refers to all activities related to the selection of investigational sites that would potentially participate to a clinical study, including in context of a feasibility study, and up to the signature of the contract with the investigational sites. The concerned service may be referred to as “Site feasibility”, “Site identification”, “Investigator selection”. CROs arranging investigator meetings should to class of services (23) Arrangement of investigator meetings.

Subject matter of processing

Collection and analysis of personal data of healthcare professionals

Purpose processing

Selection of healthcare professionals qualified and capable of performing investigator’s tasks; assessment of compensation and remuneration.

Nature processing

Collection/obtainment, transfer/transmission, storage, analysis, deletion/destruction.

Types personal data

Healthcare professionals: surname, name, gender, date of birth, signature, postal address, electronic and telephone contact details, bank details; education: qualification(s); professional life (including professional background, method and type of practice, necessary elements for assessing the knowledge they have for conducting the research); where applicable, registration number in the shared register of healthcare professionals; total compensation and remuneration received; participation in other studies; training schedules, performance.

Duration processing

Bid defense meeting to completion of site initiations, site identification may continue throughout the Study.

Created 2021-09-01 15:14
Updated 2026-06-06 18:17
Description

Refers to all activities, performed by the CRO, and related to the collection of data required for the purpose of the clinical research. 

  • Data collected directly from subjects/proxies.
  • Data collection by healthcare professionals through CRF (paper or electronic).
  • Data collection from other data sources.

Examples are provided in appendix 2 of the Code. 

Subject matter of processing

Accumulating study databases of health data for conducting research.

Purpose processing

Enabling main purpose of research; identification of individuals as study subjects.

Nature processing

Collection/obtainment, transfer/transmission, storage, analysis

Types personal data

Study subjects: data concerning health; photographs and/or video and/or voice recordings not enabling the research subjects to be identified, e.g., masking the face, the eyes, distinctive characteristics, dates pertaining to the conduct of the research, i.e. enrolment date and visit dates; ethnic origin; genetic data strictly necessary to comply with the research objectives or purposes, not enabling the direct or indirect identification; marital status; level of education; socio-professional category; professional life, e.g., occupational exposure; affiliation to social security, (excluding registration number in the national identification directory of natural persons), supplementary insurance (mutual, private insurance); participation in other research or studies, in order to ensure compliance with the inclusion criteria; consumption of tobacco, alcohol and recreational drugs; lifestyles and behaviors, assistance (domestic help, family), physical exercise (intensity, frequency, duration), diet and eating habits, leisure pursuits; lifestyle, e.g., urban, semi-urban, traveler, sedentary; accommodation private house or block of flats, floor, lift, etc.; sex life; vital status, etc.

Duration processing

Pre-screening until study termination/withdrawal or until the study product receives a marketing authorisation or until two years after the final publication of the research results; or where there is no publication, until the final report of the research has been signed.

Created 2021-09-01 15:16
Updated 2026-06-07 12:05
Description

Refers to all activities performed by the CRO in the frame of monitoring of the study. The monitoring process strives to fulfil three purposes:

  • Protect the rights and well-being of human subjects;

  • Conduct the trial in compliance with the protocol, GCP or other applicable standard and applicable regulatory requirements;

  • Verify the accuracy and completeness of trial data.

    Monitoring activities are usually conducted according to three different approaches: 

    (1) onsite monitoring; 

    (2) remote monitoring; 

    (3) centralized monitoring (data management) [data-oriented activity where data managers execute checks on data and provide indicators and deep data analysis to study monitors; monitors then execute site monitoring (on-site and / or remote) to solve detected issues].

    Examples and additional comments are provided in appendix 2 of the Code.

    Subject matter of processing

    Comparing source records and completed data collection forms; ensuring proper completion and storage of ICF, safety reporting.

    Purpose processing

    Verification of accuracy of data transfer from source records to study data collection forms, of appropriate authorization to processing and participation.

    Nature processing

    Collection/obtainment, transfer/transmission, analysis, storage, deletion/destruction.

    Types personal data

    Same as for class of services (4) Data collection.

    Duration processing

    From fist subject enrolled to CRF database lock.

    Created 2021-09-01 15:27
    Updated 2026-06-07 12:05
    Description

    Medical Monitoring services vary according to study design and regulatory classification. Medical supervision is regulated for clinical trials.

    Such services may include the following activities:

    • Participation in study steering committees and integration of expertise as appropriate,
    • Development and/or review of protocol and study documents (initial and amendments),
    • Participation in study feasibility assessment and site selection,
    • Study stakeholder training including participation in investigators meetings with a focus on IMP and medical aspects of the protocol,
    • Day-to-day problem-solving and medical guidance on study related issues to the project team, e.g., specific site questions for protocol clarification; completion of the CRF, safety-related management issues; for interventional studies, check patient eligibility per protocol and review protocol deviations,
    • Close monitoring of clinical study database from safety perspective,
    • Provide medical input on safety data and case narratives,
    • Review and comments study data analysis and outcomes (SAP, CSR, publications).

    Subject matter of processing

    Communication with regulatory authorities, ensuring compliance with regulatory requirements, evaluation of eligibility of study subjects for entering/continuing participation.

    Purpose processing

    Demonstrating accountability for appropriate management of health-related risks, analysis of impact from the investigational product on well-being of study subjects.

    Nature processing

    Collection/obtainment, transfer/transmission, analysis, storage.

    Types personal data

    Same as for class of services (4) Data collection.

    Duration processing

    First subject enrolled to clean up of safety monitoring databases and CRF database lock/transfer of the trial master file.

    Created 2021-09-01 15:29
    Updated 2026-06-07 12:17
    Description

    CROs can provide a large spectrum of services contributing to the safety of medicinal products and medical devices. Services are performed either in post-marketing setting (spontaneous reporting system outside a study and other services such as systematic literature review and signal detection) and/or in studies or other organised data collection system that are not qualifying as clinical studies (solicited collection of safety information).

    Typical procedures managed by PV units in studies include guidance on adverse events (AEs) to be collected during the study and rules for reporting by site to PV unit; individual case safety report management (including acknowledgment of receipt of individual AE reports, case triaging for duplicates, recording in safety database, AE report quality control and query, causality assessment and case narrative writing); submission of valid cases to competent authorities as appropriate.

    These activities are highly regulated. They require the use of a safety database independent from clinical study database, allowing proper case management and electronic submission of valid cases to regional databases (typically, EudraVigilance in EU).

    Besides individual case management and submission, Pharmacovigilance require generation of periodic aggregate reports (DSURs, PSURs). Case processing may require direct nominative contacts with reporters (consumers and healthcare professionals) but submission to authorities is managed in a de-identified way.

    Subject matter of processing

    Communication with regulatory authorities, ensuring compliance with regulatory requirements, evaluation of eligibility of study subjects for entering/continuing participation.

    Purpose processing

    Same as for class of services (6) Medical monitoring.

    Nature processing

    Same as for class of services (6) Medical monitoring.

    Types personal data

    Same as for class of services (6) Medical monitoring.

    Duration processing

    Same as for class of services (6) Medical monitoring.

    Created 2021-09-01 15:31
    Updated 2026-06-07 12:23
    Description

    Supplementary patient services that will require processing of the administrative identifying data of the study subjects (e.g., surname, name, postal address, electronic and telephone contact details, bank details, etc.).

    Examples of direct-to-patient services are provided in appendix 2 of the Code.

    Subject matter of processing

    Communication for the delivery of the service.

    Purpose processing

    Providing support to study subjects that is related to the administrative activities that are needed or complementary to the research and are beyond the essential research purpose.

    Nature processing

    Collection/obtainment, transfer/transmission, storage, de identification (pseudonymisation, anonymization, aggregation, masking, removal of data elements), deletion/destruction.

    Types personal data

    Depends on the type of service, and will imply combination of minimal health data, e.g., disease name, general information on the individuals’ specific health condition; with identifying data of study subjects, e.g., surname, name, postal address, e-mail address, bank details; transportation services, location, reimbursement costs, etc.

    Duration processing

    Study subject’s data received to end of service delivery with consequent deletion of identifying data; duration of retention of aggregate data for financial accountability shall be defined by the applicable national laws.

    Created 2021-09-01 15:33
    Updated 2026-06-07 12:51
    Description

    Refers to the following activities:

    • Development of a Data Management Plan before data management activities start to describe the processes used to manage the data throughout the conduct of the study.
    • Process for the development of data collection systems for paper based, electronic and hybrid systems; this covers Electronic Data Capture (EDC) software management from configuration, maintenance and change control during production phase.
    • Quality control of the database for paper documents (including defining sample, data and variables to be checked and acceptable threshold as well as actions to be taken according to results).
    • Ongoing data cleaning process during the study from the first data captured to the final database locked. This will be done by using program edit checks, data listings review, medical review, quality review and source data verification. This could include reconciliation with external data.
    • Data coding process to allow coding medical data received via the medical database per defined coding guidelines; this will include auto encoding and manual encoding process as well as coding reports review.
    • Safety Event Database Reconciliation process to reconcile key safety event data variables stored in the study clinical database and in the safety/pharmacovigilance database.
    • Data review (interim, final) where quality of the data is evaluated and general decisions are taken to ensure the data transmitted for the analysis will have the appropriate level of quality.
    • Database lock and unlock process for interim and final study database to restrict access to the database to avoid non-authorized modification of the clean database before the analyses. This includes extraction of the database in a specific location ensuring proper read only access but also no change happened between the copy of extracted files and the removal of access rights of the database.
    • Data transfer process (import and export) including development of transfer specifications to ensure transfers are performed according to specifications with appropriate quality check. Specification may include transfer method, format, frequency, content of the files (names/labels/formats of the variables), test transfer modality, detection of identifiable data including how they will be handled and specific measures to guarantee the security of the transfer of these data.

    Data Management class of services may include data engineering (processing data to enable machine to machine data transmission for instance), data science (development of processing algorithms based on artificial Intelligence techniques) and data analyses (restitution of data in a way adapted to their interpretation and support for decision making). A CRO with the appropriate expertise may also offer data anonymisation of personal data of study subjects via secure methods.

    Subject matter of processing

    Establishing and/or following the established rules for verification of data accuracy, verification proper, data coding, data entry, communication for service delivery.

    Purpose processing

    Verification, control, restoration of data accuracy.

    Nature processing

    Collection/obtainment, access, analysis, alternation, combining, transfer/transmission, de-identification (pseudonymisation, anonymization, aggregation, masking, removal of data elements),, deletion/destruction, storage

    Types personal data

    Study subjects: study health data, subject identification code, demographic data.

    Duration processing

    Setup of study database to database lock/transfer of trial master file, including anonymization of all or part of personal data.

    Created 2021-09-01 15:34
    Updated 2026-06-07 12:57
    Description

    Refers to the following activities:

    • Development of a Statistical Analysis Plan that describes the variables to be analyzed and the method to be used to perform the analysis.
    • Processes for statistical analyses covering the programming, quality control and delivery of statistical analysis, including the datasets, and statistical Tables, Figures and Listings (TFLs) outputs and the process to communicate (where, how , access restricted) the results of the statistical analyses to the medical writer for the development of the clinical study report or any other stakeholders, e.g., sponsor.

    Subject matter of processing

    Analysis of study data obtained from the results of data management activities, communication for service delivery.

    Purpose processing

    Statistical analyses of study, development of TFLs.

    Nature processing

    Collection/obtainment, analysis, combining, alternation, transfer/transmission, de-identification (pseudonymisation, anonymization, aggregation, masking, removal of data elements), storage.

    Types personal data

    Study subjects: study health data, subject identification code.

    Duration processing

    Development of statistical analysis plan .to provision of clinical study report to sponsor.

    Created 2021-09-01 15:36
    Updated 2026-06-07 13:01
    Description

    Refers to all activities carried out to design the CSR that accurately reports the study objectives, methods, the statistical analyses performed and their results. The results are presented in an aggregated way, but some individual coded data can be listed as necessary.

    Subject matter of processing

    Interpretation of study data in accordance with study results, including aggregated and identifying personal data.

    Purpose processing

    Development of description, summary, presentation of analysis of the research via the clinical study report.

    Nature processing

    Collection/obtainment, storage, alternation, transfer/transmission, deletion/destruction, de-identification (pseudonymisation, anonymization, aggregation, masking, removal of data elements).

    Types personal data

    • Study subjects: study health data, subject identification code, etc.
    • Healthcare professionals: name, position, place of work, opinions, qualifications, experience in clinical research, etc.

    Duration processing

    Receipt of statistical analyses outcomes to acceptance of clinical study report by sponsor.

    Created 2021-09-01 15:37
    Updated 2026-06-07 13:03
    Description

    Refers to all processes performed in the frame of the financial monitoring of a clinical research program, and in particular the payment of investigational sites: fees and complementary procedures (additional examinations, products etc.).

    Subject matter of processing

    Arrangement of money transfer, receipt of payment confirmations.

    Purpose processing

    Execution of financial contractual obligations.

    Nature processing

    Collection/obtainment, transfer/transmission, storage, deletion/destruction, de-identification (pseudonymisation, anonymization, aggregation, masking, removal of data elements).

    Types personal data

    Healthcare professionals: bank account numbers, contact details, location, position, etc.

    Duration processing

    End of archiving period for financial accountability.

    Created 2021-09-02 14:54
    Updated 2026-06-07 13:03
    Description

    The public disclosure is the process where the results of statistical analyses outcomes, documentation developed for the study, clinical study report is spread in the public domain such as regulatory agencies who made available CSR to the public, or the sponsor publishing the information in scientific journals or events.

    Subject matter of processing

    Transfer of study data to a third party location with subsequent disclosure by the third party.

    Purpose processing

    Mandatory and requested/voluntary disclosure.

    Nature processing

    Transfer/transmission (as disclosure methods), de-identification (pseudonymisation, anonymization, aggregation, masking, removal of data elements), storage, deletion/destruction.

    Types personal data

    • Study subjects: health and demographic data (additional notes are provided in appendix 2 of the Code).
    • Healthcare professionals: name, position, place of work, opinions, qualifications, experience in clinical research, etc.

    Duration processing

    Receipt of statistical analyses outcome/CRS to confirmation of performed disclosure.

    Created 2021-09-02 14:56
    Updated 2026-06-07 13:07
    Description

    Refers to all activities carried out by the CRO for the translation of study documents/data including personal data, e.g., CSR.

    Subject matter of processing

    Change of the language code for the representation of study data.

    Purpose processing

    Presentation of study data, including personal data, in the language understandable for the authorized recipients.

    Nature processing

    Collection/obtainment, storage, de identification (pseudonymisation, anonymization, aggregation, masking, removing of data elements), deletion/destruction.

    Types personal data

    • Study subjects: same as for classes of services (4) Data collection and (8) Direct-to-patient services.
    • Healthcare professionals: same as for class of services (3) Site selection and contract.

    Duration processing

    Delivery of the service, and partial archiving as required for study purposes.

    Created 2021-09-02 14:59
    Updated 2026-06-07 13:10
    Description

    Refers to all activities performed by a CRO in the frame of audits, e.g., on-site audits, commissioned where access to confidential information may be required for the audits where personal data falling under the scope of this Code may be concerned.

    Subject matter of processing

    Review of study data and development of audit evidence.

    Purpose processing

    Verification of legal, contractual, applicable standard/regulatory compliance.

    Nature processing

    Collection/obtainment, analysis, transfer/transmission, storage, de identification (pseudonymisation, anonymization, aggregation, masking, removing of data elements), deletion/destruction.

    Types personal data

    Any study data, including personal data listed in all classes of services, target data depend on audit scope.

    Duration processing

    Audit request and preparation to end of archival period for the audit documentation, as required by applicable national law.

    Created 2021-09-02 15:12
    Updated 2026-06-07 13:12
    Description

    Refers to the process of delivering all administration and management services required to maintain a software solution in a fully operational condition according to the terms of the Service Contract to a client. The owner of the source and executable code of the software solution can be a third party, as well as the provider of the IT infrastructure. The applicable usage license conditions shall be included as part of the Service Contract, as well as all conditions of delivery of the software maintenance.

    Such software license can be purchased directly by the Sponsor from the IT vendor and used by other CROs according to their Service Contract or purchased by the CRO from the IT vendor who then shall be listed in the sub-processors' list.

    Examples of IT platforms are provided in appendix 2 of the Code.


    Special note: When a CRO delivers software for class of services (20) Maintenance of Trial Master File, which enables configuring and further operating/managing the TMF, the CRO is subject to the requirements applicable for class of services (16) Provision of IT-managed services.

    Subject matter of processing

    Establishing tools/mechanisms to perform programmed data flow/processing.

    Purpose processing

    Maintaining integrity, availability and confidentiality of data when processed through the delivered software solution.

    Nature processing

    Collection/obtainment, storage, deletion/destruction.

    Types personal data

    • Study subjects: same as for classes of services (4) Data collection and (8) Direct-to-patient services.
    • Healthcare professionals: same as for class of services (3) Site selection and contract.

    Duration processing

    Until termination of consultation and maintenance.

    Created 2021-09-02 15:15
    Updated 2026-06-07 13:21
    Description

    Refers to all processes required to deliver to a client the necessary physical resources to host a software solution, such as secure data centre facilities, including processing capacity, data storage space, internet connectivity, monitoring systems etc. As well as possible virtualisation technologies and/or management resources.

    Additional comments and examples are provided in appendix 2 of the Code.

    Special notes:

    • Applies when a CRO provides and maintains in operational condition the physical sites for hosting the hardware infrastructure of the information system used to process study-related personal data, including health-related data, or/and provides and maintains in operational condition of the hardware infrastructure of the information system used to process study-related personal data, including health-related data.
    • When a CRO provides the software for class of services (20) Maintenance of Trial Master File, which enables configuring and further operating/managing the TMF, as well as installs the software on its hosts the hardware provided and maintained by the CRO on its premises, at least until the shipment to the sponsor the CRO is subject to the requirements applicable for classes of services (16) Provision of IT managed services and (17) Provision of physical hosting infrastructure.

    Subject matter of processing

    Establishing and maintaining secure environment for data use.

    Purpose processing

    Ensuring appropriate technical and organizational measures for data use.

    Nature processing

    Collection/obtainment, storage, transfer/transmission, deletion/destruction.

    Types personal data

    • Study subjects: same as for classes of services (4) Data collection and (8) Direct-to-patient services.
    • Healthcare professionals: same as for class of services (3) Site selection and contract.

    Duration processing

    Until completion/termination of service.

    Created 2021-09-02 15:23
    Updated 2026-06-07 13:32
    Description

    Refers to the process consisting in providing technical support to users of an IT platform used in the context of one or several clinical studies. This kind of service is usually included in the Service Contract of IT vendors. It can include a shared information system to record and follow every request for support (ticketing system). It requires that personal data from the potential users (investigators, clinical research assistants, clinical nurses etc.) be collected. Because the users may refer to practical cases / situations, patients' data may be exchanged with the hotliners. This may also be the case if the IT platform includes ePRO or eCOA systems and first level support is provided by the IT vendor.

    Subject matter of processing

    Providing technical support to resolve technical difficulties related to the use of software employed to process personal data.

    Purpose processing

    Ensuring organizational security measures for data use.

    Nature processing

    Collection/obtainment, storage, transfer/transmission, deletion/destruction, de identification (pseudonymisation, anonymization, aggregation, masking, removing of data elements).

    Types personal data

    • Study subjects: same as for classes of services (4) Data collection and (8) Direct-to-patient services.
    • Healthcare professionals: same as for class of services (3) Site selection and contract.

    Duration processing

    Until completion/termination of service.

    Created 2021-09-02 15:26
    Updated 2026-06-07 13:36
    Description

    Refers to the process consisting in removing / deleting all data of a client from the IT environment of the provider when the contractual relationship terminates. The Service Contract shall include provisions for decommissioning services.

    Decommissioning services shall be required for any class of services that envisages the employment of a computer system processing personal data. The Data Processing Agreement shall implement the corresponding requirements for those data falling under the GDPR.

    Examples are provided in appendix 2 of the Code.

    Subject matter of processing

    Removing the concerned personal data from IT environment.

    Purpose processing

    Securely removing all personal data from hosting environment.

    Nature processing

    Deletion/destruction.

    Types personal data

    • Study subjects: same as for classes of services (4) Data collection and (8) Direct-to-patient services. 

    • Healthcare professionals: same as for class of services (3) Site selection and contract.

    Duration processing

    Until termination/completion of service.

    Created 2021-09-02 15:31
    Updated 2026-06-07 13:39
    Description

    TMF is set of electronic records and/or hardcopies relating to a clinical study, systematized and indexed for easy retrieval and use. The service consists of

    • Setup in agreement with the sponsor’s requirements, if any,
    • Assigning responsibilities for the filing and maintenance,
    • Identifying the study documents that are subject to filing,
    • Carrying out ongoing submission and processing of the documents,
    • Storage,
    • Review for accuracy and compliance with the regulatory and sponsor’s specifications,
    • Transfer to the sponsor.

    Subject matter of processing

    Data collection in accessible format with active access to data.

    Purpose processing

    Essential study documents, including personal data are catalogued in a standard manner, in compliance with ICH GCP and all other applicable standard.

    Nature processing

    Collection/obtainment, storage, deletion/destruction.

    Types personal data

    • Study subjects: any pseudonymised personal data processed for the research.
    • Healthcare professionals: any personal data processed for the research.

    Duration processing

    TMF setup to transmission of the TMF to the research sponsor.

    Created 2021-09-02 15:38
    Updated 2026-06-07 13:42
    Description

    Refers to services provided by the CRO to support the sponsors or the investigational sites to comply with their obligations after the end of the study. For example, according to GCP and CTR (2014/536), sponsors and investigational sites are required to archive all study related documents (TMF) and study data.

    Subject matter of processing

    Data storage in accessible format with no active access envisaged.

    Purpose processing

    Maintaining data availability for regulators, future studies, additional authorization submissions.

    Nature processing

    Collection/obtainment, archival, deletion/destruction, de -identification (pseudonymisation, anonymization, aggregation, masking, removing of data elements).

    Types personal data

    • Study subjects: any pseudonymised personal data processed for the research.
    • Healthcare professionals: any personal data processed for the research.

    Duration processing

    At least 25 years after the end or cancellation of the research pursuant to Clinical Trials Regulation No 536/2014 or Medical Device Regulation No745/2017 as applicable, or any other duration according to type of studies and per applicable legal/regulatory/standard/contractual requirements.

    Created 2021-09-02 15:39
    Updated 2026-06-07 13:45
    Description

    Refer to "Subject matter of processing".

    Subject matter of processing

    Transfer of personal data to regulatory authorities for evaluation of study personnel qualifications as a criteria of permission for study conduct.

    Purpose processing

    Compliance with the legal obligations to ensure appropriate qualifications of healthcare professionals through submission of regulatory dossiers accounting for adequate qualification of researches/investigators.

    Nature processing

    Collection/obtainment, transfer/transmission, storage, archival, deletion/destruction.

    Types personal data

    Healthcare professionals: surname, name, gender, date of birth, postal address, electronic and telephone contact details, bank details; education: qualification(s); professional life (including professional background, method and type of practice, necessary elements for assessing the knowledge they have for conducting the research); where applicable, registration number in the shared register of healthcare professionals; total compensation and remuneration received; participation in other studies, signature.

    Duration processing

    Same as for class of services (21) Archiving services.

    Created 2021-09-03 09:38
    Updated 2026-06-07 13:48
    Description

    Refer to "Subject matter of processing".

    Subject matter of processing

    Transfer of personal data of healthcare professionals to travel agencies, hotels, visa centers, and other third parties whose services are needed to enable transportation of healthcare professionals to the location of the investigative meeting.

    Purpose processing

    Ensure appropriate awareness of the investigative team of the research protocol and study requirements through delivering face to face research documents-focused trainings, enabling healthcare professional to network exchanging their experience in similar research; especially relevant for multinational research conducted at multiple investigational sites.

    Nature processing

    Collection/obtainment, transfer/transmission, storage, de identification (pseudonymisation, anonymization, aggregation, masking, removing of data elements), deletion/destruction.

    Types personal data

    Healthcare professionals: surname, name, postal address, electronic and telephone contact details, bank details; position, birth country, birth city, national ID type, national ID, citizenship status, citizenship country, nationality, travel details, national and international passport, visa applications, visa details, travel dates, itinerary, hotel booking details; bank account numbers, etc.

    Duration processing

    From acceptance by healthcare professional of the invitation to the investigator meeting to the provision of compensation of travel expenses to the healthcare professional by the sponsor; and/or end of retention of all financial accountability documents by CRO.

    Created 2021-09-03 09:40
    Updated 2026-06-07 13:50