Duration: 1 x 4 hours
Date: March 20th 2025, Online
Speaker: Dr Elena Lucano

Training objectives:

This training is organized with the goal of providing participants with an extended understanding of the requirements related to the General Data Protection Regulation (EU) 2016/679 ("GDPR"). The GDPR requirements will be presented in relation to other state legal frameworks. The training links key GDPR aspects with the MedTech word discussing handling of personal data and sensitive data as part of the everyday activities of a medical device manufacturer. The training will also cover the applicability of GDPR during Clinical Investigations and ISO 14155.

Training content:

• Introduction
o From the data protection directive to the GDPR
o The need for data protection
o Data protection on different countries – some examples
o Relation between EU and US
o the GDPR, MDR/IVDR

• GDPR essential:
o Regulation structure
o Main aspects and novelties
o Regulation applicability

• GDPR focus:
o GDPR’s Rules on Processing Data
o Protection of Data, GDPR and ISO 27001, protection by design and by default
o GDPR’s Rules on Consent
o GDPR’s Rules on Processing Data
o Rights of the data subject
o GDPR Roles and Responsibilities (Supervisory authorities, Data controller and processor, DPO)
o GDPR’s Rules on data Breaches, and penalties

Training format:

• Presentations with interactive discussions
• Group and individual exercises
• End of training assessment