// White paper // The European Union General Data Protection Regulations
5 September 2017
The European Union (EU) Data Protection Regulations (GPDR), effective from 27 April 2016, will apply to all organisations responsible for data processing, and any sub-contractors, from 25 May 2018.
These regulations replace the Data Protection Directive (Directive 95/46/EC). These regulations will apply to all EU states, which will also be able to comply with local regulations.
The EU GDPR will significantly change the management and storage of personal data by imposing new obligations and better practices on applicable organisations.
By the time of the implementation of the GPDR, therefore, companies involved in the life sciences must produce an inventory of their practices and review any contractual agreements with their partners (e.g. CROs, service and/or data collection solution providers, data hosting services) in order to check their conformity with GPDR and with the good practices promoted by the personal data protection authorities.