The CNIL has launched an investigation into a significant data breach affecting over 33 million individuals in France, involving third-party payment operators Viamedis and Almerys. It is the biggest breach in France involving...more
Le bureau Parisien de Hogan Lovells a le plaisir de vous adresser sa lettre d'information mensuelle qui vous présente les Actualités législatives et réglementaires du mois de décembre 2023. Ces Actualités législatives et...more
The French Data Protection Authority (the "CNIL") has just published two new reference methodologies for research, studies, or evaluations necessitating access to the data in the French Healthcare database. These new...more
A decision issued on May 4, 2023 by the European Court of Justice (the "ECJ") provides clarifications that are particularly welcome when answering requests for access from data subjects. In this decision, the ECJ, in response...more
Prenant en compte les conclusions de l’arrêt « Schrems II » du 16 juillet 2020, le nouvel Executive Order signé par le Président Biden, le 7 octobre 2022, introduit de nouvelles garanties notamment (i) en limitant les...more
The French Data Protection Authority (CNIL) has released a Q&A providing its position, possible alternative solutions as well as guidance on using a compliant audience measurement solution. It follows a set of formal notices...more
The healthcare sector is a current focus of the French data protection authority (CNIL) which just published two draft standards regarding processing of personal data in the context of Early Access and Compassionate Access....more
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more
On October 14, 2020, the French Administrative Supreme Court (Conseil d’Etat) published its decision in a lawsuit requesting that the French health data platform (Health Data Hub) be suspended for breach of the GDPR in light...more
10/22/2020
/ CNIL ,
Court of Justice of the European Union (CJEU) ,
Data Transfers ,
Enforcement Actions ,
EU ,
France ,
French Supreme Court ,
General Data Protection Regulation (GDPR) ,
Microsoft ,
Online Platforms ,
Personal Data ,
Popular ,
Regulatory Violations ,
Schrems I & Schrems II
The French Data Protection Authority (CNIL) has recently released new guidelines (French only) regarding human resources processing operations. ...more
Clinical trials have become increasingly important for pharmaceutical companies and medical device manufacturers, which are focused on collecting as much data as possible on products and devices and their adverse effects. All...more
1/17/2020
/ Best Practices ,
Big Data ,
Clinical Trials ,
Data Collection ,
Data Management ,
Data Processing Rules ,
EU ,
General Data Protection Regulation (GDPR) ,
Health Technology ,
Information Management ,
Information Technology ,
Life Sciences ,
Medical Devices ,
Medical Research ,
Patient Privacy Rights ,
Personal Data ,
Pharmaceutical Industry ,
R&D ,
Research and Development
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more
11/22/2019
/ Burden of Proof ,
Class Action ,
Cybersecurity ,
Data Breach ,
Data Processors ,
Data Protection ,
EU ,
EU Data Protection Laws ,
European Commission ,
Evidence ,
Forum Shopping ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Litigation Strategies ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
Risk Management ,
Russia
Clinical trials in the EU include the collection of sensitive health data from patients. Trial sponsors are obliged to reconcile their respect of regulations governing data protection with regulations governing the conduct of...more
4/25/2019
/ Clinical Trials ,
Data Collection ,
Data Processors ,
Data Protection ,
Electronic Medical Records ,
EU ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Informed Consent ,
Personal Data ,
Pharmaceutical Industry ,
Regulatory Standards ,
Scientific Research
Blockchain and artificial intelligence (AI) are opening new doors towards improving data efficiency in the life sciences industry. But these technologies may also impose unique limitations and curtail the traditional role of...more
10/24/2018
/ Artificial Intelligence ,
Blockchain ,
Clinical Trials ,
Data Controller ,
Data Management ,
Data Privacy ,
Distributed Ledger Technology (DLT) ,
General Data Protection Regulation (GDPR) ,
Information Technology ,
Internal Data Controls ,
Life Sciences ,
Personal Data ,
Pharmaceutical Industry ,
Popular
The French Data Protection Authority (the CNIL) published its assessment of the first four months of GDPR and several guidelines, including one on how to make a GDPR compliant blockchain. ...more
10/11/2018
/ Big Data ,
Biometric Information ,
Blockchain ,
CCTV ,
CNIL ,
Cybersecurity ,
Data Protection ,
Data Protection Authority ,
Data Protection Impact Assessments (DPIAs) ,
Distributed Ledger Technology (DLT) ,
EU ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Popular ,
Right to Erasure
The General Data Protection Regulation (GDPR) will enter into force on 25 May 2018. In light of the urgency to adapt Law no. 78-17 dated 6 January 1978 to the new European Union law, the French Government has initiated an...more
The Decree No 2018-137 of 26 February 2018 on the hosting of personal health data has been published on 28 February 2018 in the Official Journal. The Decree defines notably the arrangements for implementing the procedure for...more
3/6/2018
/ Certification Requirements ,
Data Collection ,
Data Management ,
Data Protection Principles ,
Data-Sharing ,
Electronically Stored Information ,
France ,
Personal Data ,
Regulatory Oversight ,
Regulatory Standards ,
Transparency