No organization should stand up a privacy initiative solely to achieve GDPR or HIPAA compliance, for example. Instead these efforts should be the impetus for growth and performance improvements.
Global life sciences organizations are working hard to meet the May 2018 compliance deadline for the European Union’s General Data Protection Regulation (GDPR). Despite this awareness and focus, their efforts lack specificity, as there is no industry-specific approach that takes into account the unique strategies and risks the industry faces. Further, one solution does not fit all, as organizations vary in privacy program maturity and risk tolerance. To help organizations begin to refine their approach to GDPR compliance, KPMG can help outline the primary areas in which life sciences organizations should focus.
As pharmaceutical research and development (R&D) evolves to encompass more far-flung clinical trial sites, GDPR data restrictions will have more and more of an impact on the pace and manner in which drugs are brought to market. In fact, 54% of CEOs according to a KPMG survey are reassessing their Global footprint. Restrictions on customer data usage in Europe may cause some to reconsider where they locate operations.