Practical Implementation of GDPR within Medical Information: A Post-Webcast Perspective

Jul 26, 2018

The General Data Privacy Regulation (GDPR) took effect May 25.2018 and its primary intent is to deliver greater data privacy protection to EU citizens, including protection for health-related data. To ensure that medical information professionals could assess their understanding of and level of compliance with this recently enacted regulation, ArisGlobal held a July 18th webcast, “Practical Implementation of GDPR within Medical Information.

Since GDPR was first announced several years ago, ArisGlobal has been busy working with our user base, consultants, and internal and external auditors. We took their insight to arrive at our own interpretation of GDPR and then began working on how we could ensure that data privacy and data protection is by design, and what specifically our medical information management system, LifeSphere® MI, can do to support GDPR from the outset.

Support for GDPR involves having a combination of tools, technologies and processes in place. Gauging from the very strong interest, attendance, and questions asked by our webinar attendees, there is clearly still a level of concern and uncertainty from the medical affairs community as to their respective company’s level of understanding and compliance of this complex guideline.

Our hour-long webcast did not offer legal advice on the interpretation of GDPR, but rather focused on the practical implementation of GDPR within a medical information system, and specifically covered seven key areas:

  • Data Encryption (encryption of data at rest
  • Data Privacy Policy
  • Viewing/Accessing Private Data from Different Countries
  • Data Redaction
  • Reporting
  • Exclusions
  • Inquiry Fulfillment

Our webinar presenter, Simon Sparkes, ArisGlobal Executive Vice President of Medical Affairs, kicked things off by posing the first polling question, “Have you assessed your medical information system for compliance with GDPR regulation?” so as to assess the audience’s current state of GDPR compliance readiness. Results indicated:

This took us somewhat by surprise as most of the companies ArisGlobal staff are in discussions with still largely fall either in the “no” (i.e., not yet started) or “in progress” stage.

Responses to our second polling question, “Have you accommodated GDPR in your current MI solution?” more closely aligned to our understanding of where things stand for most companies:

Based on all the topics covered, responses to the final polling question “Are you GDPR ready?” seemed in conflict to some extent with the responses to the second poll results:

Over two-thirds of the responding audience believe their company is “GDPR ready.” That is great news, but we can only surmise that if 57% haven’t assessed their MI solution for GDPR readiness, as shown in the responses to the first poll question, then the majority who are “GDPR ready” did not leverage their MI solution to assist in the effort. If that assumption is correct, that is unfortunate since an MI solution like LifeSphere MI, by its design, can provides the tools, technology and process in place to help ensure the ongoing proper consent to collect and share patient data, handle data retention, redaction and possible GDPR exclusions.

Lots of attendee questions pertaining to retention periods, pseudonymization, medical inquiries with associate adverse events, and more were answered before the webinar concluded. You can learn more by viewing the on-demand webcast at your convenience.

Request a Demo


About ArisGlobal

ArisGlobal is transforming the way today’s most successful Life Sciences companies develop breakthroughs and bring new products to market. Our end-to-end drug development technology platform, LifeSphere®, integrates our proprietary Nava® cognitive computing engine to automate all core functions of the drug development lifecycle. Designed with deep expertise and a long-term perspective that spans more than 30 years, LifeSphere® is a unified platform that boosts efficiency, ensures compliance, delivers actionable insights, and lowers total cost of ownership through multi-tenant SaaS architecture.

Headquartered in the United States, ArisGlobal has regional offices in Europe, India, Japan and China. For more updates, follow ArisGlobal on LinkedIn and Twitter.

Additional Information

Connect with ArisGlobal on LinkedIn:
Follow @Aris_Global on Twitter:


Erika Thomas
+305-726-6601 |