X
Cookies settings & disclosure
INFO@ACHIEVEDCOMPLIANCE.COM
Achieved Compliance GDPR
1-571-568-3658
NEWSLETTER SIGNUP
BLOG
contact us

Life sciences sectors

You're faced with a complex cloud of life science compliance requirements.  We're here to help. We speak the language of processing human subject data and understand how it intersects with global privacy laws.

"Remember to consider global privacy laws before collecting clinical trial or health research data.”

MELISE BLAKESLEE ESQ

Melise Blakeslee, Esq., CIPP/E

How We Protect You

Achieved Compliance legal team

Achieved Representation:
Your Virtual DPO

Achieved Representation offers on-the-ground EU representation and DPO services universities and research centers.

read more

establish data protection compliance

Virtual Data Protection Officer (DPO):
Strategic Data Management

Our team will work with you to develop andimplement a clear action plan covering your short-term and long-term needs.

read more

Organizations that trust us with global data privacy

Vanderbilt University Medical Center
THREAD Reasearch
Owens & Minor
Esperion Therapeutics
See More

ASK US YOUR QUESTIONS

Have a question about data privacy? Unsure about a new regulation affecting your industry? Send us a message and we'll connect you with a (human) expert to help you navigate the latest complexities in data privacy with ease.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Are You Following This?

Dutch Data Protection Authority Fines Uber for Storing Personal Data in U.S. Without Required Protections

On August 26, 2024, the Dutch Data Protection Authority fined Uber €290 million ($324 million) for failing to comply with EU data transfer rules under the GDPR. Uber transferred sensitive data from over 170 French drivers to U.S. servers without implementing required safeguards.

New York State Attorney General’s Office Issues Guidance on Tracking Technologies and Privacy

The New York Attorney General’s office released guidance on July 15, 2024, signaling increased oversight of online cookie practices. Companies should ensure cookies are correctly categorized, consent tools respect consumer choices, and privacy claims are accurate. Organizations are advised to implement strong policies, test tracking technologies, and seek compliance assistance to avoid enforcement actions.

Spanish Data Authority Fines Data Processor for Failure to Assess and Address Risks of Security Breach

The Spanish data protection authority (AEPD) fined I-DE Redes Electricas Inteligentes (I-DE) 3 million euros for failing to assess its security breach risk, violating Articles 5(1)(f) and 32 of the GDPR. Despite I-DE's claim that the breach was due to a cyber attacker and that they had implemented detection measures, the AEPD emphasized the necessity of preventive measures in addition to remedial actions.

Connecticut Attorney General’s Office Releases Report on New Data Privacy Law

Less than a year after the Connecticut Data Privacy Act (CTDPA) took effect, the state's Attorney General's Office (OAG) reported on its activities. The OAG issued over a dozen violation notices across various sectors. Enforcement focuses on privacy policies, sensitive data, teens' data, and data brokers. The Report recommends measures to strengthen the CTDPA, including narrowing the entities exempt from compliance.

Colorado Adds Additional Protections for Biological and Neural Data in Amendment to the State’s Privacy Law

In April, Colorado amended the Colorado Privacy Act (CPA) to include protections for biological and neural data. The amendment expands the definition of "sensitive data" to cover this information, requiring data controllers to obtain consumer consent, conduct data protection assessments, and update privacy notices. These new provisions take effect on August 6.

Maryland Passes the Online Data Privacy Act of 2024: What You Need to Know About MODPA

Last month, Maryland joined the growing list of states that have passed comprehensive privacy legislation with the introduction of the Online Data Privacy Act of 2024 (MODPA). The new legislation will mandate companies to comply with data protection requirements related to data minimization, safeguarding sensitive data, and the processing and sale of data of minors. Here's what you need to know: