Summary
“The root cause of most privacy missteps is a lack of education, training and understanding of what the privacy rule actually is.”
In this Let’s Talk Risk! conversation, Naveen Agarwal and Edye Edens delve into the critical intersection of privacy laws and clinical trials. They explore the significance of privacy regulations like HIPAA and GDPR, the implications of proposed changes to HIPAA, and the role of AI in enhancing compliance and efficiency in clinical research. Edye shares real-world examples of privacy violations and emphasizes the importance of ongoing education and risk management in navigating the complex landscape of healthcare privacy.
Listen to the full 30-minute podcast or jump to a section of interest listed below.
Chapters
00:00:05 Introduction
00:02:12 Why privacy of patient information is important
00:04:57 Brief history of HIPAA regulation in the United States
00:08:03 Surprising fact: Clinical trial data is not Protected Health Information (PHI)
00:10:10 Brief overview of GDPR in EU
00:12:20 When to seek legal input during risk analysis
00:15:48 Implications of HHS proposed HIPAA security rules for clinical trials
00:19:16 Best practices for privacy law compliance
00:23:30 Application of AI in clinical trials space
00:26:43 Areal-world example of privacy non-compliance and liability
00:30:30 Closing comments and key takeaways
If you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.
Suggested links:
LTR: Clinical evaluation is a lifecycle process, not a one time activity.
LTR: Clinical evaluation under EU-MDR.
Key Takeaways
Privacy laws are essential for protecting patient data.
HIPAA allows patients to own their medical records.
GDPR covers a broader scope of personal data than HIPAA.
Understanding state laws is crucial for compliance.
Risk identification is key to managing privacy concerns.
AI can streamline regulatory processes in clinical trials.
Education and training are vital to prevent privacy violations.
Data breaches can lead to significant financial penalties.
The sharing of clinical trial data must be managed carefully.
Continued education helps organizations stay compliant.
Keywords
Privacy laws, clinical trials, HIPAA, GDPR, risk management, data protection, healthcare compliance, regulatory frameworks, AI in research, patient privacy
About Edye Edens
Edye Edens is a seasoned legal and compliance professional specializing in clinical research and life sciences. With a Juris Doctor from Indiana University Robert H. McKinney School of Law and a Master’s in International Research Ethics, she brings over 15 years of experience in research compliance, regulatory operations, and clinical trial oversight. Her expertise spans clinical trial compliance, privacy law (HIPAA, GDPR), and research operations, with a focus on oncology and scaling HRPP and site-specific operational needs. Edye’s background includes leadership roles at Indiana University and First Class Solutions, where she served as an adjunct professor, research administrator, and a research business development leader. She currently acts as Senior Attorney for the Kulkarni Law Firm where she advises AMCs, sponsors, CROs, and research sites.
Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.
Disclaimer
Information and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.
Share this post