Where Is Data Privacy Going? Depends On Where It Came From

Kristin Buske
Written By
Kristin Buske
September 25, 2017

Samuel D. Warren and Louis D. Brandeis’ 1890 article “The Right To Privacy” has become classic reading for 21st century data professionals. But as we discovered in an excellent webinar with Denise Farnsworth Chief Privacy Officer, Senior Corporate Counsel at Jazz Pharmaceuticals, Brandeis’ article forms only half of the data privacy story.

What data privacy means to you will, of course, be influenced by why you want it.

In contrast to the USA, where the motivation to secure individual privacy was largely economic, arguments favoring data privacy in EU focus on personal safety. After all, it was less than a century ago that a breach of personal data security spelled out life-threatening consequences in the region.

What does this mean for businesses in the EU, as they receive, manage, process and control large (and increasing!) amounts of personal data? For the life sciences, where such data may take the shape of clinical trials, sensitive patient information, and insurance-related-data, the criticality of protecting individual privacy becomes all the more important.

The GDPR, which will come into full force in May 2018 is an important development in protecting the personal data of natural persons. But will its impact only be felt in the EU?

In answering this, we return to our original question—about where data privacy is headed.

According to Section 23 of the GDPR:

“In order to ensure that natural persons are not deprived of the protection to which they are entitled under this Regulation, the processing of personal data of data subjects who are in the Union by a controller or a processor not established in the Union should be subject to this Regulation where the processing activities are related to offering goods or services to such data subjects irrespective of whether connected to a payment…”

This is supported by Section 24:

“The processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union should also be subject to this Regulation when it is related to the monitoring of the behavior of such data subjects in so far as their behavior takes place within the Union….”

To learn more about data privacy and the GDPR, register for the Life Sciences GDPR Boot camp today!

Denise FarnsworthEU GDPR Bootcamp

Kristin Buske

About the Author

Dr. Buske earned her PhD in Immunology in 2004 and completed her Post-doctoral research at the German Cancer Research Center in 2008. She has been a key decision-maker in pharmaceutical industry in the region, with important responsibilities in Abbott GmbH & Co.KG, Merz Pharmaceuticals and Teva GmbH. Currently the Head of MSL Excellence at Merck, she joined qordata as the Principal Consultant in 2016. Her work has been instrumental in creating a culture of compliance and improved business performance in the pharmaceutical industry.