Managing Your HCP Consent Program Under The GDPR–What Stage Are You On?

Salman Kasbati
Written By
Salman Kasbati
November 3, 2017
0 Comments

Under the GDPR, one of the key requirements is that controllers are required to manage consent with the HCPs that they engage with, at any level now as opposed to acquiring consent “only” for data publishing under the transparency directive. Browsing through industry experts and teams establishing consent management within their organisations, I believe we can plot stages at which most of the pharmaceutical drug and device manufacturers within the EU are placed at, with respect to managing their consent programs.

Here is what it looks like, so far:

Stages depicted in terms of an organization’s process maturity towards capturing, revoking and managing other areas of consent, under the GDPR:

  • Stage 0: No consent management program or not required
  • Stage 1: In process of establishing SOPs for managing consent. Probably would go for manual process as a start
  • Stage 2: Manual / paper-based consent program already implemented and either happy with the current process or working towards an automated vision
  • Stage 3: Automated consent management program already implemented and looking ways to improve the process or becoming GDPR compliant
  • Stage 4: In process of establishing SOPs / changes towards achieving GDPR compliant automated consent management program with some level of coverage on the regulation expected by May 2018

There might be other stages in the middle. I am sure most of us would love to learn:

  1. What stage your organisation is currently at? and
  2. What were some of the major challenges that you faced to get to that stage and would like to share with the rest of the community?
Salman Kasbati

About the Author

Muhammad Salman Kasbati is the COO at qordata. Before he joined qordata, he was the Director - Software & Consulting Services, and then Partner at Streebo. With a background in software development spanning over 16 years, his projects have served clients in energy, banking and the life sciences industry. He has led software projects at LMKR, CresSoft, and Avanza Solutions.


OUR SOLUTIONS CAN SIMPLIFY YOUR COMPLIANCE EFFORTS.