Skip to main content

What is this CRO Code of Conduct?

This GDPR EUCROF Code of Conduct is a transnational Code, developed under Article 40 of the GDPR, recognized by the 27 EU data protection authorities and approved by the European Data Protection Board (EDPB). It represents an interpretive guide, created and supported by multiple stakeholders and opinion leaders in the Clinical Research Industry.

Who is concerned?
This code serves as an effective governance and accountability mechanism for data processing activities conducted by CROs (Contract Research Organizations) and other service providers in clinical research acting as Data Processors. As a CRO, it’s crucial to meet these standards to safeguard trial participants’ privacy rights under the EUCROF GDPR Code, while responsibly using personal data in Clinical Research.

MyData-TRUST can support you effortlessly

Asking support of MyData-TRUST will unlock full compliance effortlessly with our tailored action plan. Our service evaluates your compliance with the CRO Code of Conduct Audit, ensuring your adherence to best Data Protection practices. Our assessment focuses on verifying the adequacy of your technical and organizational security measures as required by legal mandates and industry norms. MyData-TRUST provides practical tools to help your company align with the CRO Code of Conduct by:

  • ensuring readiness for regulatory scrutiny
  • enhancing operational efficiency
  • offering practical guidance
  • facilitating your journey towards adherence to relevant standards (through inspection dry-runs or mock-audits)

The service will provide an overview of your compliance status and identify any deviations from the targeted standards. You will receive an audit report that includes an action plan to achieve your desired level of maturity.

We also offer additional services following the Maturity Audit Service (subject to a separate agreement) to develop solutions and assist you in reaching your desired level.

How to adhere to the GDPR CoC for CROs?

  • Be prepared: seek support from MyData-TRUST to assist in preparing your Adhesion dossier. MyData-TRUST offers practical tools to help your company comply with the CRO Code of Conduct Audit.
  • Complete an organizational profile and a Code’s compliance questionnaire (“Compliance Dossier”). 
  • Submit your compliance dossier to the Code’s Supervisory Body (COSUP). 
  • COSUP will review the Compliance Dossier and issue its resolution. 

Why Should Your Organization Adhere?

The aim is to minimize administrative and operational inefficiencies that arise from varying interpretations of the GDPR. This involves acquiring actionable guidance on how to exhibit and sustain compliance. It also includes sharing valuable experiences with fellow adherents. The goal is to enhance the efficiency in providing services to sponsors of clinical trials. This includes earning the privilege to showcase one of the Code’s Compliance Marks as a seal of compliance. Lastly, it’s about showing adherence to compliance and maintaining high service standards to sponsors conducting clinical trials within the European Union.

Evaluate and Elevate Your Compliance

Through this process, we will help you evaluate your compliance status with respect to a defined standard. Alternatively, we assist you to elevate your compliance with our tailored Services.

Competitive Advantage

Adhering to standards is a prerequisite for legal compliance and also offers a competitive advantage. Whether you require an assessment of your current compliance level with established standards (such as Code of Conduct Audit, ISO, GDPR, etc.) to prepare for adherence or simply to evaluate your compliance journey after implementing a privacy program, our maturity audit will help in raising credibility and quality of your CRO services.

Gain Time and Trust

Displaying the Code’s Compliance Mark signifies your commitment to compliance and high service standards, crucial for:
– gaining time through RFP processes and reducing administrative complexities
– gaining trust from clinical trial sponsors worldwide

Interested to learn more about the GDPR Code of Conduct Audit for CROs?

Contact Us