The Cordery team has considerable experience of compliance issues in healthcare including setting up policies, training and remediation work; for example, assisting with conducting internal investigations and dealing with security breaches.
The type of projects we handle include:
- Internal investigations (including supporting a client’s own investigatory team)
- Data protection advice including advice on:
- Clinical trials
- Marketing
- Key opinion leaders & clinicians
- Patient data
- Compliance monitoring
- Anti-bribery, gifts & hospitality – policies & training
- Supply chain due diligence and management, including advice on modern slavery laws
- Cyber security and security breach
- Product recall
- Social media policies, disclosures and training
- Product labelling
- Reputation management
- Safe Harbor
Experience
Recent projects members of our team have completed include:
- Dealing with a series of subject access requests in the health sector which involved proceedings being issued in the UK to enforce the subject access right. Those proceedings were settled on what our client believes to be acceptable terms.
- Rapid response to a security breach for a well-known healthcare organisation including a detailed risk assessment and advice on remedial measures
- Advice in connection with the marketing of healthcare related services including a Privacy Impact Assessment for moving some data to a cloud provider
- Risk audit for a medical devices company including data protection, bribery & corruption, transparency & data security
- Safe Harbor registration for a US based clinical research organisation
- Support to a US pharma company on compliance issues relating to its clinical trials program in Central & Eastern Europe
- Work on outsourced key opinion leader programs using Indian researchers for a European based pharma company
- Social media training and policies for a leading European based pharma business including face to face sessions for key management at their HQ
- Complex issues around transferring medical records and outsourcing an occupational health scheme in 5 European countries
- Advice regarding CRO (Clinical Research Outsourcing) and offshore statistical analysis
- Advice regarding the structuring of an online marketplace for healthcare-related services
- Advising on data protection contractual provisions in healthcare contracts with NHS trusts
- Advising a medical devices producer on data protection implications of their devices, including remote diagnosis and data transfer
- Competition law advice to a leading medical device company
- Assisting a medical technology provider in a project to secure preferred supplier status to a national health service
- Support to an internal investigation after whistleblower complaints were received by a US pharma business
- Risk and compliance advice to a new market entrant using technology to remotely monitor hospital hygiene standards
- Research and advice for a Japanese company on draft EU legislation on quality and safety standards for human blood and blood components
- Advice to a pharmaceutical company on the possible secondary impact of the EU REACH legislation on the company’s pharmaceutical products
- Data protection registrations for healthcare providers
On reputation management issues we have worked with leading crisis and brand management agencies. Our relationship with LexisNexis UK allows us to do enhanced due diligence on third parties, such as suppliers, and to use LexisNexis’ social media monitoring tools to try and get advanced notice when a story is about to break.
There are news items on healthcare-related topics including on new audit powers in healthcare in the UK here. There is a short film on some aspects of compliance in healthcare here.