Think Global, Act Local – Lessons Learned in a Global Compliance Experience Kathy Lundberg Chief Compliance Officer Boston Scientific.

Slides:



Advertisements
Similar presentations
Tamtron Users Group April 2001 Preparing Your Laboratory for HIPAA Compliance.
Advertisements

S.O.S. eHealth Project Open eHealth initiative for a European large scale pilot of patient summary and electronic prescription Daniel Forslund, Head of.
1 st Training Seminar on Planning and Preparing for EHES at the National Level Legal and ethical issues Susanna Conti Istituto Superiore di Sanità (ISS)
Legal & Regulatory Compliance. Overview What types of information should be included? What issues or problems might there be? What benefits could be obtained?
1 The Data Protection Officer at work Experience, good practices and lessons learnt Pierre Vernhes – former DPO at the Council of the EU Workshop on Data.
HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.
And the finer details of patient privacy TCH Confidential Understanding HIPAA.
Increasing public concern about loss of privacy Broad availability of information stored and exchanged in electronic format Concerns about genetic information.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
PIPA PRESENTATION PERSONAL INFORMATION PROTECTION ACT.
EU Cross-Border Care Directive from the Primary Care perspective Results of a simulation Rita Baeten Gothenburg, 3 September 2012.
CUMC IRB Investigator Meeting November 9, 2004 Research Use of Stored Data and Tissues.
Regulatory Body MODIFIED Day 8 – Lecture 3.
Informed Consent and HIPAA Tim Noe Coordinating Center.
What if my organization conducts business across borders ? Your footnote Privacy and “Personal Information” have different meanings in different countries;
HIPAA COMPLIANCE IN YOUR PRACTICE MARIBEL VALENTIN, ESQUIRE.
From European to international standards on data protection (1/2)
GLOBAL REGULATORY STRATEGY CONSIDERATIONS SCIENTIFIC SARAH POWELL EXECUTIVE DIRECTOR, REGULATORY STRATEGIES SEPTEMBER 14-17, 2008 BOSTON, MA.
Information Security Compliance System Owner Training Richard Gadsden Information Security Office Office of the CIO – Information Services Sharon Knowles.
Safe Working Practices - Contents
Handling information 14 Standard.
Privacy Codes of Conduct as a self- regulatory approach to cope with restrictions on transborder data flow Dr. Anja Miedbrodt Exemplified with the help.
2 nd Training Seminar on Planning and Preparing for EHES at the National Level Key points regarding informed consent Susanna Conti Istituto Superiore di.
1 Freedom of Information (Scotland) Act 2002 A strategic view.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.
Transnational Studies IRB’s evaluation of a researcher’s plan for complying with local laws and customs when conducting transnational research.
DATA PROTECTION IN THE AGO Christina Beusch Deputy Attorney General WA State Attorney General’s Office.
Working with Foreign Collaborators Mary Kirker Chief Grants Management Officer National Institute of Allergy and Infectious Diseases.
Data Protection and Elected Members A Round Table Event From Bradford Council and iNetwork The Banqueting Hall, Bradford 11 th November 2013 Useful links.
Jo Anna Risk, RN, MPH, CIP Education Coordinator Wayne State University IRB.
Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.
HIPAA Vendor Readiness Siemens/HDX Audio Telecast July 24, 2002.
The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.
Copyright © Emerson Strategic Group, Inc. All Rights Reserved 1 Ninth National HIPAA Summit Auditing for Privacy Compliance: A Case Study September.
Implementing an Effective Global Anti-Bribery Program Implementing an Effective Global Anti-Bribery Program Elaine Murphy, MBA Director Health Care Compliance.
A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
UNDERSTANDING THE RULES ON ADVERTISING WITH GEORGE CHAMBERLIN & MENTOR RIA CONSULTING Compliance Training Series.
Standards of Conduct  Training today will give you talking points  You need to read through the book and get comfortable with the information  This.
National Public Health Performance Standards Local Assessment Instrument Essential Service:6 Enforce Laws and Regulations that Protect Health and Ensure.
Paul Kelly Facility Research Compliance Officer for the Ralph H. Johnson VA Medical Center.
Being part of the conversation: privacy and disability Katrine Evans 6 December 2010.
Conducting Research at Lincoln IRB/HRPP Policies, Procedures & Good Clinical Practices B Kanna MD, MPH, FACP Associate Program Director of Internal Medicine.
Personal data processed in cloud infrastructures: main legal aspects Avv. Enrico Pelino Attorney at Law at Bologna Bar, Italy Senior Associate at ICTlegalconsulting.
HETUS Pilot Group 8 Privacy procedures and ethical issues Kimberly Fisher, Centre for Time Use Research – co-ordinator External consultant Kai Ludwigs.
Policy Solutions Dónal Rice National Disability Authority, Ireland Access to the Internet for Persons with disabilities and specific needs 15 th February.
VA Central IRB K. Lynn Cates, MD Assistant Chief Research & Development Officer Office of Research & Development Department of Veterans Affairs September.
Early public participation In Decision-Making Process Nana Aghlemashvili Chief Specialist of the Legal Department.
Marianne M. Elliott Office of Research Integrity and Ethics Bureau of Medicine and Surgery U. S Navy.
Introduction to the Australian Privacy Principles & the OAIC’s regulatory approach Privacy Awareness Week 2016.
Investigations: Strategies and Recommendations (Hints and Tips) Leah Lane, CFE Director, Global Investigations, Texas Instruments, Inc.
Data protection—training materials [Name and details of speaker]
Privacy and Security Considerations in Research and Clinical Trials February 28, 2013 Joanna K. Napp, J.D., M.P.H. Chief Privacy Officer and Compliance.
Key Points for a Privacy Programme for Multinationals Steve Coope.
PATIENT & FAMILY RIGHTS AT DOHMS. Fully understand and practice all your rights. You will receive a written copy of these rights from the Reception, Registration.
Complaint Handling Medical Device Reporting May 19, 2016 Rita Harden, Director Customer Relations & Regulatory Reporting.
UNHCR‘s Policy on the Protection of Personal Data of Persons of Concern - An introduction (October 2016)
Contingent Workforce: Global Privacy Laws Overview
General Data Protection Regulations: what you really need to know
Data Protection The Current Regime
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
Bob Siegel President Privacy Ref, Inc.
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
Data Protection in a Tutorial Context
Making Your IRBs and Clinical Investigators HIPAA-Ready
Neopay Practical Guides #2 PSD2 (Should I be worried?)
Policy on Prompt Reporting
Presentation transcript:

Think Global, Act Local – Lessons Learned in a Global Compliance Experience Kathy Lundberg Chief Compliance Officer Boston Scientific

Global Code of Business Conduct

3 Respect for People – Open Communication is Key Translate materials into the local language  translated the Code into 13 different languages  toll free phone numbers for the Helpline for every major country

4 Respect for People – Open Communication is Key  Translation of “complaint” in a complaint handling training

5

6 Respect for People – Open Communication is Key  How you present information; can also have different cultural reactions

7 Respect for People – Open Communication is Key  Power of live conversations and personal relationships  Boston Scientific met with people locally or traveled to their location Live summit meetings Monthly phone calls  These live connections opened doors for Boston Scientific in terms of finding out what the local issues were, and allowed us to connect people or raise awareness of different compliance issues

8 Legal/Compliance Obligations Keep current on changing requirements  Participation in GHTF  International legal team and compliance teams are watching for new or evolving requirements and standards  Local “eyes and ears” are the compliance/quality connections within the geography

9 Legal/Compliance Obligations Separate International Customer Relationship Policy to meet the global needs

10 Legal/Compliance Obligations  BSC provides procedures and a Toolkit customized to local requirements to ensure compliance with local laws and regulations

11 Sample Toolkit

12 Legal/Compliance Obligations Sometimes conflicting expectations  Different regulators have different expectations for notification of key events SEC FDA International government authorities

13

14 Legal/Compliance Obligations  Transparency in one geography may be perceived differently in another  SEC requirements  Product Performance Report information – may be viewed differently

15 Legal/Compliance Obligations Respect all local laws and regulations…not just the medical device approval requirements For example: Privacy Radio Frequency Environmental Health and Safety

16 EU Privacy 1.Key Privacy Differences Between US and EU 2.Data governance Medical device approvals are pan-European, however, privacy, security and post-market requirements are established by each country

17 Country Specific Regulations Each country may have additional data protection regulations which need to be followed Italy Spain Germany Austria France Netherlands UK (Requirements confirmed via external legal opinion) Additional controls applied to data depend on the structure of the data controller relationship Some countries require additional controls to any data that originate in that country (e.g. Italy) Other countries deem the data controller country rules to apply

18 Latitude EU Privacy – What’s Required Policies and Procedures Contractual Clauses De-identification Data Use Sensitive Data Encryption Patient And Customer Consents Privacy Officer Website Privacy Policy Data Controller

19 A Side by Side Comparison US- HIPAAEU - 95/46/EC Protected Health Information (PHI)- identifiable health information – 18 items. PHI Can be written, electronic or oral. Data DefinitionsPersonal Data – any information relating to an identifiable natural person (referred to as the data subject)

20 Je ne suis pas encore rangé des voitures I am not giving up my wild lifestyle yet. (literally: I am not yet parked away from the cars) IEEE Security and Privacy Magazine

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.