R4you company is fully compliant with data privacy regulations in the USA (HIPAA) ,the EU (Directive 95/46/EC) and Good Clinical Practice (GCP).
Good Pharmacoepidemiology Practice (GPP).
R4you’s primary mission is to increase awareness about, and facilitate participation, in clinical trials related to development of investigational drugs and therapies. Individuals entrust us with information of a personal and confidential nature, so we have adopted this Privacy Policy (“Policy”) to inform you about our practices in collecting, using and protecting such information. The Policy explains in general terms how we seek to comply with data privacy laws and regulations, including but not limited to national laws.
Information Collected and How We Use It
HPP 2 requires a health service to take reasonable steps to ensure:
*the information collected is relevant to the purpose, and not excessive and is accurate, up to date and complete, and
* collection of the information does not unreasonably intrude on the personal affairs of the individual.
7.4.1.4 Where the information is collected from a third party Health services do not have to inform an individual about information they have collected about them from a third party if: n the information was collected from a third party because it was unreasonable or impractical to collect it from the individual, and it would also be unreasonable or impractical to inform the individual about the collection n the information was collected in the process of recording a family, social or medical history, and this was necessary to provide health services to the patient n the information is collected from an authorised representative because the health service believes that the individual is incapable of understanding the nature of the information required n the information was initially collected by another agency or organisation and there are reasonable grounds to believe that the individual has already been informed of the necessary information by that other agency or organisation.
- Data protection is enabled by anonymization / de-identification, two-way encrypted data transfer, encrypted storage, and access control mechanisms.
- R4you ensures that users understand and treat their access with appropriate regard for information security.
- All critical activities are covered by Standard Operating Procedures and best practice policies.
- All R4you’s personnel are under secrecy obligation and trained in this security framework structure