Opinion of 7 September 2009 on a notification for prior checking regarding the EudraVigilance database (Case 2008-402)
EMEA manages the EudraVigilance database whose originates from National Competent Authorities, Market Authorization Holders and sponsors of clinical trials. The purpose of the database is to evaluate suspected adverse reactions to medicinal products for human use. The EDPS considers that the processing is lawful to the extent that EMEA follows the recommendations included in the Opinion, particularly those regarding the data quality principle.
The EDPS recommended, among others, that EMEA:
Opinion on a notification for prior checking received from the Data Protection Officer of Frontex concerning the Processing of Personal Data for Risk Analysis (PeDRA) (Case 2015-0346)
Opinion of 4 June 2008 on the notification for prior checking regarding pre-employment and annual medical check-ups (Case 2007-176)
This opinion concerns the pre-employment and annual medical check-ups organized at the CPVO. The recommendations of the EDPS include the following:
Regarding data quality, the scope of data collected on the medical overview form and the information included on the certificate of fitness should be revised to comply with the principles of relevance and proportionality. As to the conservation of the data, a reasonable, definite time frame must be established by the CPVO for the conservation of each category of employee and candidate medical data held by the CPVO. On information to data subjects, clear and specific information needs to be provided to data subjects regarding all items listed under Articles 11 and 12 of the Regulation. With respect to the pre-employment medical check-up, the EDPS also recommends the additional information on anti-discrimination referred to in point 3.8.4 of the Opinion. Finally, with regard to processing data on behalf of controllers, the service contracts concluded with the CPVO Physician and the CPVO Medical Centre should be modified to address data protection aspects pursuant to Article 23 of the Regulation. Instructions should be provided to the processors to comply with the minimum data protection safeguards recommended in this Opinion.
The reform of the EU rules on data protection will support the recovering but still fragile European economy, said the European Data Protection Supervisor following the presentation of his Annual Report of activities for 2013 to the Committee on Civil Liberties, Justice and Home Affairs (LIBE) at the European Parliament.
In the course of 2012, we once again set new benchmarks in different areas of activity. In the supervision of EU institutions and bodies, when processing personal data, we interacted with more data protection officers in more institutions and bodies than ever before. In addition, we saw the effects of our new enforcement policy: most EU institutions and bodies, including many agencies, are making good progress in complying with the Data Protection Regulation, although there are still some which should increase their efforts.
In the consultation of new legislative measures, we issued a record number of opinions on a wide range of subjects. The Review of the EU legal framework for data protection was at the top of our agenda. However, the implementation of the Stockholm programme in the area of freedom, security and justice and the Digital Agenda, as well as issues in the internal market, such as financial sector reform and in public health and consumer affairs, also had an impact on data protection. We also increased our cooperation with other supervisory authorities.
You can get a paper version of this Annual Report from the EU Bookshop.