Exco InTouch first to comply with HIPAA, Safe Harbor and EU data
15 October 2014
Exco InTouch has announced that it has become the first
clinical research solutions provider to comply with the Safe Harbor,
EU Data Protection and HIPAA (Health Insurance Portability and
Accountability Act) regulations governing security and data privacy
The company says it is the only electronic clinical outcomes
assessment (eCOA) and electronic patient reported outcomes (ePRO)
provider with the capability to physically separate personally
identifiable information (PII) needed to comply with data privacy
and security regulations. Exco InTouch’s mDNA proprietary technology
segregates PII, enabling data to be handled in compliance with all
the above regulations.
Complying with data privacy and security regulations is essential
for delivery of a BYOD (Bring Your Own Device) approach, whether it
is being applied to eCOA data capture, or by programs designed to
engage patients in a clinical trial or health regimen.
Due to multiple, complex and varying regulations across
geographic territories, full compliance with HIPAA, Safe Harbor and
EU Data Protection requirements is central to safeguarding data
privacy in clinical and commercial health services. This provides
confidence for patients that their data will be safe, which, reduces
a major barrier to enrollment in multi country programs.
Tim Davis, CEO and founder of Exco InTouch commented: “The
strategy to use patients’ own devices has been one of our core
principles ever since the company was founded. Indeed, this has
enabled us to design safeguards for data privacy and security into
the heart of our technology to ensure that the highest standards of
data security and safety are provided.”
The advent of global clinical studies has meant that sponsors
need to consider the legislation that vendors are expected to adhere
to in order to provide the level of confidence to all stakeholders.
Therefore sponsors should ensure that the vendors they contract with
abide by the respective legislation that governs their main place of
business, ie Safe Harbor if contracting with a US legal entity and
expecting to collect EU patient data, and EU Data Protection if the
vendor is based within the EU member states and collecting EU member
states’ patient data.
Dale Jessop, CTO at Exco InTouch commented: “Protecting patients
and their data has always been of primary importance to Exco InTouch.
Consequently, we keep up to date with technological advances across
many industries to aid product innovation and data protection and
security is a key component of that – it doesn’t impede innovation.
Quite the reverse, we see it as a highly important component to our