PSI Pharma Support America, Inc. Data Protection Policy
COLLECTION AND USE OF PERSONAL INFORMATION
Due to the global nature of PSI’s business activities, and/or because PSI has affiliates located in Europe, personal information collected by them in the European Economic Area, European Union or Switzerland may be transferred to PSI Pharma Support America Inc. and/or PSI’s customers, clients, and business partners in the United States. Processing of this information is for specific, limited, and legitimate purposes necessary to carry out and support PSI’s provision of global services. Examples of such purposes include, but are not limited to:
Personal information of healthcare professionals engaged in clinical trials is processed to be able to ensure they are qualified to conduct clinical trials, as well as to identify and contact individual investigators to ascertain their interest in participating in future clinical trials in accordance with their experience, specialty, availability, and other factors; to enable communication; and to provide technical support for use of PSI information resources. Healthcare professionals selected to conduct clinical trials may also be required to provide additional information to facilitate reimbursement for their participation in clinical trials.
Personal information of job applicants is processed to enable screening, selection, and hiring of candidates and communication with them.
Personal information of staff is processed to make staffing decisions, manage payroll and benefits, and for other human resource administration and management purposes; and to provide technical support for use of PSI information resources.
Personal information of customers, potential customers and vendors is processed for business communication purposes; to enable prompt responses to requests for information, and to provide technical support for use of PSI information resources.
Pseudonymized/key coded data of study subjects is processed in order to manage clinical trials (which may include pharmacovigilance); and to analyze the results of trials necessary for clinical drug development, when commissioned by customers.
Categories of personal information collected for the purposes described above include contact details, information on education, work experience, skills and qualifications, resume and other data provided by job applicants, employee human resource information, payroll data, statutorily required employee health information, banking data necessary to make payments to individuals, education and training records, user data, information on joint projects of the affiliates, etc. Lists of personal information that PSI processes about individuals are communicated to them via appropriate means, for instance through data use notices.
PSI generally does not collect sensitive information, which may include information relating to an individual’s racial or ethnic origin, nationality, political opinion, religious and philosophical beliefs, membership of a trade union, physical or mental health conditions, biometric or genetic data, sexual life, ideological views or activities, or information on social security measures, administrative or criminal proceedings. In cases where the collection of sensitive information is required by law (for example, statutorily required employee health information for administrative purposes), PSI will obtain such information directly from individuals with notification given as appropriate.
PSI will inform individuals of the purpose for which it collects and uses their personal information, including whether their information may be shared with a third party, and will process the information only for such purposes. Sharing personal information with PSI is voluntary, and may result from the employment relationship or other contractual obligations. However, sharing of personal information with PSI may also in some instances be required by law.
You may decline to share certain personal data with PSI, or may limit the use and disclosure of your personal information. However, doing so may limit your relationship with PSI. Inquiries about limiting the information that we process about you should be forwarded electronically to firstname.lastname@example.org.
SECURITY MEASURES TO PROTECT PERSONAL INFORMATION
PSI employs reasonable organizational, physical, administrative and technical safeguards to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration, and destruction. PSI maintains secured corporate network to store and transmit electronic personal information. Both electronic and paper-based records holding personal information are maintained in access controlled facilities.
PSI’s employees are trained about the importance of confidentiality and maintaining the privacy and security of personal information. This way, PSI strives for ensuring that all those who process and/or have access to such information as part of their regular job functions are fully aware of their individual responsibilities and of PSI corporate objectives with respect to the protection of data privacy.
DISCLOSURES AND ONWARD TRANSFER OF PERSONAL INFORMATION
Access to personal information and equipment is restricted to appropriately trained and duly authorized parties having a business need to know such information.
The personal information provided to PSI may be available to other affiliated companies within the PSI corporate group located in different countries around the world. Doing international business, PSI has its customers, clients, business partners (e.g. sponsors of clinical trials) and third party suppliers located worldwide. In addition, applicable laws may require PSI to disclose some personal information to public authorities. This means that some personal information collected and used by PSI may be transferred from the home country of the person concerned to other countries around the world, including the United States. Business partners of PSI and third-party suppliers selected by PSI are committed to protecting information shared with them by PSI.
Under some circumstances, PSI may be required to release personal information to law enforcement agencies or judicial authorities in the United States. PSI is required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement regulations.
PSI may also disclose personal information for other purposes or to other third parties when an individual has consented to or requested such disclosure.
ACCESS TO PERSONAL INFORMATION
As is your right, upon request, PSI will grant individuals reasonable access to personal information that we hold about them and will take reasonable steps to permit individuals to correct, amend, or delete inaccurate or incomplete information. Requests for accessing information that we process about you should be forwarded electronically for action or response to email@example.com.
EU-U.S. PRIVACY SHIELD AND SWISS-U.S. PRIVACY SHIELD COMPLIANCE
QUESTIONS AND CONCERNS
In compliance with the Privacy Shield Principles, we commit to resolve all complaints about your privacy and our collection or use of your personal information. All inquiries and complaints should be forwarded electronically for action or response to firstname.lastname@example.org.
Using reasonable efforts, we will promptly respond to any queries or complaints regarding the protection of personal information. We have committed to refer unresolved privacy complaints under the Privacy Shield to the panel established by the EU Data Protection Authorities or the Swiss Federal Data Protection and Information Commissioner, as applicable. Such resolution process is at no cost to the complaining individual. Under certain limited conditions, a binding arbitration option before a Privacy Shield Panel may be available to you.
NOTIFICATION AND CHANGES TO THIS POLICY