Difference between revisions of "User:Louis"
(No difference)
|
Latest revision as of 13:27, 22 June 2021
Dear Louis, We are responding to your request dated 9 June 2021. We need additional information from you in order to complete your request for access to any data we hold about you. We would appreciate if you can specify the information or processing activities to which your request relates : For example, can you please provide any information that you have about the nature of the communications you have received from our company and, if you are a healthcare professional, any information that you have about your specialty(ies) and/or a place of work. This will allow us to evaluate (1) whether we have enough information from you to process your request under applicable law, (2) whether we have any information about you in our possession, and (3) whether you have provided sufficient information both to identify you in our data (if any) and to authenticate you as the requestor of this information. If your request concerns the processing of your data communicated by pharmacies, in this case, please find below the answers to your questions: This processing was authorised by the CNIL. It is carried out within the framework of a public interest project conducted by IQVIA, to allow studies to be carried out on the proper use of medicines. The CNIL has reminded on its website that in this field, it is common for medical care data or medicines consumption data to be used by researchers for medical research. Your access request to your personal data: Pursuant to the provisions of the GDPR, you do have a right of access to your personal data. As indicated by the CNIL in its authorisation (deliberation 2018-289 of 12 July 2018), the pharmacists are in charge of enabling the exercise of rights. Indeed, we are not able to identify you or to determine the data concerning you individually given the high level of pseudonymisation measures which were put in place in accordance with the CNIL’s requirements. Therefore, we are neither able to re-identify you nor to link your data to the pharmacy which collected your data. We cannot know either whether your usual pharmacy, or the ones you go to, are participating in the project. Maybe you are not in our database. For this reason, the CNIL indicated in its authorisation that the right of access to data must be exercised with the pharmacies, which are the only ones able to identify you. Therefore, we invite you to exercise your right of access with your usual pharmacist who will be able to tell you if he/she is participating in the project and if so, to provide you with the data concerning you that he/she has collected in the framework of the project. You can also exercise this right with any pharmacy participating in the project, so that it can provide you with the data concerning you in accordance with the provisions of the GDPR and the authorization of the CNIL. The exercise of your right to data portability of your personal data: Pursuant to article 20 of the GDPR, the right to data portability can only be exercised if the processing operations are based on your consent or on the performance of a contract. However in this case and in accordance with the deliberation of the CNIL (2018-289 of July 12, 2018), the processing is based on the legitimate interests pursued by IQVIA pursuant to article 6-1- f of the GDPR. Therefore, concerning this processing, in compliance with the GDPR, the right to data portability does not apply. Please find below the information you asked us about the identity of controllers, processors, source of data and data transfers Controller : The controller is the company IQVIA Operations France (IQVIA), 17 bis, place des Reflets – Tour D2 TSA 64567, 92099 La Défense Cedex. There is no joint controller. Source of data : The data are communicated to IQVIA by the dispensing pharmacists after pseudonymisation following several successive encryption phases. In compliance with the authorisation from the CNIL, the pseudonymised data are accessible to authorised staff of IQVIA and to its processing companies, and to scientific partners, such as INSERM to carry out study projects subject to formalities with the CNIL. IQVIA’s clients, mainly health industry companies and public authorities are also recipients but do not have access to individual data on pharmacy customers. Hosting and transfers of personal data: We host the data in our data centres located in France. Your request on legal basis and purposes: In compliance with the deliberation of the CNIL (2018-289 du 12 juillet 2018), IQVIA carries out, on the basis of its legitimate interests, a processing the purpose of which is the creation of a health data warehouse for conducting non-interventional studies aimed at evaluating the proper use of medicines in real life, scientific and statistical analysis of phenomena related to persistence, compliance with prescriptions and contraindications. The CNIL considered that the creation of the data warehouse issued from dispensing pharmacists for the purposes of research, study or evaluation in the field of health, is of public interest. Your request on automated decision-making: Please note that we do not proceed to any automated individual decision-making on the basis of your personal data. Your request on data retention period: In compliance with the authorisation from the CNIL, the data retention period is ten years. Sincerely, Barbara Bressolles EU Data Protection Officer
Learn more about IQVIA Email: EU.DPO@iqvia.com www.iqvia.com
Afficher la suite de Mr Louis Poncet
________________________________________
IMPORTANT - PLEASE READ: This electronic message, including its attachments, is CONFIDENTIAL and may contain PROPRIETARY or LEGALLY PRIVILEGED or PROTECTED information and is intended for the authorized recipient of the sender. If you are not the intended recipient, you are hereby notified that any use, disclosure, copying, or distribution of this message or any of the information included in it is unauthorized and strictly prohibited. If you have received this message in error, please immediately notify the sender by reply e-mail and permanently delete this message and its attachments, along with any copies thereof, from all locations received (e.g., computer, mobile device, etc.). To the extent permitted by law, we may monitor electronic communications for the purposes of ensuring compliance with our legal and regulatory obligations and internal policies. We may also collect email traffic headers for analyzing patterns of network traffic and managing client relationships. For further information see our privacy-policy. Thank you.