Legal Guidance and Research / Experts / Anila Rayani
Anila Rayani#13330

Anila Rayani

Sidley Austin
ANILA RAYANI advises international clients on a wide range of data protection, privacy, and cybersecurity matters, including in relation to the General Data Protection Regulation, e-Privacy laws, and more recently, the new EU and UK AI and cyber frameworks.

Anila has assisted clients in investigating and responding to complex cross-border cybersecurity incidents and personal data breaches, and responding to regulatory inquiries. In particular, Anila has experience working with international tech and social media clients on data protection compliance matters.

Prior to Sidley, Anila trained at another international law firm where she gained experience in the commercial, restructuring and insolvency, and insurance practices.

Practice Area

Panel

  • Contributing Author

Qualified Year

  • 2024

Experience

  • RPC LLP (2022 - 2024)

Qualifications

  • Economics B.Sc. (2017)
  • Graduate Diploma in Law (2020)
  • Law and Business M.Sc. (2021)

Education

  • University of Bristol (2017)
  • BPP University Law School (2020)
  • University of Law (2021)

1 Contributions by Anila Rayani

Clinical research data protection under UK and EU GDPR: DUAA 2025 updates, lawful bases, transparency, secondary use, data sharing, international transfers, safeguards, rights exemptions, and practical checklist
PRACTICE NOTES
Clinical research data protection under UK and EU GDPR: DUAA 2025 updates, lawful bases, transparency, secondary use, data sharing, international transfers, safeguards, rights exemptions, and practical checklist
Data—and by extension, adherence to data protection rules—sits at the heart of clinical research, whether for clinical trials, pharmacovigilance activities or wider scientific inquiry. This Practice Note examines the data protection ramifications of running clinical research. In particular, it addresses who is accountable for compliance, the lawful bases relied upon, and how transparency should be delivered in this context... Allocation of responsibility for data protection compliance in clinical research Appropriate legal grounds for processing personal data for research purposes Transparency duties owed to participants and other data subjects Collaborative research arrangements and data sharing practices Derogations from data subject rights when processing for research A practical checklist of data protection points to consider when planning research activities The GDPR regimes On 25 May 2018, the General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR) became directly applicable and enforceable across all EU Member States and the EEA (the EU plus Iceland, Norway, and Liechtenstein), including the UK at that time, replacing Directive 95/46/EC (the Data Protection Directive). On 31 January 2020, the UK left the EU and EEA and, as a result, the EU GDPR ceased to apply under UK law from the end of the Brexit implementation period...
Life Sciences
Expert page AD
If you expected to see yourself on this page, click here.