Clinical research data protection under UK and EU GDPR: DUAA 2025 updates, lawful bases, transparency, secondary use, data sharing, international transfers, safeguards, rights exemptions, and practical checklist

FRANCESCA BLYTHE advises international clients on a wide range of data protection, privacy, cybersecurity, and emerging technology issues. She has in-depth experience across multiple industries, including asset management and private equity, payments, technology, retail, e-commerce, and manufacturing. Francesca has a particular focus on life sciences, where she advises on a broad range of issues in relation to clinical studies/investigations, secondary research, digital health, and use of novel technologies (including artificial intelligence). Francesca co-leads Sidley’s benchmarking group for in-house data privacy professionals (dplegal) in the life sciences sector.Francesca was previously in-house counsel at the largest international health and beauty retailer in Asia and Europe. While there, she regularly gave advice on compliance and strategies relating to data protection laws and assisted in the planning and delivery of a global privacy compliance project....

WILLIAM LONG is global co-chair of Sidley’s highly ranked Privacy and Cybersecurity practice and heads the EU Data Protection group. He is also a member of the firm’s top-ranked Crisis Management and Strategic Response team, and he serves on the Steering Committee of the firm’s AI Working Group. William advises international clients on a wide variety of AI, GDPR, cyber incident, data protection, privacy, information security, social media, e-commerce, and other regulatory matters.William has been a member of the European Advisory Board of the International Association of Privacy Professionals (IAPP) and on the DataGuidance panel of data protection lawyers. He is also on the editorial board of e-Health Law & Policy and also assists with dplegal (“data privacy” legal), a networking group of in-house lawyers in life sciences companies examining international data protection issues. William was previously in-house counsel to one of the world’s...

ZINA CHATZIDIMITRIADOU advises life sciences and medtech clients on all aspects of product lifecycle management under UK and EU law. A former scientist, having worked in molecular biology research, Zina brings with her the ability to effectively understand the science. She has a particular focus on advising and speaking on regulatory protections and IP rights, cell and gene therapies, market access, digital health, and artificial intelligence.Zina’s practice covers the pharmaceutical, medical device, medtech, biotechnology, food, cosmetics, and novel products (such as cannabidiol or CBD) industries on both advisory and contentious matters. Zina also co-leads the industry benchmarking group, ctlegal, for clinical trials in the pharmaceutical industry....

Eleanor Dodding advises international clients on a wide range of data protection, privacy, and cybersecurity matters, including advising on compliance with both the EU and UK General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and ePrivacy legislative frameworks, such as the EU ePrivacy Directive and the UK Privacy and Electronic Communications Regulations (PECR), alongside new EU and UK AI, digital data, and cyber laws.She advises clients in a range of industries, with a particular focus on those in the life sciences, asset management and private equity, insurance, retail, payments, and technology sectors....

ANILA RAYANI advises international clients on a wide range of data protection, privacy, and cybersecurity matters, including in relation to the General Data Protection Regulation, e-Privacy laws, and more recently, the new EU and UK AI and cyber frameworks.Anila has assisted clients in investigating and responding to complex cross-border cybersecurity incidents and personal data breaches, and responding to regulatory inquiries. In particular, Anila has experience working with international tech and social media clients on data protection compliance matters.Prior to Sidley, Anila trained at another international law firm where she gained experience in the commercial, restructuring and insolvency, and insurance practices....