The Agency published Guidelines on Protection of Personal Data in Pharmacovigilance Activities (“Guidelines”) on 1 August 2019.
The Guidelines state that no explicit consent is required for the processing of patient data reported by the adverse effect notification, regardless of whether the person making the adverse effect notification is a patient, healthcare professional or relative. Additionally, pursuant to the Guidelines, the persons under the confidentiality obligation stated in Article 6 of the Data Protection Law no. 6698 (“Data Protection Law”) shall process adverse effect data without explicit consent for protection of public health and preventive medicine.
According to Article 6 of the Data Protection Law published in 2016, personal data related to health or sexual data can only be processed by persons under an obligation of confidentiality, or by authorised institutions and establishments, for the purposes of protection of public health, protective medicine, medical diagnosis, and treatment and care services.
The Guidelines does not refer to any consultation made with the Turkish Institution of Protection of Personal Data for the preparation of the Guidelines and therefore the Guidelines’ interpretation of Article 6 of the Data Protection Law has not been confirmed by Institution of Protection of Personal Data yet.
Even though the Guidelines entered into force as of its publication, the pharmaceutical industry awaits guidance from the Turkish Institution of Protection of Personal Data as to whether pharma companies can be defined as persons under an obligation of confidentiality as this obligation shall be explicitly stated in a Law and cannot be introduced with a Guidelines.
Source: The Guidelines on Protection of Personal Data in Pharmacovigilance Activities (Turkish language).