|Roles||Sponsor, CRO, Sites, Principal Investigator (PI),|
Vendors (EDC, eReg, IWRS).
|Joint-Controller, Controller (Data Exporter), Processor (Data Importer), Sub-Processor, Third-Party Vendor, Contractor, Sub-Contractor, Supplier.|
|The Rules||IRB-Approved Protocol, |
Letters (PCL), IRB Approvals, Internal Activation (Laboratory, Radiology, Nursing), Quality, Internal SOP, Departmental Policies.
|Privacy Regulation (GDPR, CCPA, HIPAA), Laws, Governance.|
|Compliance||Pre-Site Selection (PSSV) / Qualification, Facility Readiness (CAP/CLIA, Lab Normal Ranges), Team Qualification (CV, CITI, HIPAA, GCP, etc.).||Accountability, Audit Readiness, Compliance with all Requirements, Training, Documentation.|
|Agreements||Clinical Trial Agreement (CTA), Business Associate Agreement (BAA), Non-Disclosure Agreement (NDA).||Data Processing Agreement (DPA), EU Standard Contractual Clauses (SCC), BAA, NDA.|
|Participants||Study Population, Disease Area, Patients, Subjects, Participants, Healthy Volunteers, Vulnerable Populations.||Categories of Data Subjects, Child Protection, Inmate Protections.|
|Eligibility||Subject Selection, Inclusion Criteria, Exclusion Criteria, Eligibility Review.||Jurisdictions, residency.|
|Obtain Consent||Verbal or Written Informed Consent Form (ICF).||Opt-In (Affirmative) Consent, Opt-Out Consent.|
|Authorized Consent||Emergency Consent Waiver, IRB Pre-Screen Waivers.||Opt-Out Consent, Lawful Basis (Contract, Legal Obligation, Public Task, Vital Interests, Legitimate Interests), Legitimate Interests Assessment (LIA).|
|Data||Data Sets, Assessments, Specimens, Vitals, Radiology, Laboratory, Pathology, EMR notes, Schedule of Events (SOE), Quality of Life (QoL), EKG, Methodology, Lab Manual.||Types of Data, Special Categories of Data, Processing Activities.|
|Data Scope||Data Management (Collection, Retention, Archival), Electronic Data Capture (EDC), Case Report Form (CRF) Design, eRegulatory.||Purpose Limitation, Data Accuracy, Third-Party Vendor,|
Sub-Processor, Written General or Specific Authorization for Sub-Processing.
|Data Transfer||Material Transfer Agreement (MTA).||Cross-Border Data Transfer Mechanism.|
|Rationale||Background, Study Rationale, Objectives, Purpose.||Lawful Basis (Consent, Contract, Legal Obligation, Public Task, Vital Interests, Legitimate Interests).|
|Rights||Withdrawal of Subject.||Data Subject Access Request (DSAR) – Access, Portability (Machine Readable Format), Erasure, Rectification, Object, Restrict Processing, Profiling, Automated Processing.|
|Safeguard Plan||Safety Management Plan, DMC/DSMB Charter, Risk Management Plan.||Data Protection Program, Technical and Organizational Security Safeguards, Integrity and Confidentiality.|
|Safety Oversight||Data Monitoring Committee (DMC), Data Safety Monitoring Board (DSMB), IRB, Central IRB, Medical Monitoring, Auditing.||Data Monitoring Committee (DMC), Data Safety Monitoring Board (DSMB), IRB, Central IRB, Medical Monitoring, Auditing.|
|Safety Reporting||SAE Reporting, IND Safety Letters, SUSAR, CAPA Protocol Violations, Ethics.||Breach Response, Incident Response Plan, Incident Identification System, Violations, Supervisory Authorities.|
|Changes||Informational Amendments, Protocol Amendment, Updated FDA/EMA Guidance, Regulation, or Requirements, Updated SOP, COVID-19 Guidance, Remote Source Data Verification (SDV).||Data Protection Impact Assessment (DPIA), Updated Regulation/Law Guidance, CCPA, Brexit UK GDPR, EU-US and Swiss-US Privacy Shield Invalidation (Schrems II).|