IBSA’s experience of compliance and the GDPR. New correlations between partnership, trust and innovation.16 September 2020
Conversation with Katia Signorini, Senior Legal Affairs & Privacy Manager
Some innovations change everything, even if they appear simple at first glance.
A systematic process naturally present in the development of pharmaceutical products, but which also occurs in many less tangible aspects of a company’s life.
At IBSA, for example, the legal department, which many think mainly has to do with traditional activities, is increasingly involved in various business transformation processes. These processes are often of a digital nature, in which privacy and compliance must be combined with technological innovation, all with the focused aim of making them more efficient and unassailable at various levels of complexity.
We talk about the importance of this collaboration with Katia Signorini, Senior Legal Affairs & Privacy Manager at IBSA.
“I joined IBSA’s Legal Affairs department, led by Elisabetta Racca, back in 2018. Today, I’m increasingly involved in various interdisciplinary projects across the company, linked to meeting specific internal requirements. This participation is making legal affairs more visible and strategic in stakeholder relations and in managing aspects of the business itself. The role of the Legal Affairs department today responds to a specific requirement for corporate development in the field of privacy and compliance in relation to technological innovation. IBSA is currently working on a huge digital transformation process, which can be made smoother by an ever more solid and active collaboration between the IT and Legal departments. A relationship that represents a new strength for specific projects.”
How important are process innovation and collaboration between different departments in achieving common business goals?
I’d say that these aspects are fundamentally important as they allow greater efficiency and contribute to successfully achieving goals. They also represent something extremely rewarding for those who take part in the training process: an awareness of feeling involved in a company project acts as a stimulus to work together.
One example of this is our supplier portal, a tool created by the Supply Chain department to assess IBSA Group suppliers. The legal department contributed to this tool by monitoring the correct application of compliance procedures (compliance with ethical principles, anti-corruption guidelines and the organisational model).
To what extent can the work of legal affairs, in ensuring regulatory compliance and application of a set of principles, impact on the development of new technologies, not only in terms of compliance but also in terms of end-user confidence?
In the vast majority of cases, the introduction of new regulations requires the application of more complex processes, and these are taking place more and more quickly. All this can only be achieved through the use of information technology. The degree of security offered by such technology, if properly designed, is more reliable and performs better than traditional manual operation. Hence greater security and more confidence on the part of end users.
In your opinion, what level of awareness do people have about the value of their data and data transfer for the use of applications and services? How much of this can be determined by the communication work (in terms of clarity, for example) done by a pharmaceutical company on the matter?
The level of awareness is still low. There’s a lot of talk about privacy, but sometimes there’s a sensation that the protection of personal data (privacy) is being confused with the confidentiality of personal data. Greater effort is needed, in all areas and not just in the pharmaceutical sector, to foster that awareness and knowledge, which are still in their infancy.
GDPR and privacy: how can the legal department act as a springboard towards the new opportunities offered by digital transformation?
The Legal Department is involved in every aspect of this topic. Training activities for company staff on GDPR and privacy in particular may offer an opportunity to increase the level of awareness, not just in the professional sphere, but also in the private sphere.
How might the concept of privacy change with the COVID-19 pandemic and the perception of the value of data in relation to the use of specific technologies?
Some people, who don’t have in-depth knowledge of the concept of privacy or who have prejudices brought about by popular belief, might perceive the introduction of new or specific technologies with suspicion, thus jeopardising their reach.
Promoting knowledge of legal aspects, as well as regulatory aspects, can really make a difference to ensuring that these aspects don’t become limits to innovation, but rather opportunities to be seized.