Table 3.
Proposals on measures required for registry governance, informed consent, data protection and sharing
| Topic | Proposals for measures needed from stakeholders |
|---|---|
| Registry governance | Regulators and/or MAAs/MAHs to identify early in the authorisation process whether a potentially relevant registry exists and identify data elements needed, especially for post-authorisation assessments likely to be requested or imposed, and to agree on a common study protocol. |
| Regulators and MAAs/MAHs to be aware of the data elements that can feasibly be collected systematically by relevant registries and to inform registries on their data needs. | |
| Registry holders to establish a centralised data application process (with a standard template) for stakeholders to request and obtain data. | |
| Communicate to patients and the public the benefits and uses of patient registry data and the value of high levels of patient inclusion in registries. | |
| Informed consent | Registry holders to ensure clinical/treating centres confirm that registry patients have provided consent and review whether current patient consent is broad enough for possible future situations taking into account European GDPR [24]. |
| Data sharing and data protection | Registry holders to develop a policy on data analysis and sharing summary, pseudo-anonymised, and individual patient data that aligns with national regulation and European GDPR. |
GDPR General Data Protection Regulation, MAA/MAH marketing authorisation applicant/holder