Effective January 7, 2016
MetrumRG, a US-based contract research organization, recognizes that when we handle information about any individual, we must do so responsibly, with regard to individual privacy, and complying with laws on data privacy and confidentiality. This Policy describes the main types of personal information we may occasionally handle and process within our global organization, how that information is used and disclosed, and our commitments to the Sponsors whose information we handle.
MetrumRG seeks to comply with data privacy laws and regulations, including but not limited to national laws implementing the Data Protection Directive 95/46/EC (“directive”) within the European Union, the Health Insurance Portability and Accountability Act (HIPAA) and state security breach laws in the United States, data protection legislation adopted by increasing numbers of other jurisdictions globally, and the privacy and confidentiality requirements of ICH Good Clinical Practice (GCP).
Clinical and Medical Information
As a global contract research organization, MetrumRG performs quantitative studies on Sponsor-provided de-identified clinical study data (no full or family names, social security numbers, domicile). Should a MetrumRG Sponsor unknowingly provide MetrumRG data containing personally identifiable information, it will be returned promptly to the Sponsor, according to the Sponsor’s instructions, and in compliance with global standards for the transfer of such data. MetrumRG considers that the Sponsor providing data to MetrumRG is the controller of that data and is ultimately in control of how and why such provided data is processed by MetrumRG.
MetrumRG does not encounter, handle, archive, or transfer raw clinical study data by itself or on behalf of its Sponsors.
Human Resource Data
MetrumRG collects personal information from applicants for employment opportunities at the company, including contact details, educational details, and professional experience, as part of the employment screening process. MetrumRG performs criminal background and professional disbarment checks on applicants who have been formally offered employment positions at the company. At the time of employment, MetrumRG utilizes the services of an established PEO for the collection and management of information on staff for human resource, benefits, payroll and tax purposes. As a co-employer with the PEO, MetrumRG shares visibility to the PEO-collected data.
MetrumRG collects named information about visitors to our company website where this is voluntarily provided to meet a request from those individuals, for example where a Sponsor contact requests information on a company service, or an individual seeking employment. Through the use of cookie-based technologies, MetrumRG may collect data used for various purposes, including site analytics (e.g., Google Analytics). Website visitors have control of their browser settings and can choose their desired level of cookie management (accept, reject, alert, etc.).
The MetrumRG website may contain links to websites other than MetrumRG. This Policy does not apply to non-MetrumRG linked websites. Website visitors are subject to the privacy policies of the respective linked websites.
International Transfers of Personal Information
MetrumRG recognizes that many countries have regulations restricting the transfer of personal information across international borders and will do so following the requests and the instructions of Sponsors, and consistent with recognized global privacy standards. Where privacy risks are very low, for example with respect to the sharing of de-identified clinical study data, MetrumRG may rely on written instructions from Sponsors for the transfer of their information to regions with less strong data privacy safeguards.
MetrumRG maintains technical and administrative security measures that attempt to seek to protect personal information, particularly Sponsor-provided de-identified clinical data, against unauthorized access or loss. A breach of personal information will be investigated and escalated, including making notifications to Sponsors and governmental authorities as appropriate.
All communications, queries, requests to exercise informational rights (e.g., access to data) or complaints, including those that relate to compliance global standards, should be addressed to: Privacy, Metrum Research Group, 2 Tunxis Road, Suite 112, Tariffville, CT, 06081, USA; or emailed to: firstname.lastname@example.org.
Legal Status of Policy and Policy Changes