Legally Trained Consultants

Compliance support for suppliers

Clinical trials and health-related research more generally often involve the collection of different categories of data, including structured (clinical and non-clinical) and non-structured data (e.g. imaging, interview recordings). In order to collect this information effectively and securely, sponsors or Clinical Research Organisations (CRO) regularly make use of systems, applications and services provided by third-party suppliers.

Organisations supplying these products or systems need to ensure that privacy by design and default are applied from the development to the deployment stages. Embedding data protection and information governance in their processes is fundamental for these organisations to offer their products and services in such a regulated market.


Our consultancy services include compliance support to commercial and non-commercial suppliers of systems, applications and services, whether based in the UK or overseas, that wish to make their products or services available to organisations undertaking research.

Our support may include:

  • supporting with Data Protection by Design and Default, ensuring that data protection is embedded in the creation of new products and services;
  • drafting Data Protection Impact Assessments (DPIA) for these products or services;
  • drafting Data Processing Agreements or, depending on the nature of the services, Data Sharing Agreements that comply with the law and best practices;
  • advising on pseudonymisation and anonymisation techniques from a data protection perspective as well as from a confidentiality standpoint;
  • advising on technical and organisational measures applicable to data transfers and data storage from a data protection perspective;
  • advising on international transfers of data and how to satisfy the corresponding requirements under data protection legislation.

As experts in the fields of information governance and data protection, we can help ensure that your products and services are designed in a manner that complies with data protection legislation and protects individuals’ privacy and confidentiality. With our vast expertise in supporting organisations in the realm of health research, we can also help you engage with client organisations and ensure that appropriate agreements are put in place.

Legally Trained Consultants

Experts in information governance and data protection

We are here to assist:

Our Services

We provide a full data protection and information governance consultancy service to all our clients who engage with us. We provide flexible packages and services to make sure that you only pay for what you need, so you aren’t paying for unnecessary services. Whatever you and your organisation need, we are here to help.

Data Protection Advice and Consultancy

Data Protection Impact Assessment (DPIA)

External Independent Reviews


Data Protection Officer Services

Fair Processing Materials

Data Protection Health Check

Assistance with Policy Development

Data Security and Protection Toolkit (DSPT)

Record of Processing Activities (ROPA) & Information Asset Registers (IAR)

Packaged Services

Other Services

Send Us A Message