07/02/24 - Draft European Code of Conduct - PRESS RELEASE

Draft European Code of Conduct


The European CRO Federation (EUCROF), announces its draft European Code of Conduct has passed a major milestone: the CNIL[1], in its plenary meeting held last January 25, has decided to submit the Code to the European Data Protection Board (EDPB).

Last 25 January 2024, the CNIL notified EUCROF "… that the draft European Code of Conduct carried by the EUCROF federation and the draft national deliberation were examined during the plenary session of the Commission held today. The members of the College authorized the referral to the European Data Protection Board (EDPB) to obtain its opinion under Article 64.1.b of the GDPR."

After verification of the required elements and the appointment of rapporteurs, the EDPB will have a period of 8 to 14 weeks to deliver his draft opinion. Once all supervisory authorities have voted on the EDPB' draft opinion, the final version of the draft national deliberation will be presented during a second plenary session of the CNIL. It is only after this adoption that the Code will be officially approved.

“This is a major milestone concluding more than 6 years of continuous efforts", says Yoanni Th. Matsakis, chairman of the EUCROF Code Task Force and member of the Executive Board of EUCROF, "Since March 2021 and the official submission of the first draft to the CNIL, many review cycles have been conducted[2], creating an amazing collaborative spirit, resulting in a high-quality document".

"This Code will greatly benefit adhering CRO organizations of all sizes. Not only it provides a first, harmonized and acknowledged across the 27 EU Member states, compliance scheme, with unique and practical tools for implementation, but it creates the conditions to foster transparency and maintain trust with patients and health professionals of all investigational sites, in a technology driven environment,” says Kate Smirnova, Vice-chairman of the EUCROF task force.

"This Code should be the 1st transnational code in the area of clinical research" says Victoria Watts, one of the key contributors to the writing of the Code. "It should reduce the burden of audits and vendor assessments in a harmonised EU landscape". Victoria will present the Code at the 7th European Conference on Clinical Research: pushing boundaries and accelerating innovation, that takes place in Prague next 19-20 February (https://conference.eucrof.eu).

The task force and EUCROF, with the support of all its members, is now focusing on establishing an independent governance for monitoring of adherence with the Code and prepare its accreditation by the CNIL.

Article 40 of Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, also known as "GDPR", "[…] encourages drawing up of code of conducts intended to contribute to the proper implementation of this Regulation, taking account of the specific features of the various processing sectors and the specific needs of micro, small and medium-sized enterprises."

Clinical research is a field with highly specific features, where a number of dedicated Regulations apply, and the vast majority (over 90%) of Service Providers for Clinical Research, also known as "CROs" – Contract Research Organizations" are micro, small, and medium-sized enterprises.


EUCROF is a not-for-profit legal entity registered in the Netherlands whose objectives are, among others, to contribute to high quality Clinical Research in humans and to promote the excellence of European Clinical Research to the public and the media, as well as on the international stage.

The members of EUCROF are national CRO associations as well as individual CROs established in one or more European countries or outside Europe, as defined in its Bylaws. Today EUCROF has more than 450 affiliated companies, in 31 countries. The list of EUCROF members, as well as EUCROF Bylaws, are public and can be freely downloaded from EUCROF's website (www.eucrof.eu).

About the EUCROF Code International Task Force

The EUCROF Code has been drafted by a dedicated international task force, established under the umbrella of the New Technologies Working Group of EUCROF. This task force has widely consulted the EUCROF affiliates, as well as representatives of other stakeholders: pharmaceutical industry, patient associations, medical devices companies, representatives of ethics committees, representatives of various academic organizations, lawyers specialised in electronic health systems, as well as experts in ISO certifications.

Chairman:         Yoanni Th. Matsakis[3], member of the EUCROF Executive Board, AFCROs - France

Co-chairman:    Kate Smirnova (DPO at PSI CRO AG) Switzerland

Members:       Victoria Watts (Vice President, Privacy and Global DPO, Premier Research – UK), Anastassia Negrouk (Chief Operating Officer, DPO, MyData-Trust – Belgium), Thierry Lepoutre (Chief Compliance Officer, Telemedicine Technologies – Belgium), Emmanuel Damigos (ISO Auditor & Consultant – Greece), Witra (Tim) Chulindra (Cue Health – USA), Ilaria Colussi (BBMRI ERIC – Austria), Natasa Spasic (Associate Director, Privacy & Data Protection, Pharm-Olam International, Germany), Arantxa Garcia (Contract Management & DPO, Sermes CRO – Spain) and the many who contributed to the work of the task force for some period of time.

More info at: www.eucrof.eu


Please send an email at This email address is being protected from spambots. You need JavaScript enabled to view it., at the attention of Yoanni Th. Matsakis & Kate Smirnova and with subject "EUCROF Code".

[1] Commission Nationale de l'Informatique et des Libertés

[2] See the flowchart in page 30 of the EDPB Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679 (Version 2.0 - 4 June 2019)

[3] CEO of Telemedicine Technologies - France