Skip to main content

Frequently Asked Questions

Let us explain!

Frequently Asked Questions
about consent management

When is consent needed?

Consent is typically needed when an organization is collecting, using or disclosing personal information. This includes situations such as collecting consent information through a.o. a website, CRM or by telephone, used for sending information and marketing materials.In addition, many data privacy laws, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), require organizations to obtain explicit consent for certain types of data processing activities.

What is a consent management platform?

A consent management platform (CMP) is a tool used to manage and obtain consent from individuals for the collection and use of their personal data. It enables companies to comply with data privacy regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). CMPs typically provide features such as the ability to manage and track consents and the ability to provide detailed information about data collection practices.

Can you manage consent?

Consent management is typically done by organizations who collect and use personal information. They can use tools such as consent management platforms (CMPs) to help obtain and manage consent from individuals, comply with data privacy regulations and provide detailed information about data collection practices. It is important that the organization has a clear understanding of their legal obligations under data privacy regulations and that they have appropriate processes in place to obtain and manage consent in compliance with those regulations.

Frequently Asked Questions
about digital pharma marketing

What kind of digital marketing strategy for pharmaceutical companies are there?

Pharmaceutical companies can use digital marketing strategies to reach and engage with healthcare professionals and patients. One key strategy is to create and maintain a strong online presence through a company website and social media channels. This can include providing detailed information about products and services, as well as educational content and resources for healthcare professionals and patients. Companies can also use digital advertising, such as pay-per-click ads and sponsored content, to reach targeted audiences and drive traffic to their website. Additionally, pharmaceutical companies can use email marketing to keep healthcare professionals and patients informed about new products, clinical trials and other relevant information.

What does digital marketing do?

Digital marketing is the use of digital channels, such as the internet, social media, email, and mobile apps, to promote products or services. The goal of digital marketing is to reach and engage with a target audience in order to drive sales or other desired actions. Digital marketing also includes analytics and tracking to measure the effectiveness of campaigns and optimize performance. It is a broad concept that encompasses various techniques and methodologies to promote a product or service through digital channels.

What about digital pharma marketing?

Digital pharma marketing refers to the use of digital channels and strategies to promote pharmaceutical products and services to healthcare professionals and patients. This can include tactics such as creating a website, developing and distributing educational content, launching email campaigns, running pay-per-click ads, using social media platforms and leveraging influencer marketing. Additionally, pharma companies may use mobile-friendly materials such as videos and infographics to appeal to healthcare professionals and patients. These strategies aim to increase brand awareness, educate on the benefits of drugs or medical devices and ultimately drive sales or prescriptions. It is a specialized field of digital marketing that focuses on the pharmaceutical industry.

What is a pharmaceutical marketing strategy?

A pharmaceutical marketing strategy is a plan that outlines how a company will promote its products and services to healthcare professionals and patients. It typically includes goals, target audiences and a mix of tactics and channels to be used to reach those audiences. The objectives of a pharmaceutical marketing strategy may include increasing brand awareness, educating healthcare professionals and patients on the benefits of a product and ultimately driving sales or prescriptions. The target audiences for a pharmaceutical marketing strategy may include healthcare professionals such as doctors, nurses and pharmacists, as well as patients, who may be prescribed the product.

Frequently Asked Questions
about consent collection

How do you collect consent?

Consent can be collected in many ways. A representative of the company can ask for consent during a visit or a meeting, an HCP can fill in a webform, consent can be obtained during a phone call, etc. Regardless of the channel used, it is important that the consent process is thorough, respectful, non-coercive and compliant with relevant regulations and standards.

Can you manage consent?

Consent management is typically done by organizations who collect and use personal information. They can use tools such as consent management platforms (CMPs) to help obtain and manage consent from individuals, comply with data privacy regulations and provide detailed information about data collection practices. It is important that the organization has a clear understanding of their legal obligations under data privacy regulations and that they have appropriate processes in place to obtain and manage consent in compliance with those regulations.

Frequently Asked Questions
about GDPR Europe

What are requirements for consent in GDPR?

Under the General Data Protection Regulation (GDPR), consent refers to any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

For consent to be valid under the GDPR, it must meet several requirements:

  • 1. Freely given: Consent must be voluntarily given and must not be obtained through coercion or deception.
  • 2. Specific: Consent must be given for a specific purpose and must cover all processing activities for which the data will be used.
  • 3. Informed: Individuals must be adequately informed about the processing of their personal data, including the purpose, the identity of the controller, and their rights.
  • 4. Unambiguous: Consent must be clear and unambiguous, and must not be hidden in long terms and conditions or other legal agreements.
  • 5. Easy opt-out: consent must be as easy withdrawn as it was obtained.

Organizations must be able to demonstrate that they have obtained valid consent from individuals, and must be able to show what information was provided to individuals at the time of obtaining consent. Consent can be withdrawn at any time, and organizations must provide a simple mechanism for individuals to withdraw their consent.

What are GDPR regulations?

The General Data Protection Regulation (GDPR) is a regulation of the European Union that sets out the rights of individuals regarding their personal data and the responsibilities of organizations that process this data. The key provisions of the GDPR include:

  • 1. The right to be informed about data collection and use.
  • 2. The right of access to personal data.
  • 3. The right to rectify inaccurate or incomplete data.
  • 4. The right to erasure in certain circumstances.
  • 5. The right to restrict processing.
  • 6. The right to data portability.
  • 7. The right to object to data processing.

Organizations that process personal data of individuals in the EU must comply with the GDPR and can face significant fines for non-compliance.

Can GDPR data be stored in the US?

In the case of the US, the European Commission has not made a determination of adequacy for the country as a whole. However, some specific frameworks, such as the EU-US Privacy Shield, provide a mechanism for companies to transfer personal data from the EU to the US in compliance with the GDPR. To participate in the Privacy Shield, companies must self-certify their compliance with the Privacy Shield framework and regularly re-certify their compliance.

Organizations can also transfer personal data to the US under the GDPR by using standard contractual clauses, which are model contract clauses that have been approved by the European Commission as providing adequate protection for personal data.

What are the rights of data subjects under GDPR?

  1. The right to be informed about data collection and use.
  2. The right of access to personal data.
  3. The right to rectify inaccurate or incomplete data.
  4. The right to erasure in certain circumstances.
  5. The right to restrict processing.
  6. The right to data portability.
  7. The right to object to data processing.

Every individual or data subject can make a request to a data controller or processor seeking access to their personal data. This right is called A Data Subject Access Request (DSAR) and it is a right granted under data protection laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Are GDPR rules changing?

There have been recent developments that suggest that changes to the GDPR are likely in the future. For example, the European Commission is currently working on a proposal for a new regulation, the ePrivacy Regulation, which would complement the GDPR and provide additional protections for the processing of electronic communications data.

Additionally, there are ongoing efforts to harmonize data protection laws across the EU and to improve the enforcement of the GDPR. These efforts may lead to changes in the interpretation and application of the GDPR by the European courts and national data protection authorities.

How does GDPR affects US companies?

US companies that offer goods or services to EU individuals or that monitor their behavior must comply with the GDPR. The GDPR sets out specific obligations for organizations that process personal data, including the requirement to have a legal basis for processing personal data, to implement appropriate technical and organizational measures to protect personal data, to provide individuals with specific information about their personal data, and to respond to individuals’ requests regarding their personal data. US companies that are subject to the GDPR must appoint a representative in the EU if they do not have a presence in the EU, and must appoint a data protection officer (DPO) if their processing activities require regular and systematic monitoring of individuals or if they process sensitive personal data on a large scale.

Other
Frequently Asked Questions

What is a SaaS platform?

Software-as-a-Service (SaaS) is a model in which software applications are delivered via the internet, as a service. OptInsight also offers a SaaS solution.

At OptInsight, users have a subscription to access our solution, making our SaaS ideal for supporting pharma companies to enable GDPR proof communication with health care professionals, through the various marketing channels.

What is an audit trail?

Audit trails are a regulatory requirement in the pharmaceutical industry, e.g. for GDPR consent. The audit trail shows on record level all the proof that is required to compliant with the rules of GDPR consent. It also helps in recovering lost data. Audit trails ensure the integrity and security of customer records.

What is opt-in ratio?

The opt-in ratio is the measurement which indicates the effectiveness of collecting & maintaining consent. Normally it is outcome of the number of consents divided by the number of customer records in your target group. Example: you have 678 opt-ins of a target group which is 1000 people. The ratio is around 68%

What are the requirements for recording consent (opt-in)?

GDPR consent accountability implies obligation to prove

  • Clear affirmative action of HCP
  • Consent is freely given by HCP
  • Specific, clear purpose of using the data
  • Unambiguous
  • Can easily be withdrawn (opt-out)

How does OptInsight takes GDPR differences into account on local level?

Each country has its local interpretations of the GDPR and other data protection codes. E.g., for promotional communication (marketing) a double opt-in is required in Germany. In other EU countries it is not required.

Our solution is easy configurable per country

What we do

Collect & enrich HCP data effortlessly and
build trusted relationships

Customer data and e-consent management platform that accelerates digital interaction

Start collecting opt-ins for digital communication with HCPs

With the number one personal data and e-consent management platform originated in pharma

Disciplines

We provide a consent management solution for you:

  • Marketing/Digital
  • Legal/Compliance
  • IT/BI

Data-Care

To enrich your customer data and expand your reach and sales

Team OptInsight

Meet your new colleagues

About OptInsight

Because we care about personal data