The Parenteral Drug Association, doing business as PDA, is a global association with its main office located at 4350 East West Highway, Suite 600, Bethesda, MD 20814, USA. As an association, PDA collects and processes several categories of protected personal data from our members and customers, as defined by the European Union’s General Data Protection Regulation (GDPR) passed on May 25, 2018.
PDA has created the following data sharing guidelines and responsibilities for PDA Chapters to ensure that they are in alignment with PDA’s commitment to secure its’ customers’ personal information.
PDA will share the following personal information for our members, non-members, and customers (a.k.a. Data Subjects), with the respective President and President-elect of each chapter. The Presidents and Presidents-elect will accept the responsibility of distributing this data judiciously for the purpose for which it is collected to share necessary pertinent with its assigned constituents:
The personal information that will be shared is limited to FirstName, LastName, Company, Title, Email Address, City, State, and Country. Also, PDA has agreed to share additional data to include Member ID, Join Date, Dues paid Thru (membership expiration) Date, Member Type, and GDPR Consent Status.
Record of this data will be stored on the PDA Association Management System (AMS), and shared in relevant format using approved encrypted and password protected platforms such as HighRoad Solutions, Outlook/Microsoft365, or DropBox.
- PDA and its chapters are required to use encryption to send communications that contain personal information protected under GDPR, i.e., member lists (containing the identified personal information) or registration reports
- PDA and its chapters must abide by the instructions provided in this document
- Once any list is received, it must be used solely for the designated purpose
- Once a list is used, it must be deleted from the user’s email server and computer
- Lists, Worksheets or Reports, if printed, must be shredded/destroyed after use
- Provided lists may not be forwarded to any third-party for any purpose, in accordance with PDA’s longstanding commitment not to rent or share the contact information of our members and customers with outside groups
- All uses of the lists provided must respect the explicit consent on file for each member referenced
- Any deviation from the permitted usage must receive written approval from PDA
- PDA Chapters must inquire of members current consent by contacting the membership department before communicating to its contacts from the PDA database
- PDA Chapters should periodically check DropBox for the most current list and consent statements or send a written request for additional updates. Chapters using HighRoad Solutions have automatic access to contacts refreshed every 24 hours.
- PDA Chapters should report any consent changes received from its assigned chapter data subjects to the PDA Corp Headquarters to update Aptify AMS
- Required documentation includes: copies of the original communications consent change request via email, fax, or postal mail
- These communications must be sent to PDA via encrypted email or shared via DropBox for storage in Aptify AMS
- All subsidiary systems must be updated to honor the member consent request
- PDA Chapters must honor the Explicit Consent of data subjects, as referenced on all member and attendee lists.
- Explicit Opt-In: means the member has given CONSENT to be contacted with promotional and marketing material
- Explicit Opt-Out: means the member has NOT given CONSENT to be contacted with promotional and marketing material
- PDA Chapters should refrain from saving/storing lists on a personal/work computer, laptop or flash drive
- PDA Chapters should refrain from forwarding the provided Member list to a Third Party for sale, rent or barter without the expressed consent from PDA or its members
- PDA Chapters are required to destroy all printed versions of the member list immediately upon the completion of the task needed