Summary

This month, we dive into the most critical developments shaping data protection, AI, and innovation in life sciences. From the CNIL’s new guidance on compassionate use frameworks and the extension of the UK’s data adequacy status, to the EDPB’s latest training on building secure AI systems—our regulatory spotlight keeps you up to date on what matters most. We also unpack how federated learning is transforming privacy in AI, the emergence of medical digital twins in clinical practice, and breakthrough advances from ASCO 2025 pointing to a future of precision, AI-driven cancer care.

­­

Regulations & Guidelines

­­

Compassionate Prescription Framework and its CNIL Formalities

­The Compassionate Prescription Framework (CPC) allows off-label use of medications in France and requires prior CNIL authorization for patient data processing when initiated after November 11, 2022. New guidelines from the CNIL clarify the applicable procedures, emphasizing that for CPCs launched before this date, no new formalities are required if previous compliance (under AU-041) is documented and unchanged, while newer CPCs must follow a formal authorization process with detailed documentation and safeguards.

­ Click to read more­

Fundamentals of Secure AI Systems with Personal Data - EDPB

­The Fundamentals of Secure AI Systems with Personal Data training, developed by Dr. Enrico Glerean and updated in April 2025, is designed for cybersecurity professionals, AI developers, and system deployers. It focuses on building technical skills for designing and managing AI systems securely, while aligning with data protection, privacy, and AI ethics principles. Initiated by the EDPB under the SPE programme, the training covers the full AI lifecycle, emphasizing privacy-preserving practices and responsible system development.

­ Click to read more­

EU Extends UK Data Adequacy Status Until December 2025

 The European Commission has extended the validity of its data adequacy decisions with the United Kingdom by six months, allowing continued free flow of personal data until 27 December 2025. This extension gives the Commission time to assess the UK’s newly adopted Data Bill and determine whether it maintains an adequate level of data protection. Until then, the existing UK safeguards deemed sufficient in 2021 remain in force for EU data transfers.

­ Click to read more­

Understanding AI & Medical Device Regulations: First FAQs Released

­A new FAQ document has been published to clarify how the EU Artificial Intelligence Act (AIA) applies alongside the MDR and IVDR for medical device manufacturers. It provides early guidance for manufacturers, notified bodies, and regulators on roles and terminology—such as distinguishing “deployers” under AIA from “users” under MDR/IVDR. This living document will be continuously updated to support compliance and smooth implementation across sectors.

­ Click to read more­

Decentralized AI for a Safer - Spanish AEPD

­The EDPS and AEPD's joint report highlights federated learning as a privacy-enhancing technology for AI, allowing decentralized training on local devices to protect personal data. Use cases include healthcare, speech recognition, and autonomous transport, while addressing challenges like data leakage and bias mitigation.

­ Click to read more­

EU Clarifies App Platform Roles for Medical Device Software Distribution

­The new MDCG 2025-4 guidance defines how online platforms hosting Medical Device Software (MDSW) apps must comply with EU regulations. It explains when platforms act as intermediaries under the Digital Services Act (DSA) or as distributors/importers under MDR/IVDR, each role carrying distinct responsibilities. Key obligations include ensuring transparency, facilitating access to device information and legal documents, and supporting regulatory cooperation.

­ Click to read more ­

UK Parliament advances Data (Use and Access) Bill, awaits Royal Assent

­The UK Parliament has passed the Data (Use and Access) Bill, which reforms the UK GDPR and Privacy and Electronic Communications Regulations. After debates between the House of Commons and Lords regarding AI and copyright transparency, a compromise was reached requiring the Secretary of State to draft legislation on transparency for copyright owners regarding AI model inputs.

­ Click to read more­

AI & Techbio

MIT scientists’ AI model one-ups AlphaFold 3, takes on ‘fundamental issue’ in drug R&D

­A team of young MIT scientists has introduced Boltz-2, a new AI model that not only predicts protein structures like AlphaFold 3 but also estimates binding affinity—a crucial factor in drug discovery that existing AI methods have struggled to accurately model. By combining traditional structural data with synthetic and molecular dynamics data, Boltz-2 achieves a predictive correlation of 0.65, outperforming previous models and costing 1,000 times less than standard physics-based simulations like FEP. While still short of experimental accuracy, Boltz-2 is already being applied to hit identification and reverse screening, potentially accelerating early-stage drug discovery.

­ Click to read more­

Medical Digital Twins: Bridging AI, Data, and Clinical Practice

­A new Health Policy paper explores the emerging concept of medical digital twins—dynamic virtual models of patients powered by real-time data and advanced simulation. It defines five core components (patient, data connection, patient-in-silico, interface, and synchronization) and highlights how AI, multimodal data, and mechanistic modelling can together accelerate clinical applications in areas like oncology and diabetes. The paper also underscores how digital twins could enhance large language model performance in medicine, offering a transformative tool for personalized care.

­ Click to read more­

Biotech, Healthtech and Healthcare 

ASCO 2025: The Future of Cancer Care Is Personalized and Precise

­At ASCO 2025, a major shift toward precision oncology was evident, driven by breakthroughs in immunotherapies, antibody-drug conjugates (ADCs), and cell-based treatments. Keytruda, Imfinzi, and novel candidates like Versamune HPV and EO4010 showed strong survival benefits, particularly in early-stage cancers. Cutting-edge advances in CAR-T therapies, personalized cancer vaccines, radiopharmaceuticals, and AI-powered digital trials are redefining how cancer is treated—more targeted, effective, and patient-centric than ever before.

­ Click to read more­

Podcasts 

  • What happens if AI gets smarter than we are?
  • Advancing Breast Cancer Screening - ScreenPoint Medical 

Seamus Larroque

CDPO / CPIM / ISO 27005 Certified

Home

Discover our latest newsletter

View All Newsletters
Jul 2025
Regulations & Guidelines
AI
Biotech & Healthtech
Podcasts

Newsletter #27

This edition unpacks the latest regulatory shifts, including UK data adequacy, secure AI training, and the EU’s evolving stance on medical software platforms.

Jun 2025
AI
Biotech & Healthtech
Data Breach & Cybersecurity
Data Privacy Enforcement
Regulations & Guidelines

Newsletter #26

This month’s highlights span AI in health, new U.S. and EU privacy rules, and evolving data and cybersecurity regulations.

May 2025
AI
Biotech & Healthtech
Clinical Trials
Data Breach & Cybersecurity
Clinical Trial Information System

Newsletter #25

This month, we cover how regulatory shifts, AI advancements, and major initiatives like Bridge2AI-Voice, India’s Genome Project, and the EU Cybersecurity Action Plan are driving transformation across healthcare, data protection, and precision medicine.