M3 USA Is Awarded EU-US Privacy Shield Certification by the US Department of Commerce

Share Article

The certification was designed to replace the invalidated Safe Harbor Agreement

EU-US Privacy Shield Certified

EU-US Privacy Shield Certified

This certification establishes our legal compliance with EU data protection requirements and demonstrates our continuous improvement initiative, adding to our recent ISO/IEC 27001 certification

On August 12, M3 USA was awarded the EU-US Privacy Shield Certification by the US Department of Commerce, the first award of its type. The certification replaces the Safe Harbor Agreement, with which M3 was already compliant. This new data protection framework between the US and EU was adopted by the European Commission on July 12, 2016, and is designed to better protect the transfer of EU citizens’ ‘Personally Identifiable Data’ (PII) between the EU and US. Due to the enhanced security now in place, clients can only work directly with M3 to access its ISO26362 certified global panel. For the first time, M3 are now issuing a compliance certificate for each project completed, in an industry-first, giving its clients unparalleled confidence in their research.

“Our organization is committed to protecting our users’ information. This certification establishes our legal compliance with EU data protection requirements and demonstrates our continuous improvement initiative, adding to our recent ISO/IEC 27001 certification,” said Craig Overpeck, Chief Technology Officer of M3 USA. “Our clients have come to rely on M3 and our processes and procedures to keep their research compliant in the face of rapidly changing data protection and security standards around the world.”

The redesigned Privacy Shield framework includes more robust and enforceable controls that require participating companies to provide transparency on their collection, use, and processing of personal data. It also requires strong US government oversight, and mandates increased cooperation with EU Data Protection Authorities (DPAs). US-based companies can now effectively comply with the European Union’s data protection requirements which assures legal certainty for certified organizations and provides an adequate level of protection for EU citizens’ personal data.

M3 USA has been an early adopter, and confirmed advocate of the new required principles and has taken every step to ensure that the clients’ data and EU citizens’ data are both fully protected. Committed to best practices at all times, the organization remained EU Safe Harbor compliant, has model clauses in place to cover data transfers between the EU and the US, is registered with the UK DPA, and has used a 3rd party privacy monitor (TRUSTe) since 2012.

About M3 Inc.
M3 Inc. operates in the US, Asia, and Europe with over 3.5 million physician members globally via its physician portals including mdlinx.com, m3.com, research.m3.com, Doctors.net.uk, medigate.net, M3 Medical and medlive.cn. M3 Inc. is a publicly traded company on the Tokyo Stock Exchange (TYO:2413) with subsidiaries in major markets including USA, UK, Japan, S. Korea, and China. M3 Inc. provides services to healthcare and the life science industry. In addition to market research, these services include medical education, ethical drug promotion, clinical development, job recruitment, and clinic appointment services. M3 has offices in Tokyo, Washington D.C., Fort Washington, PA, Oxford, London, Beijing, and Seoul.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Donna Lambertucci
M3 USA Corporation
+1 (202) 293-2288 Ext: 207
Email >
Visit website