Nov 14, 2022

Key regulations for GCP vendors

Sample of key regulations that may apply to GCP vendors for your clinical trial

At August 2022

Here is an example of some of the major or more recent regulations that apply to many clinical trials. You can use this list as a basis for your own compliance checklist. The easiest way is to use Diligent because we have RFIs that comply with all legislation across the globe.


  • ICH E6(R2): Integrated Addendum to ICH E6(R1): Guideline for Good Clinical Practice E6 (R2); 9 November 2016
  • Annex IV To Guidance for the Conduct of Good Clinical Practice Inspections: Sponsor and CRO; version 28May2008
  • MHRA GCPG= Medicines and Healthcare products Regulatory Agency Good Clinical Practice Guide; 2012
  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)
  • FDA 21 CFR Part 11, GxP Software Validation, Compliance, Controls and Electronic Signature
  • US GAAP= Generally Accepted Accounting Principles (GAAP) by the US Financial Accounting Standards Board (US FASB)- guidelines for preparation of financial statements
    International Financial Reporting Standards (IFRS) by the International Accounting Standards Board (IASB)
  • US Department of Health and Human Services Office of Inspector General; Corporate Integrity Agreement
  • US NPPTP- US National Physician Payment Transparency Program (NPPTP) of the Centers for Medicare and Medicaid Services (CMS)
  • US PPSA- US Patient Protection and Affordable Health Care Act (H.R. 3590) March 2010-Physician Payment Sunshine Act (section 6002) (PPSA)
  • EFPIA Code=The European Federation of Pharmaceutical Industries and Associations (EFPIA) Code of Conduct
  • OECD Organization for Economic and Cooperative Development- Anti-Bribery Convention: OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions
  • US HIPAA- Health Insurance Portability and Accountability Act- US health plans and health Providers regulations
  • Japan Personal Information Protection Commission; Act on the Protection of Personal Information (02-Dec-2016; effective 30-May-2017)
  • US Privacy Act; 1974; Title 5, § 552a
  • FDA COVID-19 Pandemic; FDA Guidance on Conduct of Clinical Trials of Medical Products during COVID-19 Pandemic; March 2020
  • ISO/IEC 27002:2005 14.1.2, 14.1.3, 14.1.4 Business Continuity and Risk Assessment, Developing and Implementing Continuity Plans Including Information Security, Business Continuity Planning and Framework
  • ISO14155= British Standards, European Committee for Standardization, International Organization for Standardization BS EN ISO1455:2011 “Clinical investigation of medical devices for human subjects — Good clinical practice”
  • US FDA 21CFR Part 312 Drugs for Human Use-Investigational New Drug Application
  • MHRA Data Integrity Guidance and Definitions, 01 March 2018
  • US Civil Rights Act-1964 Title VII
  • US Americans with Disabilities Act Title I and V-1990
  • US Genetic Information Nondiscrimination Act Title II-2008
  • European Forum for Good Clinical Practice; Guideline for Auditing Clinical Laboratories; 2005
  • US FDA 21CFR Part 58 Good Laboratory Practice for Nonclinical Laboratory Studies;
  • US 21CFR Part 1300= US 21CFR Part 1300 to End
  • US 21CFR 320.31(d)(3)= US 21CFR Part 320.31
  • China Human Genetic Resources Administration Office (CHGRAO) regulations (2019 Human Genetic Resources Regulations)

Free Template

Download our free RFI Template of vendor qualification questions

  • Top 20 question categories
  • Example questions