Logo Inveo Certification

Select your language

Process and system requirements (procedure SGCMF©10002) for conformity assessment of health care provider records.

SGCMF©10002 is a voluntary certification scheme, which aims to assess the compliance of health care professionals' personal data processing processes of pharmaceutical companies under the combined provisions of current data protection regulations and regulations governing drug advertising.

The technical specification has been declared compliant with the purposes by the supervisory authorities under Legislative Decree 219/06.


Pharmaceutical organizations

SGCMF©10002 certification is voluntary in nature, and is therefore intended for all those pharmaceutical organizations that, in connection with the implementation of the above-mentioned standards, need to have clear and defined rules in order to secure internal processes for the proper management of medical records.

Our audits are concerned with the timely control of Systems, Processes, Data Bases and Procedures. They are related to the area of personal data processing and refer to globally recognized Standards, mandatory and voluntary national and international standards.

The certified pharmaceutical company better keeps internal strategic variables under control, streamlines processes and operates in accordance with legal regulations.


The scope of the SGCMF©10002 procedure for any pharmaceutical organization, is as follows:

  • Verification of names within a personal data file, of individuals visited by Pharmaceutical Informants so that they are referred exclusively to medical personnel.
  • Verify that personal data used for promotions activities are minimized by favoring the use of anonymous data.
  • Verification of personal data collection methods
  • Verification of compliance with the principles of quality, accuracy, relevance, nonexcessiveness, and integrity of data collected and held
  • Verification of the uniqueness relationship of data contained in a database of physicians
  • Verification of proper Information Risk Management System policy