ULG's Language Services Blog

Navigating Compliance With Strong Language Access



May 11, 2018


If your company is located in Europe or does any amount of business there, you’re probably well aware of all the upcoming regulatory changes. From investments to data protection to medical devices, the compliance landscaping is shifting.

While you’re busy scrambling to comply with all these EU regulations, perhaps you haven’t noticed some requirements they all share. Four of the most prominent —PRIIPs, GDPR, MDR and IVDR — all mandate that certain information and materials must be translated into the language of every EU member state. With 24 official languages in the EU, that’s a tall order.

Understanding the language requirements that go into each regulation can help you jumpstart and streamline the translation process. You can find a professional language solutions partner (LSP), if you haven’t already, to begin the process of language access compliance for all four regulations.

Here we’ll examine the language requirements found in the GDPR, PRIIPs regulation and the EU’s new medical device rules.




The much talked-about EU General Data Protection Regulation (GDPR) creates new rules for data privacy, data breach response, breach reporting and consumer consent. Any company in the world that handles data belonging to EU citizens must comply beginning in May to avoid facing fines and penalties.

Under the regulation, all companies must review and update their data handling policies and privacy notices to make sure they are clear, transparent, and written in plain language. While GDPR doesn’t expressly say these policies and notices need to be translated into each local language, we can reasonably assume that sending customers this information in a language they don’t understand would violate transparency requirements and fall short of compliance.

Most companies will need to hire an LSP to help translate all their documents, but it’s important to be wise about the partner you choose. Because the LSP will likely be handling sensitive data, it’s important to make sure that the partner itself is GDPR compliant and has adopted the ISO 27001 information security management standard, which helps prevent data corruption.




Following the 2008 financial crisis, the EU has pushed for more transparency around complex financial products. The Packaged Retail and Insurance-based Investment Products (PRIIPs) regulation requires standardized documentation that offers consumers a clear, understandable explanation of investment products. The goal is to help consumers make more educated decisions about what they’re buying.

These Key Information Documents (KIDS), like GDPR notices and policies, must be available in every member state’s primary language. So, in addition to developing a KID for every separate financial and insurance product, companies have to make sure all these documents are translated into a variety of languages.

Handing over all the translation work to a single LSP can streamline this process, making it faster, less painful and less expensive. A professional LSP will store all of your company’s translation assets and memories in one place, using past reference materials to guide future translations.




The EU’s Medical Device Regulations (MDR) and In Vitro Diagnostics Regulations (IVDR), which take effect in 2020 and 2022, respectively, set tougher standards for how medical devices are manufactured and marketed. Greater scrutiny, new compliance benchmarks and more transparency are required before a device goes to market.

Once again, this regulation requires manufacturers to make product information available in the official language of each EU member state. This includes anywhere the device is sold, used or marketed, and it applies to many forms of documentation — labels, packaging, patient instructions, technical documents and more.

This is a large undertaking for companies that haven’t gone through the process before, but, again, an LSP can streamline that process, taking care of all the translation details so you can focus on other aspects of compliance.





As with any new legislation or regulatory requirement, it’s best to prepare for changes sooner rather than later. PRIIPs is already in full force, and the GDPR compliance needs to be attained by May.
The MDR will be enforced in 2020 and the IVDR in 2022. It seems like a long way off, but those dates will creep up faster than anticipated.
To help prepare global companies for the upcoming medical device rules, ULG is hosting a webinar on device labeling requirements set forth in the MDR on Wednesday, Feb. 28, at 9 a.m. CST. Anyone interested in attending can register here.