London, 28th February 2014
BMI SYSTEM recently joined forces with a number of top European law firms to present a seminar on the topic of public disclosure and data privacy within the healthcare industry entitled ‘Transparency and Data Privacy: What is the Scope and Limit of Disclosure?’
The seminar was hosted at the offices of Bristows LLP Law Firm in London, and speakers from the French law firm LEXCASE and the German practice GÖRG Rechtsanwälte also gave their expert views on changes at the European level in the disclosure of transfers of value from healthcare manufacturers to HCPs and HCOs.
Hazel Grant, Partner at Bristows LLP and specialist in IT procurements and information law, explained how the collection of data on HCPs under the EFPIA and ABPI self-regulatory codes of conduct for pharmaceutical manufactures can raise data protection issues, which need addressing if the industry is to achieve compliancy.
Under UK data protection law, pharmaceutical companies will have to justify the processing of HCP’s personal data, such as names and titles, and one of the ways to do this is to obtain consent from HCPs. There is of course an issue on how to obtain the consent of HCPs for any payment being made. The EFPIA suggests that a contract be sent to guests prior to an event, which includes a text regarding the consent of the HCP/HCO for the public disclosure of the payments being made by the company towards them.
Laurent Clerc, Regulatory Affairs Expert at BMI SYSTEM, explained to delegates how the dates for disclosure are fast approaching, with UK disclosure for the 1st of April this year and a second round of disclosure for France in April. Countries following the European Pharmaceutical Industry Association (EFPIA)’s code will have to disclose all transfers of value occurring in 2015 by 2016. There will, however, be differences in the way countries implement the EFPIA code and national laws may be more stringent.
- In France, for example, disclosure must occur twice a year; It concerns only the existence of agreements made (excluding amounts) but the details of each benefit provided of more than 10 euros has to be published. In addition, all health products are to be included in the disclosure agreement, such as cosmetics and medical devices. The French concept of the “Benefit” to be published does not match at all the concept of “transfer of value”.
- Each country will also have its own definitions of HCP and HCOs and whether teaching hospitals are included in the scope (as in France).
- The way that data is collected and processed will also differ between countries as they begin to grapple with how data will be presented on public websites.
- Also, the delay of data retention can differ between countries – the EFPIA requires three years, whilst the more stringent French code requires five years.
Keeping in mind all of these challenges, the design of a robust IT system that can handle data processing at both local and global levels will be crucial. How will EFPIA requirements be implemented across Europe’s 33 countries?
According to Francis Geysermans, Chief Technical Officer at BMI SYSTEM, “The legal requirements for data collection and disclosure are very different across countries due to differences in culture and national data privacy laws. There needs to be system in place that can handle these issues as more and more projects happen at a global level.”
BMI SYSTEM’s unique solution, NAYA, is based on an IT architecture design that uses a ‘Backbone’ to collect all the data needed for disclosure, such as payments and financial transactions, meeting attendees and expenses. In the ‘Backbone’ are tools to help with reconciliation and arbitration: reconciliation connects payments with attendees and arbitration checks the data for accuracy.
The IT SYSTEM can be enhanced with its different ‘plug-ins’, which also allows for country-specific templates – where the national codes for self-regulation in the pharmaceutical industry differ and there are different interpretations of the EFPIA code. ‘Plug-ins’ can be easily updated as changes happen on a national level. The system is also useful for the tracking of payments across borders and local pre-approval processes can be checked (such as the French anti-gift law). A ‘Watchdog’ in the ‘Backbone’ is able to flag up any discrepancies with local laws or any inaccuracies in the data.
In the future, the challenge of local to global compliancy can be addressed using well-designed IT systems such as BMI SYSTEM’s NAYA solution. However, as the seminar highlighted, there will still be issues of HCP consent in order to apply with often very stringent national data protection laws. There is also the issue of the length and of the purpose of the consent; can companies keep in their system the consent of HCPs for a long period of time? Is it possible for companies to ask consent of HCPs for any payment being made during the year or should it be asked for at all events? What if an HCP refuses to give his consent or retracts it after he gave it? As Francis Geysermans summed up “Consent for use of HCP data will be a big issue in the future, which will drive changes in local laws. Pharmaceutical companies must keep their eye on this to ensure they remain compliant.”