By: Jennifer Califf United kingdom United kingdom capital London.
Cross Border, Unique Country Identifiers & Consent … 1_Sharma_Rodriguez...France Netherlands...
Transcript of Cross Border, Unique Country Identifiers & Consent … 1_Sharma_Rodriguez...France Netherlands...
0
Priyanka SHARMA
Director, Global Compliance and MDM
Maria Gracia RODRIGUEZ
Product Manager, Global Compliance
CBI Transparency, Washington DC
August 17-19, 2015
Cross Border, Unique Country Identifiers & Consent Management
1
Global Landscape for Disclosure Reporting
Individual and Aggregate Data
Donations and Grants
Fees and Expenses for
Service and Consultancy
Research and Development
Contribution to costs related
to events:
• Registration fees
• Sponsorship agreements
• Travel and accommodation
industry code in 35
countries - (33 members)
Transparency
Reporting Law
Transparency
Reporting Code
USA Federal Australia
USA States: D.C.,
Minnesota, Vermont,
etc.
Japan
France Netherlands
Greece United Kingdom
Romania USA States:
Massachusetts
Portugal
Slovakia
Denmark
Estonia
2
Considerations for Global Transparency
Reporting Fields and Formats
Data Privacy and Data Protection
Cross Border Transactions
Consent Management
Different Timelines
33 IMS Health Confidential
Navigating the Transparency Maze
• Different choices for Unique Country Identifiers (UCIs)
• Different Recipient Types
5 IMS Health Confidential
Living with Global Regulations
State & National Laws
National/ Regional Codes
Company Policies
6
Cross-Border – EFPIA Recommendation
Yes
No
No Yes
When a consultant is used
in another country,
where should this be
disclosed?Transfers of Value to a HCP/HCO
whose practice, professional address or
place of
incorporation is in Europe, are required
to be disclosed in the country where the
Recipient has
its principal practice…
Life
Science
s
10
Cross border - Common Global Framework
Data Management
• Aggregating transforming and storing data
• Matching payment transactions to customer master data
• Application of business rules as per reporting requirements
Stewardship
• Delivery of ‘in scope’ data reports for verification
• Mechanisms for performing stewardship of local country data
Reporting
• Delivery of final reports to comply with EFPIA
• Multiple reporting increments supported including quarterly, annually or monthly
Disclosure
• Delivery and management of covered recipient spend preview
• Posting of final data pubic disclosure
Global Customer Master based on External Trusted Source
•Covered recipient unique identification•Customer data enrichment (local Ids, multi addresses; affiliation)
IMS Health Confidential
13
UCI Analysis: EFPIA Position
HCPs at the individual level
Companies should, wherever possible,
identify and publish on an individual basis for each clearly
identifiable Recipient at the HCP rather than HCO level as
long as this can be achieved with accuracy, consistency and
compliance with applicable law.
HCOs at the individual level
• No EFPIA standard ID
• Discretion left up to national industry associations to decide
15
Unique Country Identifiers
Number of Countries by UCI Category Required by law3 Countries
9%
Required by code4 Countries
12%
Subject to interpretation5 Countries
15%
Optional8 Countries
24%
Not specified 13 Countries
40%
IMS Health Confidential
16
UCI Analysis: Required by Law
UCI DENMARK FRANCE PORTUGAL
HCP NEM ID to
access the
website
RPPS, Medical
order number
or other
Email address
HCO Tax ID SIREN or
Finess ID
VAT/Tax ID
17
UCI Analysis: Required by Code
BELGIUM GREECE NETHERLANDS SPAIN
HCP RIZIV/INAMI or
National Register
Number
VAT/Tax
Reg. No.
BIG Documento
Nacional de
Identidad (DNI)
HCO enterprise number
KBO/BCE (same as
VAT number)
VAT/Tax
Reg. No.
KvK (Chamber of
Commerce)
Certificado de
Identificación
Fiscal (CIF)
Bulgaria requires UCI by excluding “optional” in the template
CODE
18
UCI Analysis: Subject to Interpretation
Language such as:
• “required if available”
• “where available”
• “to facilitate the process
but not to be published
on database”
Austria
Cyprus
Czech Republic
Germany
United Kingdom
19
UCI Analysis: optional
Standard EFPIA template: Article 3
Ireland Norway Poland Romania
Sweden Switzerland Turkey
20
UCI Analysis: not specified
• Undefined
• No national ID known
CroatiaEstoniaa FinlandHungaryy Italy
LatviaLithuania Malta Russia Serbia Slovakia
Slovenia
Ukraine
22 IMS Health Confidential
Take Home Messages for UCI
There is no standard EFPIA UCI database.
The EFPIA position is that the UCI is optional
according to national laws.
UCIs need to be managed at the individual country level and may be
linked to your customer database for Transparency.
REQUIREMENTS BY LAW
• Denmark• France• Portugal
REQUIREMENTS BY CODE
• Belgium• Bulgaria• Greece• Netherlands• Spain
ALL OTHER
• Where available• Optional• Not applicable
24
Codes require
consent collection
prior to individual
disclosure
IMS Health Confidential
The Need: Consent for Individual Disclosure
Consent Required Consent Not Required
Codes recommends
consent collection prior to
individual disclosure
Local data privacy laws
should be checked prior
disclosure
Laws require
individual disclosure
therefore consent is
not required
Data Privacy Laws Transparency Laws
Industry Codes - Autoregulation
25 IMS Health Confidential
Consent Geographical Scope
Codes require
consent collection
Codes recommend consent
collection & refer to data
privacy laws
Consent - not required
Austria Bulgaria Denmark
Belgium Croatia France
Germany Cyprus Greece
Italy Czech Republic Netherlands
Norway Estonia Portugal
Poland Finland Romania
Slovakia Hungary US
Spain Ireland
Sweden Latvia
Turkey Lithuania
United Kingdom Malta
Australia Russia
Japan Serbia
Slovenia
Switzerland
Ukraine
27 IMS Health Confidential
Consent Management Impact
In the geographies where consent is required: No consent would
translate into low transparency level
29 IMS Health Confidential
Consent Request Timelines
When Contracting?
At the pre-disclosure time?
Any time in the period?
Consent Prior Disclosure
NORWAY
For health personnel, it follows from the Norwegian Personal Data Act that consent must be obtained from
recipients before individual reporting can take place. If consent does not occur, the transfer of value shall
be reported aggregated. For health personnel and health organizations, it is a prerequisite for individual
reporting that there not be any legal impediment to publication on an individual level.
EFPIA
(Section 3.01) and, in this connection, the following recommendation is made to the pharmaceutical
companies in a footnote to Art. 4, Section 4.01: [the pharmaceutical companies] should make provision
with a view to the granting of pecuniary benefits to HCPs or HCOs in their written agreements with
such recipients to ensure that the latter consent to the disclosure of the pecuniary benefits granted to
them in compliance with the EFPIA HCP/HCO Disclosure Code. In addition, the companies must renegotiate
existing agreements as soon as possible in order to include consent to disclosure.
30 IMS Health Confidential
Consent Scope
Per Contract?
Per Activity Type?
Per Period?
No Cherry Picking in Transparency
UK
Companies are encouraged to include in a contract involving a transfer of value provisions
regarding the consent of the recipient to its disclosure. In addition, companies are encouraged to
renegotiate existing contracts at their earliest convenience to include such consent to disclosure.
Companies must ensure that they have appropriate arrangements in place to lawfully disclose information
about transfers of value.
EFPIA … to stress that the proposed measures should be considered as a whole rather than individually or
‘a la carte’ (i.e. ‘cherry picking’). The proposed set of key ideas should therefore be considered as part of
a comprehensive strategy focused on ensuring that only safe products reach the
patient
31 IMS Health Confidential
Who Should Consent
HCPs?
HCOs?
Other organizations?
Local legislation and codes differ in the definition who should consent
JAPAN
“…member companies will begin public disclosure of such information in fiscal year 2013 with the consent of
healthcare professionals, medical institutions, etc. Similarly, with respect to relationships with patient
organizations…”
SPAIN
Personal data protection legislation in Spain applies exclusively to individuals. For this reason,
pharmaceutical
companies must disclose the payments or Transfers of Values made to Healthcare Organizations on an
individual basis.
Note the definition of HCPs & HCOs varies from geography to geography!
32 IMS Health Confidential
Consent Documentation
AUSTRALIA
Companies must comply with Australian Privacy legislation (Privacy Act 1988 (Cth)) in regard to the
reporting of individual healthcare professional data. Each company must establish a means to ensure
informed consent and maintenance of records which comply with Australian Privacy legislation.
Documents are required?
In which format digital vs paper?
Prove of consent & consent request procedure
ITALY
Pharmaceutical Companies are expected to store, also in electronic format as an alternative, for a
minimum of 3 years, proper documentation indicating that the Consent to data disclosure as been
asked for from the Professional.
An inspection check on existing procedure oriented to systematically retrieve the consent
mentioned above, will be performed yearly within the Certification activity as Article 1.13 on general
principles of this Code states.
33 IMS Health Confidential
Revoke Considerations
At the Pre Disclosure
Any time any channel
Assess Impact of revoke is needed
Revocation can happen any time & impact assessment will be required
EFPIA
Disclosures shall be made by each Member Company within 6
months after the end of the relevant Reporting Period and the
information disclosed shall be required to remain in the
public domain for a minimum of 3 years after the time such
information is first disclosed in accordance with Section 2.04,
unless, in each case, (i) a shorter period is required under
applicable national data privacy or other laws or regulations, or
(ii) the Recipient’s consent relating to a specific disclosure, if
required by applicable national law or regulation, has been
revoked.
35 IMS Health Confidential
Consent Request Positioning
EFPIA Conference
May 2015
“If codes are not
accepted by the
different stakeholders
there will be no
effective
transparency”
Most companies have the
guidelines to be pro transparency
in front of HCPs
National associations actively run
educational campaigns
Templates to request consent
exist in most country associations
37 IMS Health Confidential
Consent Request Channels
Consent
• Push - Higher response rate
• Guided, service, education for
HCP
Company Employee
Driven
Stakeholder Driven
• More rep admin- productivity?
• Rep influence is difficult to
control
• Eliminates reps admin
• Better control of the
messaging to HCPs
• Independent on going HCP
Management of consent
decisions including revoke
• Pull – Uncertain about
response rate
• Requires having the
infrastructure (i.e. and e-mail
and the permission to use it)
Pros Cons
Revoke Capture
Companies need to be prepared to take note of Consent Revoke at any time
through any channel and ensure reporting systems take it into consideration
38
Not to proceed with
collaboration implying ToVs
Proceed with the current
collaboration until next reporting
period only
Continue work with HCP
IMS Health Confidential
No-Consent Position
Codes only specify the expense should be done aggregate, there is a
debate on what to do in the non consent cases
39
•Poland – Infarma
–January 2015: 12% Consent
–February 2015: 19% Consent
–March 2015: 21% Consent
•Germany- Vfa
–April 2015 – Around 50-55 % Consent
•Spain – Farmaindustria
–April 2015 – Around 10% Consent
Where are we, where we want to be?
No official figures have been published globally but some associations
shared numbers
EFPIA Target
No number has been
provided by the EFPIA
members as a good figure
on consent.
Only the VFA
representative mentioned
that above 50% of German
HCPs consent would be
considered a good result
for this first year of
collection