Most large pharmaceutical companies have numerous products marketed around the globe and usually have complicated marketing, licensing, and distribution collaboration with other global/ Local Pharmaceutical Companies (License Partners [LPs]). The Marketing Authorization Holder (MAH) has varying control over these LPs, and to manage these relationships, well–defined Pharmacovigilance Agreements and intercompany Safety Data Exchange Agreements (SDEAs) are required. Good Pharmacovigilance Practices (GVPs) which apply to marketing–authorisation holders, the European Medicines Agency (EMA) and medicines regulatory authorities in EU Member States dictate that agreements between the MAH and LPs are required: “Where the marketing authorization holder has set up contractual arrangements with a person or an organization, explicit procedures and detailed agreements should exist between the marketing authorization holder and the person/ organization to ensure that the marketing authorization holder can comply with the reporting obligations. These procedures should in particular specify the processes for exchange of safety information, including timelines and regulatory reporting responsibilities and should avoid duplicate reporting to the competent authorities.”
In 36 inspections of MAHs conducted by the Medicines and Healthcare Products Regulatory Agency (MHRA) between April 2016 and March 2017, 11% of the findings were related to contracts and agreements. These data suggested that either the MAHs were non-compliant with the GVP requirements or were facing challenges in achieving compliance from their respective LPs. To overcome these challenges, MAHs should follow the below approaches, which can make the process more coherent.
Lean Governance Model and Solutions
Given that the onus of responsibility resides with the MAH, a proper governance and oversight model outlined in the SDEA can ensure LPs maintain a high level of compliance in the management of their responsibilities. For the MAH to safeguard compliance, it should have well–defined roles and responsibilities in the SDEA, especially for co–marketing situations.
Resilient and Experienced PV Professionals/QPPV Support
SDEAs are to be considered a critical process within the PV department, and companies should place experienced PV professionals to manage the entire activity. For small companies where there are fewer LPs to deal with, the Qualified Person Responsible for Pharmacovigilance (QPPV) (or equivalent person in non–EU countries) can take charge of the entire operations. However, companies that deal with multiple LPs and have many mergers and acquisitions situations should appoint SDEA Managers who have good knowledge on PV and regulations. However, the QPPV can be involved during any escalations, signatory, and any important discussions. Depending on the situation, the Legal person from the company should also give a sign off on the SDEA to verify if all the clauses mentioned in the document are in alignment with company’s policies/regulations.
Development of Templates/Boilerplate in Accordance with The New Regulations
Companies should have a ready–made tailored template that is updated periodically as per the regulations and reflects any changes in the company’s processes/procedures. Companies should have a comprehensive SDEA to avoid risks of missing any information. The SDEA should be used to define the responsibilities/ownership of key PV data exchanges (namely ICSR, PSRs, RMPs, Signals, ESIs, reconciliations, etc.). The SDEA needs to be a part of the company’s quality management system (QMS) and align according to the company’s internal Standard Operating Procedures (SOPs). The SDEA needs to be revised periodically when regulations/business statuses changes or when there is any change in the company’s signatory personnel. For each of the signed SDEAs, the SDEA Manager can maintain an RACI chart for ease of internal use and reference.
The SDEA should clearly communicate that either Party (wherever Party/Parties is mentioned, it is either the Licensor or the Licensee) is entitled to audit the other Party to monitor compliance. Based on the situation, the audit can be for cause audit or risk–based approach audit.
Correct Assessment of the Business Partnership
The level of partnership should be assessed to determine the extent of information in the SDEA through a master agreement or any contractual legal agreement. As an example, warehouse, distribution, and sales partners would have minimal chances of receiving safety-related information and hence should have an agreement limited to notifying the PV department of the licensor if any safety–related information is encountered, as compared to a supply, Co–development, co–marketing, or license partnership.
Robust RCA and CAPA Management
LP compliance should be monitored to verify if they are adhering to the SDEA terms that were agreed upon in the SDEA. There should an LP Compliance Monitoring Tracker maintained by the company regularly to validate the compliance of the LPs. In case any trends of non–compliance are seen, they should be flagged and necessary RCA and CAPAs need to be initiated. Escalations to the QPPV and a regular audit are needed to maintain compliance from the LPs.
Systematic Configurations and Communications
All safety systems need to be configured with the timelines agreed in the SDEA by the both the Parties before the SDEA becomes effective. Whenever the SDEA is terminated because of any business reason, the configurations need to be revoked accordingly. All relevant stakeholders need to be informed about the signed SDEA along with some key information.
Centralized SDEA Management System
Companies should have a centralized SDEA system that can simplify internal cross–functional participation on the SDEAs. This system should also be used as a repository and partner compliance tool. In–built boilerplate templates for SDEAs should be in place to allow reuse and reduce the time to author. This system should enable users to send automated alerts to reduce the in–out life cycle time and streamline processes.