If you are working in the field of compliance, you know how grueling the compliance process can be. Rules need to be decided, written, communicated to employees and third parties, who need to be trained on such rules. Then, the company needs to find out if the rules have been breached and sanction those who breached them. This is how law works in general, so the various phases of the process are not surprising. It is also a largely imperfect method, which can become overly complicated in companies where internal rules are pervasive and complex.
Wouldn’t it be wonderful if the whole process could be governed by digital means? And I am not talking about placing all your compliance material in one big digital repository (something obviously useful, but not inherently changing the nature of the process). Imagine a company built on the principle of compliance-by-design, where the behavior of employees is limited by external tools that simply do not allow non-compliant conducts. (For example, if you place digital limits on banking payments, you will not need to convince employees that they cannot exceed certain payment limits, since the digital code would directly enforce such payment thresholds and the only way to circumvent them would be to hacker the banking program.)
Certain Scholars have seen in blockchains an opportunity for compliance programs and organizational models pursuant to legislative decree 231/2001. Under 231 Italian legislation an entity is punished for not having set up sufficient organizational measures to prevent the commission of a certain crime: in theory, a digital prevention system may be an ideal tool to prevent crime commission with the utmost diligence. If you look for automated solutions online, you will find heaps of offers that promise that compliance will be made easy: the RegTech phenomenon is already well established and generating huge revenues.
I am generally a fan of innovative solutions, but I question how much effort is required in translating compliance information into digital rules. As anyone who deals with artificial intelligence may confirm, the process is generally neither quick nor cheap.
I also wonder whether the field of compliance, based on ethical principles, and therefore inherently human centric, can benefit from a full digitalization. Some have warned against the risk of “brutalization of a workplace relations” and worry that digital compliance systems “imitate predictive policing”.
Compliance requires sophisticated human judgment, and 0/1 binary codes are not always appropriate to automate complex decisions on human interactions based on ethical principles.
Amendments to the Italian pharmaceutical industry association’s (Farmindustria) Code of Ethics have been introduced on January 19, 2022 https://www.farmindustria.it/app/uploads/2018/06/2022-GENNAIO-19.pdf.
One of the most important changes concerns section 4.7, which defines Patient Support Programs (PSP) as initiatives implemented by pharmaceutical companies aimed at making available additional services for the direct benefit of patients. Such services are not intended to replace the services of hospitals and other healthcare organizations. For more information on PSP, check out our previous blog post https://lawhealthtech.com/2022/02/07/new-guidelines-on-patient-support-programs-adopted-by-italian-pharma-industry-association/ .
Besides, other important amendments have been introduced:
- Training and Information to Non-Prescribers: new section 3.25 (i) allows pharmaceutical companies to carry out training and information activities aimed at healthcare professionals who are not authorized to prescribe medicines, but are involved in the treatment management, provided that such activities do not have any promotional purpose and that the information provided is linked to their roles in patients’ treatment management; and (ii) extends to such professionals the possibility to attend events, courses and congresses, as long as such events do not concern topics relating to medicines;
- Information to the Public: new section 3.26 (i) allows pharmaceutical companies to provide unsolicited information to the public, through personnel not belonging to commercial or marketing areas, relating to products and diseases pertaining to the relevant therapeutical area, provided that such information does not have a commercial nature and matches the information set forth in the package leaflet or institutional information channels; and (ii) confirms that a full literal reproduction of the package leaflet information may be published on the companies’ websites available to the public;
- Interactions Other than Medicines Promotion: new section 3.28 (i) allows pharmaceutical companies to provide information on medicines to various stakeholders such as institutions, professionals, organizations, etc., without this falling within the scope of medicines promotion; and (ii) specifically regulates the possibility to carry out, during the medicine’s life cycle, institutional and market access activities or other non-promotional interactions towards institutions and health care professionals, as well as account management activities aimed at ensuring the application of commercial policies through interactions with public or private counterparties involved in the medicines procurement processes and activities aimed at the mutual sharing of non-promotional information and data.
The above new provisions of the industry Code of Ethics undoubtedly aim at regulating several aspects of the day-to-day promotional and educational activities of pharmaceutical companies that have been so far ignored by the industry association regulations. However, the new previsions are quite vague in their scope and it remains to be seen whether they will have any meaningful impact on the market practices in the pharmaceutical sector.