All posts by Flavio Monfrini

Health Data Registries and Surveillance Programs, a New Italian Regulation Steps Up the Game

A new Italian regulation governing health data registries and surveillance programs aims at facilitating the use of such tools for purposes of monitoring health of the population, as well as healthcare spending. A comprehensive legal instrument regulating the various categories of registries and programs was much needed. In fact, the adoption of such a regulation was envisaged by national legislation since 2012 (Section 10 of law decree 179/2012), but no implementing measures has yet been adopted. A draft of regulation has now been released by the Italian government and submitted to the State-Regions conference prior to formal entry into force. The draft has already been reviewed by the Italian Data Protection Authority.

The new regulation aims at standardizing registries and programs adopted over the years, by setting forth: (i) the entities and professionals who may access the information contained in the registries, (ii) the categories of data that are available, and (iii) the measures to be adopted to ensure the security of data in line with data protection legislation.

The goals pursued by the regulation include a better monitoring of diseases at national level and relating treatment, survival rates, mortality index, as well as the increase or decrease over time of a certain disease. The data stored in the registries should also facilitate the carrying out of epidemiological studies in specific territories and/or for specific subsets of the population. Such broad purposes would allow the data to be used in connection with scientific studies, but also for the treatment and prevention of particular diseases.

The data protection provisions enshrined in the regulation are particularly stringent, and provide that all data must be processed by individuals specifically appointed by the data controller and subject to secrecy obligations. Furthermore, the data shall be encoded in a way that does not allow the de-anonymization of the data. Only in case of adverse events and relating field actions, data may be used to contact the interested subject upon prior authorization of the national registry holder. Data breaches will also need to be reported to the Data Protection Authority.

In conclusion, the new regulation provides welcome clarity in a field where regulations have been sporadic and at times incoherent. Moreover, the new regulation seeks to govern at the same time the different legal aspects connected with registries, from healthcare monitoring to data protection. There is little doubt that the hope of the government is to optimize such instruments to better control healthcare spending and conduct a more effective assessment of therapies and products on the market.

 

 

The Safe Harbor Decision (And What Is Wrong With It)

As most people and businesses on either side of the Atlantic are now aware, on October 6, 2015 the European Court of Justice invalidated the Commission’s Safe Harbor decision and made the transfer of personal data to the United States slightly more difficult for businesses.

The Court decision is based on two fundamental findings: first, the Commission’s Safe Harbor decision did not find – as it was required to do according to the Court – that the United States ensures a level of protection of fundamental rights essentially equivalent to that guaranteed within the European Union. Second, and equally important, the Court held that the Commission had no authority to restrict the powers of national data protection authorities to examine complaints of their citizens and assess whether the transfer of data to the United States affords an adequate level of protection.

Until the recent Court decision, the Safe Harbor program has provided a framework for the transfer of personal data from the European Union to the United States. Safe Harbor, however, is neither the only way to transfer personal data to the United States, nor the most commonly used. United States undertakings have consistently used – and will be able to continue to use even after the Court’s decision – model clauses and binding corporate rules.

As European and US undertakings have a wide variety of tools available to transfer data to the United States, the most troubling finding of the Court’s decision is not the invalidation of the Safe Harbor per se, but rather the recognition of much broader powers to member states’ data protection authorities. While the Safe Harbor scheme provided a single and simplified framework that was easily understood by United States’ businesses, the new decision leaves uncertainty as to the approach that each member state’s data protection authorities will take in connection with the export of their citizens’ data. As a consequence, in spite of the current efforts by European authorities to adopt a single data protection regulation ensuring a more uniform legislation throughout the continent, the Court decision is likely to lead – for at least some time – to a more fragmented and less clear legal framework among different member states.

Last, but not least, it is worth noting that one of the main reasons that led the Court to invalidate the Safe Harbor Commission’s decision has been the discovery of mass surveillance programs by US national security intelligence agencies and their rights to access personal data of European citizens. The concern of the European Court of Justice is well grounded and all of us, as individuals, are likely to share that same concern. However, why is the Court not equally worried about the surveillance programs and data retention policies adopted by several member states over the last few years?

Many have pointed out (see for instance here and here) that the Court decision is the result of different sensitivities between US and European people when it comes to the protection of their privacy, being the Europeans more keen to consider the protection of their personal data as a fundamental human right (or, rather, very keen on teaching data protection lessons to the United States). However, the failure of the European Court of Justice to acknowledge that such fundamental right is as much at risk within the borders of Europe as it is outside leaves us wondering whether the Court is really protecting the substance of our privacy as European citizens.

Another September, Another Spending Review.

This is almost becoming a tradition for the national healthcare service in Italy. Comes September… and a new spending review hits the pharmaceutical and medical device industry.

On August 4, 2015 a law decree has been approved by lawmakers, which introduces a number of new mechanisms for monitoring and reining in public spending in the healthcare sector. In particular, the new legislation has introduced several measures:

  • Negotiations with current suppliers of the national healthcare service in order to achieve a 5% reduction in current spending for general supplies;
  • Negotiations with current suppliers of medical devices in order to comply with the spending thresholds agreed upon between the central government and regional authorities;
  • Centralized negotiations with pharmaceutical companies in order to decrease the reimbursement price of products currently reimbursed by the national healthcare service.

While measures aimed at cutting spending in connection with general supplies and medical devices have been entrusted in principle to local authorities and healthcare providers, the national pharmaceutical agency (“AIFA”) plays a central role in the envisaged mechanism to achieve savings for pharmaceutical products. In accordance with the provisions of the new decree, AIFA has indeed conducted negotiations throughout the month of September 2015, with the aim of decreasing overall spending. The new legislation provides the grouping of products in several “clusters” that include therapeutically similar products, regardless of their active principles. The lowest price in each cluster is then used as the reference price for direct negotiations between AIFA and manufacturers.

The new measures also provide that, in case of failure to reach an agreement, reimbursement by the national healthcare service may be withdrawn. However, it is also expressly provided that generic products are not admitted to reimbursement until any patents and supplementary protection certificates of branded products are definitely expired, thus providing the industry with assurances in connection with their protected drugs.

The reiterated attempts by public authorities to renegotiate prices with suppliers appear to clash not only with basic contractual principles (“pacta sunt servanda”), but also with fundamental rules of public procurement legislation. As the government (in fact, almost yearly) demands discounts on existing contracts, reliance on such contracts is affected, along with transparency and open competition in public procurement procedures. The truth is that the need to cut public expenditures is increasingly overriding basic tenets of contracts and public procurement law.

Med Tech and Pharma industry associations have voiced their concerns, while suggesting that efficiency and savings may be obtained by the national healthcare service through internal reorganization processes rather than by demanding additional discounts to suppliers. In fact, if we step aside from the conflicting commercial interests of suppliers (who want to maximize their revenues) and purchasers (who need to minimize their costs), we cannot but note that, again, the government appears to use cost cutting tools that focus on quantity rather than quality. On the contrary, we would expect that more emphasis should be given to Health Technology Assessment and innovation. We surely need to spend less money, but also to spend it more wisely.

Electronic Medical Record: Italian Data Protection Authority Issues New Guidelines

On June 4, 2015, the Italian Data Protection Authority issued new guidelines governing the collection and processing of personal and sensitive data through the Electronic Medical Record.

  • What is an Electronic Medical Record?

A record, kept by a hospital or a healthcare center, containing patients’ clinical history at that specific hospital or healthcare center.

  • Patients’ rights

The guidelines set forth several rights to which patients treated at any hospital or healthcare center are entitled:

  1. Patients are entitled to decide whether the hospital or the healthcare center may store their data through an Electronic Medical Record. If a patient denies his/her consent, physicians will be able to rely only on information gathered during examination and treatment, as well as on information previously conveyed by the patient, if any. Denial of consent will not affect the possibility of being treated at the hospital/healthcare center.
  2. Specific consent is needed for the collection of certain categories of sensitive date, such as HIV infections, abortions, data relating to sexual assault. With respect to such data, patients will have the right to limit access to specific individuals/professionals.
  3. In addition to all rights granted by the Data Protection Code (such as the right to receive confirmation on the existence of personal/sensitive data, to know the origin of the data, the purpose and means of processing, as well as the logic applied to the processing) patients will also be entitled to receive information on each access to their Electronic Medical Record.
  • Hospitals and healthcare centers’ obligations

Hospitals and healthcare centers are required to provide patients with a thorough privacy notice concerning the processing of data through the Electronic Medical Record. Upon patients’ request, hospitals and healthcare centers shall also provide information concerning stored data and access logs to the Electronic Medical Record (including the professional accessing the data, date and time of access) within 15 days of the request. Patients will also be entitled to redact data or healthcare documentation that they do not wish to be included in their Electronic Medical Record.

The Data Protection Authority’s guidelines also address important technical aspects and provide that patients’ healthcare information contained in the Electronic Medical Record shall be segregated from other administrative data. Sensitive data will need to be encrypted. Furthermore, access to the record will be granted only to medical staff involved in the patient’s treatment and any access and processing will be recorded on log files to be kept by the hospital or healthcare center for at least 24 months.

Lastly, the guidelines set forth strict data breach requirements for hospitals and healthcare center, by providing that any data breach or unauthorized access shall be reported to the Data Protection Authority within 48 hours of knowledge of the breach. Failure to report will lead to the application of penalties.

See the Data Protection Authority’s presentation of the new guidelines

A New e-Health National Plan

A new Agreement on Digital Health (“Patto sanità digitale”) prepared by the Ministry of Health has been submitted to the State and Region Conference in June 2015. The proposed agreement between regions and national government aims at setting forth a precise timetable for the implementation of e-health in Italy and envisages a steering committee in charge of monitoring the status of implementation of the plan.

Among the priorities of the new proposal, the Ministry of Health has indicated the adoption of effective solutions for patient workflow management and patient relationship management, to be achieved through the widespread use of electronic clinical records, telemedicine services and mobile health. According to the plan presented by the government, e-health solutions are key to a deeper overhaul of the national healthcare service in order to increase care outside of hospitals and find more efficient ways of bringing healthcare to patients.

Telemedicine solutions, including remote monitoring and diagnosis, would allow the national health service to bring services to patients in a more efficient way. While a specific piece of legislation addressed to telemedicine services has not yet been enacted, on February 20, 2014 the Italian Ministry of Health issued a set of official national guidelines on telemedicine, which set forth a useful regulatory and technical framework for healthcare authorities and private operators active in the provision of telemedicine services.

Unlike previous guidelines, however, the latest digital health plan also aims at restructuring the use of financial resources devoted to the development of telemedicine solutions, in order to convey funds only to more effective projects capable of fostering the widespread adoption of e-health instruments by other healthcare providers. The government also plans to increase the involvement of private actors in these development projects, through project financing and performance based service contracts.

While it is expected that patients will ultimately benefit from a more efficient model for the supply of healthcare, the government also hopes to rein in spending through a more efficient use of resources and a closer monitoring of test prescriptions and drug consumption, which the new e-health solutions will enable.

Courts Limit Administration’s Discretion in Public Contracts

Recent rulings by two administrative courts in Italy have restricted the discretion of public entities in the award of public contracts without open procurement procedures, in particular in the healthcare sector. The two decisions reaffirm the Courts’ policy of restricting recourse to in-house contracts and extensions of expired contracts.

The first decision, issued on May 7, 2015 by the Supreme Administrative Court in Rome, invalidated the award of a service contract to a company established and owned by the regional government of Puglia for the provision of in-house services to healthcare facilities in the region. The contract was awarded without a public procurement procedure, on the basis of the fact that it was an in-house service contract. The Court, deciding upon an appeal brought by a competitor who was not granted the possibility to submit its offer, held that a procurement procedure open to competitors must always occur, even if a governmental entity has established a specific vehicle for the purpose of providing in-house services. The Court left a limited room for in-house services, i.e., services provided by an entity fully controlled and managed by the same administration awarding the contract, as if it was one of its internal departments.

On a different occasion, the regional administrative Court of Turin had the chance to reiterate that the extension of expired public contracts is prohibited by public procurement legislation, as it prevents competitors from participating in new public procurement procedures. In addition to stating again this general principle, the Court in its decision of April 3, 2015 no. 573 also held that governmental entities should proceed with calls for tenders whenever the goods or services they intend to procure are not covered by a national or regional framework agreement. In an effort to curb public spending, the Italian government has implemented in several sectors a centralized negotiation process, whereby a central governmental agency (“Consip”) enters into framework agreements for the supply of goods and services to local administrations. Local administrations are generally bound to adhere to such framework agreements and, if they do so, no call for tender needs to be issued. Public hospitals, on the other hand, must adhere to healthcare-specific regional framework agreements and to Consip agreements; only if no such agreements exist they may proceed with the issuance of a call for tenders.

In the case the before the Court, a local healthcare office postponed the validity of an expired supply contract, after assessing that the framework agreement entered into by Consip would have only partially covered the needs of the local administration and – most importantly – would have entailed a higher cost than the expired agreement. Regardless of the potential savings that the extension of the existing contract would have granted the public administration, the Court held that no exceptions can be envisaged to the issuance of a public procurement procedure. Clearly, more than by savings, the Court must have been guided by the desire to sanction a widespread practice of extending expired contracts, which in most cases stifles competition and does not guarantee lower prices.

It is expected that this policy, increasingly adopted by many administrative Courts, will be one of the highlights of the new public procurement legislation that is currently being examined by Italian lawmakers. The new public procurement code is, in fact, expected to provide new instruments for a more effective fight against corruption and inefficiencies within the public administration.

EMA Issues New Guidelines to Prevent Medication Errors

On April 14, 2015 the European Medicines Agency (“EMA”) released two drafts of good practice guides aimed at improving the reporting, evaluation and prevention of medication errors. The new guides are addressed to regulatory authorities, as well as the pharmaceutical industry.

Medication errors generally refer to unintended mistakes in the processes of prescribing, dispensing or administering of medicinal products in clinical practice and according to EMA they account for an estimated 18.7 – 56% of all adverse drug events among hospitalized patients.

The first guide released by EMA provides an overview of the main sources and types of medication errors, as well as measures to minimize the risks that such errors are made. The second guide, on the other hand, focuses on suspected adverse reactions caused by medication errors, providing guidance and recommendations on how to record, code, report and assess such errors.

The guidelines from EMA recommend a number of actions to marketing authorization holders, including the periodical reporting of information concerning medication errors. Recommendations to the industry include periodical safety update reports and risk management plans to be adopted for each marketed pharmaceutical product. The overall scope of these reporting obligations is to implement a real-life continuous evaluation of the risks and benefits of all medicines placed on the European market.

The two draft guidelines are now open to comments from all relevant stakeholders: the public consultation procedure will expire on June 14, 2015. The final version of the guidelines is expected to be finally adopted later in 2015.

More information and the new draft guides can be found here: http://www.ema.europa.eu/ema/index.jsp?curl=pages/news_and_events/news/2015/04/news_detail_002307.jsp&mid=WC0b01ac058004d5c1.

New Transparency List For Generics And A Victory In Court

On February 16, 2015 the Italian Medicines Agency (“AIFA”) has published the 2015 update to the so called “transparency list” (lista di trasparenza), i.e., a list of generic drugs authorized in Italy, along with their market price.

Following a number of changes in the legislation governing generics in the past few years, the National Health Service currently only reimburses the cost of the less expensive generic on the market. In fact, Section 7 of Law Decree 347/2001 sets forth the medicines having the same active ingredients composition, pharmaceutical form, way of administration, release modalities, number of tablets and dosage, are reimbursed by the National Health Service up to the price of the less expensive product on the market. The transparency list serves as a tool for reimbursement purposes: if the patient chooses to buy a branded product or a more expensive generic, the patient will need to cover the difference in price.

The publication of the transparency list comes shortly after a recent decision of the highest Italian administrative court, which stroke down past practices of AIFA on the reimbursement of new generics. In this case, the generic drug company EG S.p.A. claimed that AIFA issued a marketing authorization for gabapentin (a generic drug approved in a different EU member state) but unduly refused to recognize any reimbursement. The per-tablet dosage of the generic drug was in fact different from the branded product and other generics already included in the transparency list: therefore, according to AIFA, reimbursement was not warranted by Section 7 of Law Decree 347/2001. AIFA also argued that the new dosage, higher than other reimbursed products, entailed risks for the patients’ safety, as they would have to apportion the right dosage themselves (e.g., to split the drug tablets in half). The administrative court stated that such risk was ungrounded and had no impact on the reimbursement of the drug: if at all, it should have prevented AIFA from issuing a marketing authorization in the first place. Furthermore, the court stated that the National Health Service may reimburse a generic even if not included in the transparency list, striking down AIFA’s argument that dosages already reimbursed by the National Health Service sufficiently covered the needs of the patients, as such criterion was not set forth in applicable legislation.

The court decision comes as the latest victory for generics on the Italian market, adding to several regulatory and legislative changes prompted by budged restraints in the past few years, causing generics to continue gaining strength. In the meantime, proposed new legislation on the sale of generics outside of authorized pharmacies is stirring public debate.

Tax Relief on Exploitation of Intellectual Property Rights and Know-How

INTRODUCTION OF THE SO CALLED “IP BOX”. Law no. 190 of December 23, 2014 (“Law”), provides for a new regulatory framework concerning taxation of revenue arising from exploitation of intellectual property rights and know-how eligible for legal protection.

Starting from 2015, repatriation of intangible assets owned by Italian and foreign companies abroad will be favored. Exportation or re-exportation of intangible assets to countries having more favorable taxation of revenue arising from exploitation of intellectual property rights will likely decrease, whereas investments in R&D activities in Italy should increase.

SCOPE OF THE LAW. The Law expressly covers works of intellect, patents, trademarks, design, models, processes, formulas, as well as industrial, commercial, and scientific know-how eligible for legal protection[1]. Revenue arising from both direct and indirect exploitation will receive a more favorable taxation as profits from licensing of eligible assets as well as their direct use (e.g. use of patented machineries in manufacturing processes) will be partially excluded from companies’ taxable income. The Law provides for a progressive implementation of the tax relief system. In 2015, only 30% of the profits will be excluded, whereas such percentage will increase to 40% in 2016, and to 50% in 2017[2].

Capital gains arising from sale of eligible intangible assets will be entirely tax-exempt, upon condition that at least 90% of sales revenue are invested, within two years from the relevant sale, in maintenance or development of any of such assets.

It must be noted that the tax relief will not automatically apply to all eligible entities. Instead, companies must expressly opt for the regime, and their choice will be binding and irrevocable for the following five fiscal years.

WHO CAN BENEFIT. Entities carrying out business activity in Italy, regardless of their type or size, can benefit from the new taxation regime. Foreign companies and other incorporated or non-incorporated entities, including trusts, carrying out business activity in Italy through a permanent establishment, can also benefit from the newly introduced regulatory framework provided that their country of residency is a party to a double tax treaty and undertakes to exchange relevant information with Italy.

CONDITIONS. The exclusion of profits from corporate income will apply only to those entities that carry out R&D activities by way of contracts entered into with either universities or equivalent research entities, or with companies other than those belonging to the same group[3].

In case of direct exploitation of eligible intangible assets, companies must conclude an advanced pricing agreement (APA) with the Agenzia delle Entrate (the Italian tax agency) to determine the ratio between the production value of the assets and the corporate income[4]. Such an agreement is optional for revenue arising from exploitation of eligible assets within the same group[5], whereas it is mandatory in case of capital gains deriving from sale of the assets.

EXEMPTED INCOME. Not all of corporate income benefits from the tax relief. The benefitting quota is instead calculated on the basis of the ratio between R&D costs incurred for maintenance and development[6] of eligible intangible assets and overall costs borne to produce such assets.

[1] The Law originally provided for works of intellect, patents, trademarks that are functionally equivalent to patents, processes, formulas and know-how eligible for legal protection. The meaning of “trademarks functionally equivalent to patents” has been debated ever since, with experts stating that such trademarks could be indentified in those trademarks used to market patented inventions. The recent Law Decree no. 3 of January 24th, 2015 (currently still to be converted into law) expanded the scope of the Law to all kind of trademarks, therefore also to purely commercial trademarks, as well as to design and models.

It must be noted that the scope of the Law is wider than what provided in other European countries by similar tax regimes, where tax relief is usually limited to exploitation of patents. Such systems are therefore commonly defined as “Patent Box”.

[2] The exemption is relevant to calculation of both IRES (corporate income tax) and IRAP (regional tax on production). It is estimated that, starting from 2017, revenue arising from exploitation of eligible assets will be taxed at a rate of 13.75%.

[3] The provision is aligned with the “nexus approach” adopted by OECD, aiming at limiting harmful tax competition amongst OECD countries. According to such an approach, tax relief is to be granted only when R&D costs are incurred, therefore hindering companies from exporting intangible assets to countries with more favorable tax rates without carrying out any R&D activity in such countries. (For further information on this issue visit http://www.oecd.org/ctp/beps-2014-deliverables.htm)

[4] The agreement is reached upon an international ruling procedure that is usually applied with regards to transfer pricing and dividends within the context of multinational companies.

[5] The Law originally provided for a mandatory agreement also in case of exploitation within the same group. Law Decree no. 3 of January 24, 2015, made such an agreement optional. Please note that the agreement may remain mandatory if the law decree is not converted into law or if it is modified by the law of conversion.

[6] Law Decree no. 3 of January 24, 2015, provides that such costs are increased by those incurred for the purchase of the asset or for research contracts entered into with companies belonging to the same group up to 30% of maintenance and development costs.