All posts by Paola Sangiovanni

About Paola Sangiovanni

Partner of GITTI and Partners. Seasoned transactional and regulatory legal counsel with a thorough understanding of the life sciences industry.

CAN COMPLIANCE BE AUTOMATED?

If you are working in the field of compliance, you know how grueling the compliance process can be. Rules need to be decided, written, communicated to employees and third parties, who need to be trained on such rules. Then, the company needs to find out if the rules have been breached and sanction those who breached them. This is how law works in general, so the various phases of the process are not surprising. It is also a largely imperfect method, which can become overly complicated in companies where internal rules are pervasive and complex.

Wouldn’t it be wonderful if the whole process could be governed by digital means? And I am not talking about placing all your compliance material in one big digital repository (something obviously useful, but not inherently changing the nature of the process). Imagine a company built on the principle of compliance-by-design, where the behavior of employees is limited by external tools that simply do not allow non-compliant conducts. (For example, if you place digital limits on banking payments, you will not need to convince employees that they cannot exceed certain payment limits, since the digital code would directly enforce such payment thresholds and the only way to circumvent them would be to hacker the banking program.)

Certain Scholars have seen in blockchains an opportunity for compliance programs and organizational models pursuant to legislative decree 231/2001. Under 231 Italian legislation an entity is punished for not having set up sufficient organizational measures to prevent the commission of a certain crime: in theory, a digital prevention system may be an ideal tool to prevent crime commission with the utmost diligence. If you look for automated solutions online, you will find heaps of offers that promise that compliance will be made easy: the RegTech phenomenon is already well established and generating huge revenues.

I am generally a fan of innovative solutions, but I question how much effort is required in translating compliance information into digital rules. As anyone who deals with artificial intelligence may confirm, the process is generally neither quick nor cheap.

I also wonder whether the field of compliance, based on ethical principles, and therefore inherently human centric, can benefit from a full digitalization. Some have warned against the risk of “brutalization of a workplace relations and worry that digital compliance systems “imitate predictive policing”.

Compliance requires sophisticated human judgment, and 0/1 binary codes are not always appropriate to automate complex decisions on human interactions based on ethical principles.

New Rules on Non-Profit Studies

Non-profit clinical studies have a new source of regulation: the Ministry of Health November 30, 2021 decree (“Non-Profit Decree”), repealing the December 17, 2004 decree.

The Non-Profit Decree applies to:

  • low-intervention clinical trials;
  • observational trials;
  • non-profit clinical trials provided that the following conditions apply:
    • The trial is not aimed at industrial or commercial developments of drugs;
    • The sponsor is a non-profit entity (if non-profit and profit sponsors coexist, then the trial falls outside the scope of the Non-Profit Decree);
    • The sponsor does not have title to the marketing authorization of the trial drug, nor has any economic relationships (cointeressenze) with the marketing authorization holder;
    • Data and results of the trial, as well as decisions over their publication, are exclusively of the sponsor.

The main novelty of the Non-Profit Decree is the possibility that sponsors of non-profit trials transfer the relating data and results, both in the trial phase and once the trial is completed, for registration purposes. Such transfer must be governed by a contract between the promoter and the transferee, the consideration of which is identified by a patent consultant jointly identified by the parties.

In the event of a transfer:

  • The transferee becomes the data controller of the trial data;
  • Costs associated with the trial, as well as fees due to AIFA and the competent ethics committees, which were waived in light of the non-profit status of the trial, must be paid; and
  • The proceeds of the transfer are allocated in favor of the sponsor (50%), a non-profit trial fund (25%) and a an AIFA fund (25%).

The transfer must be notified by the promoter to AIFA, the competent Ethics Committee and the trial centers involved.

The Non-Profit Decree also sets forth that observational studies require prior approval by the competent ethics committee and that AIFA will adopt new guidelines for the classification and conduct of observational studies on drugs.

In case of any non-profit trial on a study drug, the pharmaceutical company having title to the drug must share with the sponsor an updated copy of the drug dossier and any safety data on the trial drug must be shared between the pharmaceutical company and the sponsor.

The Non-Profit Decree opens new opportunities for non-profit sponsors: it remains to be seen if there will be an appetite to purchase data by private entities and if a price set forth by an independent expert will be an effective mechanism.

Re-Use of Research Data

It may now be easier for private companies to re-use research data generated by the public sector. Thanks to Italian legislative decree no. 200 of 2021 implementing Directive (EU) 2019/1024 of the European Parliament and of the Council of 20 June 2019 on open data and the re-use of public sector information, re-use of research data – whether for commercial or non-commercial purposes – may be carried out so long as intellectual property rights and privacy rights are respected.

In other words, if research data is anonymized and does not include intellectual property, free re-use is possible whenever such research data is generated from public funding and made available by researchers or research institutions through public data bases. Research data must comply with Findability, Accessibility, Interoperability, Reusability (FAIR) principles.

What is “research data”? Research data means “documents in a digital form, other than scientific publications, which are collected or produced in the course of scientific research activities and are used as evidence in the research process, or are commonly accepted in the research community as necessary to validate research findings and results”.

Are you in need of an example? “Research data includes statistics, results of experiments, measurements, observations resulting from fieldwork, survey results, interview recordings and images. It also includes meta-data, specifications and other digital objects. Research data is different from scientific articles reporting and commenting on findings resulting from their scientific research” (whereas no. 27 of the 2019/1024 Directive).

Certain scholars have pointed out how the principle of scientific open data is framed in terms that are too restrictive and continue to clash with intellectual property rights, database and algorithm protection.

While the push for reuse of research data may appear timid at this point in time, the EU seems in any case determined to continue its open data agenda through the Data Governance Act.

Only 1 Week until Go Live of EU-Wide Clinical Trials Information System

Remember the Clinical Trials Regulation? Much time has passed since its publication in 2014. No worries if your memory fails you: we have discussed the Clinical Trial Regulation at length in this article appeared on the Indian Law Journal of Law and Technology. If you prefer a shorter summary, you may read here what the European Medicines Agency has prepared for you.

The actual entry into force of the Clinical Trials Regulation depended on confirmation of full functionality of the Clinical Trials Information System (CTIS) through an independent audit, which occurred on April 21, 2021. Now, the go-live date for the CTIS will be on January 31, 2022. Information on the go live planning can be found here.

The Clinical Trials Regulation was born to address the prior directive’s shortcomings, and particularly to target the goals of harmonization and simplification in this field, also with a view of making Europe a competitive region in the global clinical trials market. Good luck to the CTIS: we hope the Clinical Trials Regulation keeps its promises!

Much HEALTH and happy holidays to you all!

As the second year of the pandemic draws to a close, it is easy to find reasons to complain: they sometimes come conveniently arranged in alphabetical order (Delta, Omicron…)!

But we also want to remember the many things we are grateful for: vaccines, for example, but especially your friendship and support in 2021.

May 2022 be a good year to you and your loved ones. May you face 2022 armed with hope, courage, empathy, resilience and joy.

The Gitti and Partners life sciences team.

U.S. vs Italy Healthcare Fraud Laws

I am happy to announce that the article that Marc Raspanti and Pamela Coyle Brecht of Pietragallo Gordon Alfano Bosick & Raspanti, LLP and I have authored has been published in Compliance Today: https://bit.ly/3Cs9HOI , a publication of the Health Care Compliance Association.
This is Part 1 of a three-part series discussing the similarities and differences between the U.S. and Italian healthcare fraud, waste, and abuse laws.
Keep an eye out for Part 2 and Part 3 of this series that will be published in the December and January issues of Compliance Today.