Category Archives: Uncategorized

Medical Device Regulation Webinar

On February 8, 2017 Paola Sangiovanni will be speaking at this webinar organized by FAST on the new EU Regulation on medical devices:

http://www.fast.mi.it/webinar_fast.htm

If you are interested in learning about this topic, consider registering here:

http://iscrizioni.fast.mi.it/eventi-a-pagamento/Regolamento%20europeo%20sui%20dispositivi%20medici

See you there!

Advertisements

Merry holidays and happy 2017! We’re moving and merging!

Dear Clients and Friends,

We are very pleased to inform you that, as of January 1, 2017, Studio Legale Bernascone e Soci – Italy Legal Focus will join forces with the law firm Gitti and Partners (www.grplex.com).

Gitti and Partners brings together talented attorneys who provide excellent independent legal advice in connection with complex and sophisticated transactions, some of which made history in the Italian market. After the combination, the firm will be powered by over 50 professionals with specific expertise in the areas of M&A/PE, Real Estate, Capital Markets, Banking & Restructuring, Litigation, Regulatory, Tax, Labour and Life Sciences.

Our clients will surely benefit from an increased spectrum of practice areas and industries’ focus, while continuing to rely on the excellence of client service that has always been a common feature of both firms”, commented Gabriele Bernascone, founding partner of Studio Legale Bernascone e Soci – Italy Legal Focus, whose roots trace back to 35 years ago and with a reputation as “an experienced and reliable firm” (The Legal 500, 2016).

As from December 30, 2016,  we will relocate to Via Dante 9, 20123 Milan, while our telephone numbers will remain unchanged. We are very excited by this new chapter of our professional lives and look forward to your continued support. We will continue to collect our reflections on law and innovation in this blog: stay tuned in 2017!

Best wishes from the blog’s contributors,

Paola Sangiovanni, Flavio Monfrini, Marco Bertucci

 

Is Privacy Really a Fundamental Right?

Privacy of individuals is framed as a fundamental right in the European Union. In fact, the new European Union Regulation no. 2016/679 reiterates this in the very first of its “whereas”.

Yet, it is clear to everyone that such “fundamental” nature is regularly questioned by various factors, and particularly:

  • Technological progress, coupled with people’s growing addiction to smartphones, allowing the collection of an amazing number of personally identifiable information and leading to big banks of intrusive data; and
  • Security threats that prompt governments to closely monitor citizens’ behavior.

Once upon a time courts were called to decide on how to balance conflicting rights. These days, the act of balancing privacy and other issues has become much more common and it is in the hands of a variety of subjects, such as data processors, who must carry out a data protection impact assessment according to Section 35 of the EU Regulation no. 2016/679, and data protection authorities, who provide both general guidelines and specific advice.

A couple of recent decisions by the Italian Data Protection Authority have led me to believe that the Authority is readier than before to accept that there are justified limits to the right to privacy:

  • On July 14, 2016, the Italian Data Protection Authority has decided that a bank is allowed to analyze behavioral/biometric information regarding its customers (such as mouse movements or pressure on the touch screen) as a measure to fight identity theft and internet banking fraud. Of course, a number of limitations have been set by the Authority, in addition to consent of the customer/data subject, such as specific safety measures, purpose and time limitations, and the segregation of the customer names from the bank’s IT provider.
  • On July 28, 2016, the same Authority has granted its favorable opinion to the use of a face recognition software at the Olimpico stadium during soccer games in order to check that the data on the ticket and the face of the person actually attending the event correspond. Provided that strong security measures are used and that the processing is carried out by police forces, the processing was deemed to be necessary.

A tougher stance, instead, is adopted by the Italian Data Protection Authority in cases of processing aimed at marketing purposes, as in this decision, for example. (I note, however, that the code of conduct applying to data processing for the purposes of commercial information that will enter into force on October 1, 2016, blessed by the Italian Data Protection Authority, continues to allow the dispatching of commercial communications to individuals whose personal data is included in public listings, even without the data subject’s express consent).

Balancing rights and interests is inherent to law and justice. It remains to be seen, considering the obvious (and absolutely reasonable) limitations to which the right to privacy is subject, if it will continue to make sense to frame it as “fundamental” right.

The Italian Administrative Supreme Court Opens New Perspectives for Therapeutic Equivalents

By rejecting an appeal from Novartis, the Italian Administrative Supreme Court, with its decision n. 1306 of April 1st, 2016, focused on the notion of therapeutic equivalence under Italian law. Having underlined the difference with the concept of bioequivalence and having broadened its possible future application, the decision is likely to push forward the trend of public health care institutions to increase competition between pharmaceutical companies in the context of public tender offers, possibly for the benefit of taxpayers and patients.

The controversy arose from an opinion issued by the Italian Medicines Agency (“AIFA”) which, in a tender procedure held by Tuscany region, evaluated the drug Lucentis by Novartis (active ingredient ranibizumab) as a therapeutic equivalent to Eylea by Bayer (active ingredient aflibercept). This allowed the regional public administration to have the said drugs compete against each other in the same tender offer.

Debates as to whether Lucentis and Eylea are equivalent in terms of functions are not indeed new in the pharmaceutical scene and have caused many headaches to Novartis, let alone the critical issues raised in relation to Lucentis by the Italian Antitrust Authority.  Not a surprise, then, that Novartis tried to defend its product, alleging the illegitimacy and erroneousness of AIFA’s evaluation, which stated that the cheaper option by Bayer (Euro 780) is equally safe and effective in the treatment of macular degeneration as it is its more expansive (Euro 902) drug.

Novartis, nevertheless, failed in its claims. The Italian Administrative Supreme Court confirmed the validity and correctness of AIFA’s evaluation, together with the decision of the lower court, affirming, inter alia, that:

  • therapeutic equivalence is different from bioequivalence because the latter implies the identity of the active ingredient whether the former does not (indeed, FDA’s indications on the issue are rather similar);
  • the authority of AIFA in determining therapeutic equivalence is legitimate under Italian law;
  • evaluations regarding therapeutic equivalence cannot be based exclusively on the products’ leaflet: they are instead well motivated if they verify that (i) the drugs belong to the same Anatomical Therapeutic Chemical class; (ii) the drugs are subject to a similar route of administration and (iii) the drugs release the active ingredient in comparable ways.

Therapeutic equivalence, as it has recently emerged from Italian legislation and case law (in particular, from the decision discussed herein), is seen as a threat by pharmaceutical companies, unnerved by the increased competition effects.

Indeed, the debate has been escalated to a more general level by the Italian association of pharmaceutical companies, which challenged in many ways AIFA’s guidelines on therapeutic equivalence. As a consequence, a few days ago AIFA precautionary suspended for ninety days the said guidelines.

It looks like the match has just begun. Nevertheless, pharmaceutical companies should consider carefully on which side they should play. In fact, the expansion of the application of therapeutic equivalence, as a general trend, does not seem to be stoppable in a constant spending review context. Perhaps pharmaceutical companies should positively contribute to shape, rather than to stop, therapeutic equivalence and exploit its potential for the business in terms of new opportunities to access tender offer procedures.

Interview with Diana Saraceni of Panakés Partners

This post features an interview with Diana Saraceni, founder and managing partner of PANAKÈS PARTNERS , a venture capital investor that finances medical companies, early stage startup and SMEs in Europe and Israel.

Why does Panakés Partners focus on Med-Tech?

Life sciences, especially Med-Tech, have always been an innovative and growing sector. Improving health conditions is one of the goal of developed countries, and new challenges will always face us. Considering this highly changing environment, start-ups and small companies appears to have the best structure to generate innovative solutions. In Europe there are several areas of excellence in technology and chemistry, the ideal environment where promising Med-Tech start-ups can develop. Moreover, European regulatory system has faster and easier protocols for companies to get CE mark and go to market, especially compared to the American system, where FDA approval requires more efforts, both in economic and clinical terms, to enter the market. Lastly, if we consider that western countries invest, on average, 10% of GDP every year on health services and that medical and pharmaceutical enterprises are the most active in acquiring start-ups, the great opportunity Med-Tech represent for us becomes evident.

What are the specific areas where you expect more growth in the future?

Considering the ageing of population and the need of hospitals to optimize their resources and reduce costs, we expect a great demand for technologies designed for home healthcare and chronic pathologies management. These new solutions will allow patients to receive their treatment directly at their own home, letting hospitals to focus their resources on acute pathologies treatment. Furthermore, we are confident that there will be a significant growth in all technologies aimed to a minimally invasive medicine. We are talking about in vitro diagnostics systems or robot-assisted surgery, which will substitute, or at least reduce, tissue biopsies and traditional surgery. Lastly, we expect a great increase in solutions for personalized therapies. These technologies, which combine genetic profiling to Big Data algorithms, will help physicians in the definition of therapies specifically tailored for every patients, increasing the probability of success.

Which countries appears to have the best factors (in terms of legislation, culture, access to funding and applied research) that helps fostering innovation?

By tradition, Anglo-Saxons countries are the ones with a more innovation-oriented policy. Everyone who has interesting ideas is encouraged in developing them, entrepreneurs never stop to look for new opportunities and skip from one project to another, as if they have not realized anything yet, legislation offers benefits to support the creation of new companies. These are the reasons why realities such as incubators and venture capital funds were born and are widespread in these countries. Regarding the specific case of Italy, we can state that the presence of top-class engineers and the excellence of Italy in clinical research in several areas, combined with lower costs than the other developed countries, are the main factors for the success of many Italian start-ups.

Which challenges lay ahead of you?

We received hundreds of requests of funding from companies all over Europe. Now, our main challenge will be to select the most promising ones, both in terms of proposed technology and feasibility of the project. Furthermore, we need to enlarge our network, in order to reach more companies and to find those ones whith the potentiality to change the status of medicine and build up more success stories out of Europe. We like to think of Panakés as a highly entrepreneurial start-up from a certain point of view, with great opportunities and successes just waiting for us!

 

Drones and Privacy: Risks and Recommendations.

Drones Are Increasingly Used in the Civil Field. The civil use of drones is increasing, as also witnessed by the DRONITALY event that will be hosted near the Milan Expo in late September. And attorneys who are contributors to this blog find it certainly exciting when new technologies become widespread and thus present legal challenges!

When a new technology starts to become mainstream, the lack of adequate legal provisions is often deplored. In truth, the interpreter needs to take a deep breath and (i) identify the applicable laws, as well as (ii) understand the unique risks entailed by such novel technology, while comparing them with previous technologies. In the case of unmanned vehicle systems, commonly referred to as drones, it does not look like the applicable rules are lacking, but they are simply difficult to apply.

EU Data Protection Authorities Scratch Their Heads Together. The data protection authorities of the European Union, who work together within the “Article 29 Data Protection Working Party”, have recently tackled the issue of drones. The June 16, 2015 opinion by the “Article 29 Data Protection Working Party” (“Opinion”) is especially interesting because of its solid logic approach, which starts with a careful analysis of potential data protection risks linked to the increased use of drones, goes on to finding specific issues that are unique to drones, and ends with a number of recommendations to operators, manufacturers, regulators and law enforcement officials.

Unique Challenges to Personal Data. Drones are aerial vehicles that can be used for a host of activities (including – as pointed out by the Opinion – dull, dirty or dangerous operations, also known as “3D”). The Opinion is careful in pointing out that the use of drones per se is not problematic: it is the possibility to equip drones with recorders of audio and video data that poses challenges to privacy. Additionally, drones overcome obstacles such as walls or fences, and small drones may even enter buildings. Subjects whose data are recorded are often unaware of the processing of their data and, if they are or suspect that they might be, this may trigger a “chilling effect” on their conduct. In short, the principles of purpose limitation, data minimization and proportionality are at risk. Therefore, the Opinion strongly encourages a data protection impact assessment to check how, given the circumstances, the processing of data by a drone may impact the privacy of interested subjects. The assessment must start early on, and the rule of data protection by design must be respected by manufacturers and users. Such assessment must take into account:

  • The Applicability (or Inapplicability) of Exceptions. When personal data is processed by sensors installed on the drone, there is no doubt that data protection legislation applies. The exception for personal data processed in the course of a personal or household activity is never compatible with the sharing of such data on the internet. Law enforcement may also be found as a legal basis for processing, but it must be lawful, necessary and proportionate: indiscriminate surveillance is not acceptable.
  • Informed Consent. Freely given, specific and informed consent is difficult to achieve when it comes to drones. The Opinion suggests to try anything that may work (they, more elegantly, talk about a “multi-channel approach”): from signposts to symbols, signals, lights, registration marks or the publication on the internet of information on drone activities, so that a specific drone can not only be detected by interested subjects, but also linked to a certain data controller. Other grounds for lawful data processing may be found depending on the circumstances, such as performance of a contract to which the data subject is a party (e.g., security services offered through drones only recording the data subject’s property), processing to protect the vital interests of the data subject (e.g., rescue of victims of accidents) or for the purposes of a legitimate interest (e.g., wildlife research).
  • Security Measures. Personal data gathered must be safely stored and communicated (encryption is encouraged).
  • Anonymization or Deletion of Data. Data must not be kept for a period that goes beyond what is necessary to fulfill the purpose of the processing. Data must be accessed only on a limited basis and anonymized or deleted as soon as possible.

Many of the legal issues connected with drones are similar to those arising in case of video surveillance, already tackled by the Italian Data Protection Authority in 2010, with the notable exception that providing information to data subjects may prove to be much more challenging in case of aerial vehicles that fly at a distance.

Less Open Tenders in e-Health Government Contracts?

In Italy, general principles on government contracts mandate that the provision of services to public administrations must be preceded by the issuing of a public tender allowing various companies to transparently compete for the job. This blog has recently discussed a couple of court decisions that in fact confirmed and further strengthened such principle.

However, a recent decision by the Consiglio di Stato, the higher court which is competent for administrative matters, seems to go in the opposite direction in a case regarding services linked to digital health.

The facts of the case relate to the Lecce health center, located in Puglia, Italy, which assigned to a certain firm the tasks of providing maintenance IT services in the fields of RIS (Radiology Information System) and PACS (Picture Archiving and Communication System). The same firm had previously provided IT maintenance in the RIS-PACS field, was the exclusive authorized reseller of the concerned systems and was in charge of the integration of other IT systems already in place the health center. Given such qualifications, the health center refrained from issuing a public tender and instead used the tool of the “negotiated process” with such IT firm only, which is allowed when, due to technical reasons, the supply contract can be assigned only to a single firm. The petitioner of the case, on the contrary, argued that any other qualified IT company was able to integrate and maintain the IT systems.

What is interesting to note is that the Court gives weight to the “special complexity” of the services constituted by the shift to a digital imaging system: under such view, e-Health is viewed as a field fraught with risks (on data, and ultimately on patients), thus allowing to recur to the exception constituted by the “negotiated process” rather than to rely on the rule of open tenders.

TO REIMBURSE OR NOT TO REIMBURSE? A recent judgement on scientific evidence and appropriateness of care.

A judgment by the Italian Supreme Court published on April 10, 2015, determined that an alternative cure must be covered by the Italian National Health Service even in the absence of compelling scientific evidence as to its efficacy.

Health is protected by Italian law as a fundamental right of the individual, as well as a collective interest of the community, and dignity and freedom of the human being must always be respected. These general principles are enshrined in the Italian Constitution (section 32) and in section 1 of Legislative Decree no. 502/1992. Therefore, the right to health is framed as an absolute and fundamental right, a theoretical approach that – given the many restraints affecting patients’ access to care – may appear almost fictional.

Further, Italian legislation sets forth that the National Health Service must offer uniform essential levels of care and assistance, taking into account human dignity, equal access to care, quality and appropriateness of therapy, as well as economic factors. (These latter economic factors often appear most pressing, as patients affected by hepatitis C are currently learning!).

With regard to reimbursement, the Italian National Health Service must cover assistance services which show, for specific clinical or risk conditions, scientific evidence of a significant health benefit, from an individual and collective standpoint, compared to the resources employed. Such concept is often called “appropriateness” and is something with which doctors, hospitals, patients and authorities struggle daily. Nobody will deny that all the above mentioned factors are of primary importance, but balancing them can be difficult in practice.

The recent decision by the Italian Supreme Court (Corte di Cassazione, judgement no. 7279 of 2015) determined that a quadriplegic patient was entitled to free access to a non conventional therapy (so called “DIKUL” therapy), even in the absence of compelling scientific evidence as to its efficacy, when it was proven that the patient benefited from it through a sworn appraisal of a Court appointed expert. The Court pointed out that, while no compelling scientific evidence was offered, the efficacy of the therapy was in doubt, but not openly proven as not efficacious.

In its reasoning, the Court reiterated the higher hierarchy of the constitutional right to health over the discretional administrative decision of the hospital to administer a certain therapy. Further, the Court emphasized that the efficacy principle set forth in Italian law may be based on actual benefits to the patient brought by the DIKUL therapy: the mere absence of available scientific evidence in favor of the DIKUL therapy was not sufficient to deny its access to the patient. Only if there had been scientific evidence proving that the DIKUL therapy was inefficacious, then its reimbursement could have been denied.

We have already commented on the infamous Stamina case in this blog, a case where the well intentioned desire of Courts and Parliament to help otherwise helpless patients prompted the recourse to a therapy which completely lacked any scientific basis and breached many legal provisions actually aimed at protecting patients (e.g., GMP manufacturing requirements, informed consent of patients).

The recent Supreme Court decision confirms the sometimes difficult relationship between scientific evidence and access to a certain therapy, particularly in cases of patients affected by diseases for which there are limited therapy options.

Italian Corporate Criminal Liability 101: Basic Facts You Should Know

Are Companies Criminally Liable under Italian Law? Yes!

Legislative Decree no. 231/2001 (the “231 Decree”) has introduced in Italy the principle that companies are responsible for crimes committed by:

  • Individuals vested with powers of company’s representation, control, direction, or management;
  • Individuals subject to the authority or control by the above-mentioned individuals, including employees, consultants, non subordinate employees and whoever acts on behalf of the company.
  • As a result, a company may now be considered liable for crimes committed by individuals in the interest or to the benefit of the company (while crimes committed by individuals in their exclusive interest or in the exclusive interest of third parties do not trigger company’s liability). The company’s liability is separate and distinct from the liability of the individual who committed the crime.

Which Crimes Trigger Liability? Several (not just corruption!).

The 231 Decree lists a number of crimes for which companies may be liable, which include:

  • Corporate crimes;
  • Crimes against public administrations;
  • Crimes against the dignity of individuals;
  • Conspiracies and terrorism;
  • Crimes arising out of breach of laws protecting the environment and health and safety at work;
  • Crimes related to criminal associations;
  • Money laundering.

Which Sanctions Apply? Monetary and blacklisting sanctions.

If a company is found liable, the following sanctions may apply:

  • monetary sanctions up to a maximum amount of Euro 1,549,370.69 (and precautionary seizure of the price or profit arising from the crime),
  • blacklisting sanctions (applicable also as a precautionary measure), with duration between 3 to 24 months, which can consist of, inter alia, the prohibition to conduct the Business’ commercial activity, the prohibition to contract with the public administration, the prohibition to advertise goods or services, seizure, or the publication of the court’s decision (if a blacklisting sanction is applied).

Are There any Grounds of Exemption from Criminal Corporate Liability?  Yes!

A company is not liable pursuant to the 231 Decree if it proves that:

  1. The management has adopted and effectively implemented a so-called Organizational Model’ in order to prevent the commission of the criminal offences listed in the 231 Decree by subjects acting on behalf of the company;
  2. The company has established an internal body (‘Compliance Committee’) entrusted with the task of supervising the proper functioning and update of the Organizational Model, as well as the actual compliance by all those who must abide by it;
  3. Crimes were committed by individuals vested with management powers who have fraudulently avoided compliance with the Organizational Model;
  4. The Compliance Committee has not omitted to perform, or negligently performed its supervision duties.
  5. This explains why companies operating in Italy typically devote substantial resources in the setting up of an Organizational Model.

How to Set up an Organizational Model?  Risk assessment, gap analysis, preventive measures.

In order to prepare an Organizational Model the following process is usually followed:

  1. Examination of areas of risk: on the basis of the company’s Organizational Model and relevant job descriptions, the risk of commission of each crime set forth in the 231 Decree is assessed.
  2. Analysis of existing procedures: all existing procedures and ethical principles are reviewed in order to identify procedures that may reduce the risk of commission of the crimes.
  3. Possible implementation of new measures: should the analysis of existing procedures lead to conclude that some of the risks are not properly reduced, new procedures should be implemented.

The Organizational Model must be Effective A compliance program on paper will not help!

Once a company has adopted an Organizational Model by means of a resolution of the Board of Directors, the company must ensure that it is effectively implemented, that employees and other individuals acting on behalf of the company are duly trained on the model and that any breach of the Model is sanctioned.

In particular, the appointed Compliance Committee must actively supervise the effective functioning and adequacy of the Model on an ongoing basis and in independent fashion. The Compliance Committee is generally in charge of:

  • Monitoring the activity carried out within the company and the areas considered at risk;
  • Assessment of the actual implementation of, and compliance with the Organizational Model;
  • Cooperation and consultation with the management as regards the application of disciplinary sanctions to employees in the event of breach of the internal procedures provided by the Organizational Model.

The last event of our HEALTH INNOVATION ACADEMY is coming up!

On May 21, 2015 our HEALTH INNOVATION ACADEMY series will hold its last event. Join us to hear speakers on the topic of networks for innovation at Via Francesco Sforza 28, Milano (Aula Milani) followed by drinks.

As always, the event is organized in cooperation with the hospital IRCSS Cà Granda – Ospedale Maggiore Policlinico di Milano and with Politecnico di Milano – e-Health LAB – Informatica BioMedica e Sanità Digitale

To find out more about the May 21 program or about HEALTH INNOVATION ACADEMY’s past events, click here: http://healthinnovationacademy.weebly.com/reti-dellinnovazione.html