Over the past several years, life sciences companies have been forced to confront a growing number of governmental laws and industry self-regulatory codes that require them to disclose their financial relationships with healthcare professionals (“HCPs”). This transparency movement began in the United States with State-level reporting and the passage of the federal Sunshine Act (“US Sunshine Act”) in 2010, under which companies first submitted reports in 2014. Although the rest of the world has been influenced by the US Sunshine Act, governments that have chosen to pass laws have taken different approaches to key reporting issues, as have industry groups in adopting self-regulatory reporting requirements. These conflicting and burdensome reporting requirements have created many challenges for life sciences companies and injected new risks into the relationships that they have with HCPs, both in the United States and around the world.
The US Sunshine Act requires pharmaceutical and medical device companies to annually report the transfers of value and payments they make to physicians and teaching hospitals. That information is then made publicly available on a federal government website. Typically, after the reports are made public, there is press coverage of the amounts reported by specific companies or the amounts provided to certain HCPs. Often, the coverage paints either industry or HCPs, or frequently both, in a negative light, which may lead to reputational damage.
The transparency movement quickly expanded to Europe where several governments, including France, Denmark, Slovakia, and Portugal, enacted their own Sunshine laws. These laws differ from each in key areas, including whether they apply only to pharmaceutical companies or also medical device companies, the information that must be reported, and the frequency of reporting.
In view of the passage of Sunshine laws in the United States and some European countries, the European Federation of Pharmaceutical Industries and Associations (“EFPIA”), which represents the innovative pharmaceutical industry, adopted a Disclosure Code in 2013. This Code, which was transposed by EFPIA’s national member associations into their own codes, was an effort by EFPIA to provide a consistent approach to transparency reporting across Europe, with the hope that such a self-regulatory measure would convince governments that they
did not need to pass their own laws and create even more of a patchwork system of Sunshine reporting. The EFPIA Disclosure Code, which applies to EFPIA’s member companies, requires companies to publicly disclose certain transfers of value to HCPs and healthcare organizations. The first year of data collection was 2015, and companies disclosed their first reports in 2016.
Because EFPIA’s Disclosure Code is a self-regulatory initiative and not a law, and due to the data protection rights afforded to European citizens, companies must obtain consent from HCPs to report their transfers of value at the individual level. For those HCPs who do not consent, companies must report all of the transfers of value they received at the aggregate level. This consent issue has posed several challenges to industry.
First, companies must ensure that they properly obtain consent in accordance with European data protection laws. If a company fails to properly obtain consent from an HCP but nonetheless publishes transfers of value to that HCP at the individual level, that company could face significant civil sanctions, and perhaps even criminal penalties in some countries. Second, beginning in May 2018, the data protection framework in Europe will be dramatically changed, as the General Data Protection Regulation (“GDPR”) takes effect. The GDPR is intended to bring more consistency and harmony across Europe to the topic of data protection, but companies will be forced to change their existing contracts and processes of obtaining consent to comply with the GDPR. This issue is imperative for companies because the GDPR contains significant monetary penalties.
A third challenge concerns the criticism that industry faced from the media and other stakeholders after the first round of disclosures for “low” consent rates. In that regard, consent rates in some countries were below 20%, and many others were below 50%, which led to a significant amount of data being reported at the aggregate level. Because governments and other stakeholders want transparency at the individual level, there is a concern that more governments will pass Sunshine laws if consent rates do not improve.
Other industry groups in Europe have taken different approaches to transparency. MedTech Europe, which represents the medical device and in vitro diagnostic industries, has chosen to phase out direct sponsorships of HCPs to participate in educational conferences organized by third parties as of January 1, 2018. However, certain European laws apply to the medical device industry, and a few medical device industry groups have chosen to impose reporting requirements on its members. Medicines for Europe, which represents the generic and biosimilar industries in Europe, has adopted disclosure provisions for its members, and first reports are due in 2018 for 2017 data.
The transparency movement has expanded to Australia, Japan, Korea, and Indonesia, in the form of either industry codes or laws. Additionally, a State in Brazil adopted a transparency law and there is a pending Sunshine regulation in Saudi Arabia. Transparency has recently become the subject of debate in Canada in the wake of ten pharmaceutical companies voluntarily disclosing aggregate data about their financial relationships with HCPs in June 2017. Critics claimed that the aggregate disclosures were insufficient and have called on the federal government to pass a Sunshine law.
As the global transparency movement expands, so too will the risk for life sciences companies. There are risks associated with simply complying with the governing requirements, and potential sanctions for violations. There are risks of reputational damage resulting from negative reactions to the amounts that companies report for their interactions with HCPs. And in countries where companies must comply with data protection laws, there are a number of risks that flow from application of those laws and the penalties that can be imposed for non-compliance.
Finally, it is important to highlight another risk: anti-corruption concerns. Obviously, any financial relationship that a life science company has with an HCP implicates those considerations. However, the fact that companies are now publicly disclosing their financial relationships with HCPs increases the possibility that those relationships will be scrutinized by government officials and perhaps even used by prosecutors in criminal or civil actions. That happened for the first time in the United States in 2016, as federal prosecutors in New York announced that two former pharmaceutical company employees had been arrested for participating in a kickback scheme. The defendants were charged
with violating the Anti-Kickback Statute relating to their scheme to compensate HCPs for participation in sham educational programs to induce those doctors to prescribe their company’s product. In supporting documents, a Special Agent with the Federal Bureau of Investigation stated that he reviewed the publicly available Sunshine data concerning payments made to specific physicians by the former
employees’ company. From that review, the Special Agent determined that the company had “highly compensated” certain physicians for participation in speaker programs. The Special Agent also reviewed Medicare Part I billing records to ascertain that the physicians who had been revealed to be “highly compensated” were some of the top prescribers of the company’s product.
Although this is the first time that Sunshine data has been used by the government in a prosecution, it is highly unlikely to be the last. The trove of data available pursuant to the US Sunshine Act and in other transparency reporting programs around the world can potentially be utilized by government prosecutors in a variety of ways, including building bribery cases, corroborating a whistleblower’s allegations, or supporting a pre-existing investigation into other types of company misconduct. This concern is especially heightened when companies interact with HCPs outside of the United States, as those HCPs are frequently considered government officials.
In sum, the transparency movement will continue to grow around the world. Whether reporting requirements are imposed as a result of either government laws or industry codes, those obligations will affect how industry financially supports HCPs and, in some instances, may jeopardize relationships with HCPs. The transparency obligations also create new and heightened risks for companies with respect to data privacy and anti-corruption issues, all of which further increase the compliance burdens that companies face and affect the relationships that they have with HCPs and how they collaborate with them.
The authors Brian Sharkey and John Oroho are part of Porzio Life Sciences which offers a portfolio of products and services to help companies remain compliant with complex state, federal and global regulations governing marketing and sales in the life sciences industry. Contact PORZIO, BROMBERG & NEWMAN, P.C. www.pbnlaw.com
