In June 2012 the European Medicines Agency announced that they are working with other EU health agencies to investigate deficiencies in safety reporting at Roche. This followed an inspection by the UK regulatory body (MHRA).
The issues revolve around a Roche-sponsored patient support programme in which there appeared to be some 80,000 safety cases that may not have been evaluated to determine whether or not they should be reported as suspected adverse reactions. This included 15,161 deaths. Whether they were due to the natural progression of the underlying disease or whether there was a link to the medicine involved is not known. There also is a question of whether about 23,000 plus “natural medicines” cases were evaluated and reported. The issue was raised to the senior EMA bodies and Roche was asked to submit a corrective action plan to evaluate all outstanding cases. This was a US patient support program – not a European one. https://www.ema.europa.eu/ema/index.jsp?curl=pages/news_and_events/news/2012/06/news_detail_001539.jsp&mid=WC0b01ac058004d5c1
There is yet no evidence that the public health was jeopardized and the MHRA felt obliged to issue a statement:
“Prof Sir Kent Woods, Chief Executive of the MHRA, said: Patients should continue to take their medicines because our investigation into Roche has currently found no evidence of a safety risk to patients.
“Roche’s actions are unacceptable and our investigation has identified that Roche’s reporting systems are inadequate. We are taking urgent action to ensure that these are rectified by Roche as a matter of priority.” https://www.mhra.gov.uk/NewsCentre/CON155772
In October, 2012 the EMA started an “infringement procedure” which is an investigation to see whether a particular European regulation (EC 658/2007) was violated. The outcome will be sent to the European Commission (one of the senior EU bodies that deals with all EU matters not just health issues). The announcement also states that this “does not prejudge the outcome of the investigation.” https://www.ema.europa.eu/ema/index.jsp?curl=pages/medicines/human/public_health_alerts/2012/10/human_pha_detail_000068.jsp&mid=
The issues are under investigation and Roche has indicated that they are acting on the findings and putting in place corrective and preventive actions. The discussion here in Bart’s Corner is not about the particular Roche issue but rather about what lessons we can take from this and other similar, sad situations.
Several important lessons for companies, health agencies and even the public and health practitioners can be drawn. These comments are drawn from many audits and mock inspections I have done, had done on me when I was in corporate drug safety positions and from the public domain review of Warning Letters and the like
1. From a high level perspective, if a company “gets in trouble” whether it is real trouble or just the appearance of trouble and whether it is their fault or not, the scenario that ensues will be painful and drawn out over a long time. Everyone will suffer. There will be public statements which cast the offender in a bad light even if there are no conclusions drawn. Although the offender may be innocent until proven guilty, the implications of guilt (“where there is smoke there’s fire”) are the natural and unfortunate views of many readers. Watch the benefit risk balance and, at least in the world of drug safety, avoid unnecessary risk and even the appearance of risk or misbehavior.
The lesson: Do the right thing and try to avoid getting into a position where one must “prove one’s innocence”. Don’t cut corners. Try to centralize all drug safety programs, databases etc. in drug safety – avoid “parallel groups” doing drug safety and PV. Prevention is always better than remediation.
2. Be very very careful about patient-support programs, special systems, special situations, named patient “studies” and the like. Many companies set these up in a country (e.g. the US), negotiate special terms or “waivers” for reporting with the health agency in that country (e.g. FDA) forgetting that as a global company they may or must report some or all of these cases to the EU, Canada, Australia etc. That is, they forget about other country where the drug is marketed and where they still have to report cases. A waiver from FDA does not mean a company is freed from reporting in their other markets. In fact one can generalize this to state that for a drug marketed (or approved) in many countries anything done in one country that produces safety reports (adverse events) must take into account obligations abroad. Just because FDA gives a waiver does not mean the EU will. In fact, the EU might not even be aware this is a “special situation”. Conversely, sometimes a far away country may set up a special program and “forget” to tell headquarters and thus putting the whole company in jeopardy in the US, EU and elsewhere.
This is a common situation that I have seen in multiple audits and mock-inspections that I have done. Often it is simply the lack of awareness of a local product manager or company researcher that his/her little support program has worldwide implications. Sometimes these “special situations” are not made known outside the country in which they are being done! In a multi-national company this is a sure way to get in trouble.
The lesson: Companies must be aware of every “special situation” they have in which AEs may come in. This applies everywhere in the world where the company has an approved NDA/MA and this applies to partners, co-marketers etc. They must ensure that all AEs are collected and handled appropriately.
3. Every AE that comes into the company from whatever source must be documented in a database (either the safety database or a triage database), triaged, examined, and handled appropriately. That is, each case must be examined to see whether it really does belong to your company or must be sent to another company. It must examined for reportability to ALL health agencies where there is an open IND/NDA/MA etc. Remember, a waiver to avoid reporting in the US does not apply outside the US. The worst possible scenario (which the author has seen more than once) is to put AEs/SAEs that are received into a box and either never examined or only looked at superficially and not acted on.
The lesson: All AEs that come through the door must be databased and handled appropriately. Document everything.
4. All AEs must be used for signaling whether they are fully validated or not, whether they are reportable to the FDA, EU or not etc. See The Guideline on Good PV Practices from the EU Module VI page 12. https://www.ema.europa.eu/docs/en_GB/document_library/Scientific_guideline/2012/06/WC500129135.pdf .
The lesson: Use all data (validated or not) for signaling. You are not obliged to give bad or incomplete data equal weight (or even any weight at all) but you are obliged to look at it and evaluate it.
5. Do not let others in the organization run parallel or separate drug safety databases or safety collection systems. There are several instances where another department (e.g. sales) kept a separate database of adverse events they received and did not forward them on to drug safety. Not only will this produce missed cases but the databases will have to be reconciled. It is also likely that the secondary database is not validated. This will put the company in serious regulatory jeopardy and may put public health at risk.
The lesson: One safety database only; one drug safety “system”. If more than one, reconcile, reconcile, reconcile.
6. Big companies as well as small companies can get into pharmacovigilance trouble if they do not follow the rules. Don’t presume everything is shipshape. Companies must now do periodic quality audits of their PV systems, vendors’ systems and any other groups that handle safety matters. Quality systems must be in place. Examine your SOPs and make sure they are complete and up to date. Do they cover all parties inside and outside the organization who deal with drug safety?
The lesson: Nobody is immune from problems. Things change and a good, compliant system today may not be so tomorrow. Make sure everyone in the company understands the safety obligations. People and jobs change. “Stuff happens.” Enlist allies in this: particularly the legal and regulatory departments.
7. Finally, if you are in the unfortunate position of having to explain safety lapses and worse to the press, health agencies, the CEO and others, do whatever you have to do to rectify the situation as rapidly as possible. Use external crisis managers if necessary who may be better able than internal personnel to convey the hard messages to management.
The lesson: When you’ve dug yourself into a hole, stop digging.
