Transparency and responsibility regarding medical-scientific information on the web
The Italian version of this article has been published on November 29, 2022 on AgendaDigitale.eu, within our “Legal Health” monthly column.
On September 28, two international pharmaceutical industry associations, the IFPMA (International Federation of Pharmaceutical Manufacturers and Associations) and the EFPIA (European Federation of Pharmaceutical Industries and Associations), published a Joint Note for Guidance on social media and digital channels (“Guidance Note”) to guide the work of pharmaceutical companies that use the web to provide doctors and patients with information about their products and the illnesses they are intended to treat.
Medical-scientific information on the web: New guidelines
This document supplements Attachment 2 to the EFPIA Code titled Principles for the use of digital channels by providing additional information about certain aspects and types of online activity.
We consider the Guidance Note important, not because the information it contains is so new and different, as that information was already available in the existing regulations and codes of conduct, but because having it laid out in such a clear and systematic fashion helps to bolster transparency and generate faith in those working in the sector.
Key principles
Some of the key principles regarding digital communications for pharmaceutical companies found in both the Guidance Note and Attachment No. 2 to the EFPIA Code are transparency and responsibility.
Transparency
Based on the principle of transparency, companies must clearly indicate when they have created or sponsored a form of communication. This is a key regulation found in the EFPIA Code and in the national Farmindustria Code. This rule is the basis for common expressions such as “With the unconditional contribution of” that a company uses to indicate that it has solely supplied economic support for a certain activity (including online activities) without determining content or setting other types of conditions.
Responsibility
The principle of responsibility is the basis for making companies responsible for content originated, branded, and/or sponsored by the companies themselves or third parties acting on their behalf that is disseminated online (including on social media).
Company responsibility relates to (i) digital security, which includes user data protection; (ii) sufficient monitoring; (iii) online activities conducted by company employees; and (iv) pharmacovigilance.
Monitoring employee online activities
In relation to the responsibility to provide sufficient monitoring, one basic concept is that a company is not required to perform general monitoring of activities conducted by independent third parties or on digital channels that are not connected to the company.
While this principle is widely endorsed, it should also be noted that when communication stemming from a completely independent context becomes associated with the company, for example via a hashtag, the company then becomes aware of the content and can be held responsible for it if it is inappropriate, and the company does not take any steps.
With reference to responsibility for online work of its own employees, a company shall be considered responsible for communication by its employees that appear to be formulated to represent the company or is shared at the company’s behest or under its approval or facilitated by it.
Finally, in certain scenarios a company is responsible for pharmacovigilance of information disseminated online about its products.
The Guideline on Good Pharmacovigilance Practices (GVP) indicates that holders of marketing authorizations must regularly check the Internet and digital media under their management or responsibility for any indications of suspected adverse reactions.
Guidelines for specific activities: Websites
The two documents in question focus on major digital channels, providing guidance on rules to consider for each. For websites, they stress the fundamental idea that access to sites that contain information of a promotional nature about products must be limited to medical personnel and password protected (or protected by disclaimers in the case of medical devices).
Strict rules for scientific promotion
Also of interest is the very recent AIFA document (from September 2022) with a Q&A on scientific information that calls for companies that conduct online scientific promotional activities to follow strict rules to avoid having them reach the general public or in any case parties other than those for whom they are legitimately intended through any channel, including the Internet.
Therefore, given that on the web it is easy to access the identifying personal and professional information for doctors and pharmacists, the procedure for enrolling to access specific confidential pages must incorporate appropriate methods for ascertaining the real identity of the user. The relative documentation must be kept on file for potential AIFA oversight.
Okay for web information on medicines
That said, pharmaceutical companies do have the opportunity to publish on their own Internet sites, albeit in pull and not push mode[1] and without reworking, the brand names of their medicines, including prescription medicines, with package inserts and any SPCs, as they are considered informational and not promotional communication.
Blogs, forums, and social media
For the sake of simplicity, we are looking at this category as a single entity, though it is actually quite varied. What all these digital channels share is the fact that users can interact on them. They may be open or closed channels; for closed channels, the information above on the need to ensure that only the intended recipients can gain access applies.
Responsibility always applies
In this context, especially when a platform is created and run by a third party on a company’s behalf, particular attention must be paid to establishing the role of the company itself, with the principle of responsibility mentioned above kept in mind at all times.
Indeed, it is clear that if a pharmaceutical company establishes content and provides materials and selects, contracts with, and directly compensates the creators, then it bears full responsibility for what occurs on the platform and therefore must directly handle monitoring procedures and act promptly in case of inappropriate content.
However, should the company not do any of the above because those activities are completely under the control of third parties that run the platform and the company solely provides economic support, the company’s responsibility may be mitigated. However, this must be evaluated on a case-by-case basis, as the dividing lines for various responsibilities may be subject to change.
Podcasts and webinars
For podcasts and webinars, if informational product material is provided, it must be handled like promotional material for all purposes and therefore filed with the AIFA using standard procedures.
Additionally, it is the responsibility of the company to differentiate promotional documentation from documentation that is not subject to the measures that govern medicinal product advertising to be filed with the AIFA.
Recommendations for online pharmaceutical companies
In consideration of the above, for better management of their online presence, pharmaceutical companies are counseled to adopt appropriate guidelines geared to governing and organizing certain internal processes. It is recommended that they adopt the following:
- social media policy, meaning internal procedures for monitoring online activities with the goal of providing criteria for monitoring and moderating online channels, indicating if and under what circumstances content should be considered inappropriate and therefore removed;
- guidelines and training for employees on criteria for sharing content on their own profiles relating to their professional experience and company activities;
- procedures and employee training related to pharmacovigilance activities to be performed in relation to social media and digital channels to ensure the necessary monitoring and reporting.
Finally, contractual agreements with third parties that are not active in company digital activities are key and must establish the various roles and responsibilities of the parties.
[1] Meaning that the information must be sought by the user and accessible upon taking positive steps and must not conveyed/proposed to the user by the computer system.
