EMA Module 16 Draft Risk Minimisation Measures

Posted on June 19, 2013 by bcobert

In early June the EMA released a draft version of its Good PV Practices Module XVI on Risk Minimisation Measures: Selection of tools and effectiveness indicators.  See http://www.ema.europa.eu/docs/en_GB/document_library/Scientific_guideline/2013/06/WC500144010.pdf

This document discusses in detail risk minisation measures included in Risk Management Plans (RMPs).  It largely covers the same things that the US FDA has called “Elements to ensure safe use” (ETASUs).  As this is a draft, the EMA is calling for comments by August 5, 2013.  This module is to read and used in conjunction with Module 5 on risk Management Systems.

In a nutshell, there are no real surprises in this document and it is entirely consistent with earlier communications from the EMA and member states and also consistent with FDA’s ETASUs and approach to risk.  Here is a brief summary.  See the document for more detail particularly about generics and hybrids.

Risk Minimisation Plans (NOT abbreviated RMP which is used for Risk Management Plans) include measures which are “Public health interventions intended to prevent or reduce the occurrence of ARs associated with the exposure to a medicine, or to reduce their severity or impact on the patient should they occur.” They may be routine and used for all products approved in the EU or there may be additional measures for selected products.

The goal of all of the routine and special measures is to  optimize the safe and effective use of the product throughout its life-cycle.  This means reducing the AR burden, optimize the benefits, target the appropriate patient population for selection or exclusion for use of the product and to ensure the best possible treatment management (dosing regimen, lab tests etc.).  In other words, as they say, “The right drug, at the right dose, at the right time, to the right patient, by the right prescriber, and with the right information and monitoring.”

The MAH and Qualified Person for PV hold the ultimate responsibility for the RMP and minimization measures.  The usual quality measures should be in place including updating the measures if new information becomes available, version control and good documentation practices, tracking, analysis of results etc.  The EMA notes that the RMP and measures are subject to CA inspection.

Routine measures:  These are the standard procedures all MA holders do in pharmacovigilance.  This includes the labeling, the summary of product characteristics (SmPC), the package leaflet, the package size and design and the legal prescription status of the product.  All measures, whether routine or customized, should have a clear objective and defined measures of success with milestones.

Each measure should be linked to a specific safety concern in the RMP to include:

  • Rationale: Set out the rationale for the proposed additional measures including defined objectives for each of the measures proposed.
  • Description of the measures: Describe the measures, including a description of the tools that will be used.
  • Implementation plan: Provide a detailed proposal for the implementation of the measures (e.g. setting and timing or frequency of intervention, details of the target audience);
  • Evaluation plan: Provide a detailed plan with milestones for evaluating the effectiveness of the measures in terms of overall health outcome measures (e.g. reduction of risk).

Customized Risk Minimisation Measures:  These are customized in purpose, design, target audience etc. to ensure the appropriate patient selection and can include education programs, controlled access or other measures.

Educational Programs: These are actionable measures taken to minimize risk by teaching or training.  They can be in any format including paper, audio, video, web, in person etc.  The content should be aligned with the SmPC and package leaflet and must avoid promotional elements.

Such programs must be clearly defined in scope and should include unambiguous statements regarding the risks to be addressed with the tool, the specific steps to be taken by health care practitioners &/or patients to minimise the risks. They should contain:

  • A statement that the material is mandatory as a condition of marketing
  • Guidance on prescribing, including patient selection, testing and monitoring
  • Guidance on the management of the risks
  • Guidance on how and where to report ARs of interest.
  • Specifics on selection of patients, dosage, testing & monitoring, special administration or dispensing, details of information given to patients.
  • Various formats are feasible including a checklist, brochure, poster etc.

Tools for patients and caregivers (called “carers” by the EMA) should enhance their awareness of the signs and symptoms of specific ARs  causing the need for additional risk minimisation measures and on what to do if the symptoms occur. Formats are flexible and can include a diary, alert card or a portable and easily carried wallet card.

Controlled Access Programs: These are customized to the product or situation.  They may include:

  • Specific testing &/or examination of the patient (e.g. LFTs, pregnancy test, ECGs before & during treatment)
  • Prescriber, dispenser &/or patient documenting their receipt and understanding of information
  • Systematic patient follow-up through enrolment in a patient registry
  • Dispensing only in registered & approved pharmacies.

Pregnancy Prevention Programs (PPP): These are interventions aiming to minimise pregnancy when starting or during treatment with a medicinal product with known or potential teratogenic effects. They are aimed mainly at females but may also apply in males where use would have a negative effect on pregnancy outcome.  They can be:

  • Educational measures targeting HCPs and patients to inform them on the teratogenic risk and required actions (e.g. use more than one method of contraception etc.)
  • Controlled access to ensure that a pregnancy test is carried out and is negative as verified by the HCP before prescription or dispensing of the medicinal product
  • Prescription limited to a maximum of 30 days supply;
  • Counseling in the event of inadvertent pregnancy.
  • May be appropriate to continue for a period after end of treatment (e.g. 3 months).

Direct Health Care Professional Communication (DHPC): This is a communication by any means from the MA holder or the Competent Authority (CA) directly to the practitioner.

Implementation of risk minimization measures: The MAH and CA should carefully consider the timing and the procedures for the measures.  A one-off/one time distribution of tools before or at the time of product launch may not be sufficient.  It may be necessary to do periodic follow up reminders.  The EMA repeats that the educational material must be clearly distinct from and distributed separately from any promotional material the MAH produces.  The Member State CA should review the material and quality assurance measures should be in place to ensure and verify quality.

Effectiveness measurement of the risk minimization measures:  The must be an evaluation of the measures to determine whether they are working and if not, why not.  Measurements should not be qualitative but should include quantitative metrics.  These metrics should measure three things:

  • The process itself (is the implementation going as planned. For example, are the brochures being sent and received)
  • The impact on knowledge and behavior of the target audience (are HCPs and patients actually doing what they are instructed to do)
  • Outcomes (are they achieving what the objective called for)

A conclusion should be drawn by the MAH and CA on whether the measures are successful, whether changes are needed or whether the measure can be stopped.

Process Indicators/Metrics:

  • Use measures of distribution to focus on the appropriateness of the tool for the audience (e.g. adequate language, pictures, diagrams) & assess whether the materials were actually received by the target population
  • Assess clinical knowledge acquired from the tool using rigorous survey methods with standard questions done via phone, interview or self-administered.  Repeat over time.  Monitor attitude or representative populations with a randomized & adequate sample size.
  • Assess clinical actions such as prescribing behavior.  Can use prescription data linked to patient records or other means.  Look at co-prescribing, compliance with lab monitoring etc. Use rigorous statistical methods.

Outcome Indicators:

  • Safety outcomes should be measured in a rigorous way e.g. incidence rates of an AR in a post approval safety study).
  • Try to obtain frequency before and after the RMP is implemented. If not feasible, use a predefined reference from literature, historical data etc.
  • Spontaneous reporting frequency is NOT acceptable as a rule for outcome indicators.
  • RMPs should be similar for branded and generics/hybrids.

There is a fairly extensive section on the internal EMA/Member States regulatory network.  It can briefly be summarized as noting that for centrally approved products, the PRAC & CHMP requirements will be conditions for use of the product; that is, the MAH must do what is told to them by these bodies.  Individual EU MS’s may tailor RMPs and add additional measures nationally.  The EMA via the PRAC will monitor RMPs  The PRAC will evaluate the RMPs, protocols & outcomes.  The CAs of the MSs have national level responsibility for RMPs and they may add additional measures to RMPs for generics/hybrids. See the document for more details.

MAH Obligations: The MAH must define all RMP objectives  and, after approval at the EU level, implement at the national level working jointly with the Member States CAs.  The MAH must monitor outcomes and report them in RMP updates and PSURs.

Health Care Professionals & Patients’ Obligations on RMP Implementation: None.  But cooperation is encouraged.

PSURs/PBRERs and RMPs: An effectiveness evaluation must be done and must:

  • Describe the implemented risk minimisation measures, objective(s), and the selected process and outcome indicators.
  • Analyze the nature of the ARs including severity and preventability.
  • Examine the delivery of the risk minimisation measures in routine clinical practice, including any deviation from the original plan.
  • Include outcome indicators (i.e. AR frequency and/or severity) should normally be the key endpoint when assessing the attainment of risk minimisation measures objectives.
  • Proposals for change/update should be included.

Updates & Changes to the RMP: These should be done as appropriate with more frequent updates for products with more risk.

Finally, the EMA notes that they will make public a summary of the RMP and minimization measures and tools.  They will issue a public assessment report (EPAR), the product characteristics information, package leaflets, conditions of the MA, required registries and any deadlines or conditions imposed on the MAH.

There is a detailed set of appendices covering sampling procedures and recruitment strategy, the design and administration of the data collection instruments, analytical/statistical approaches and comments on ethics and privacy.  See the module for full details.

Bottom line:  No major surprises here at all.  This is consistent with US FDA approach though the RMP is entirely different in content and format from the US REMS.  However, the resulting ETASUs or minimization measures look remarkably similar.  It is hoped that the regulatory agencies in the US and EU as well as elsewhere will be consistent in the application of the tools and measures put in place in their countries.  However, of necessity, given the differences in the way medicine is practiced and they way products are sold and distributed this may not be as easily harmonized as we hope.  It is also hoped that the health authorities will look at these systems now in place in several years time and see if they really are improving health care.

Posted in Bart's Corner - Your Pharmacovigilance Resource Center | Tagged , , , , , , | Leave a comment

OTC Safety Reporting

Posted on June 12, 2013 by bcobert

The reporting of adverse events (AEs) and serious adverse events (SAEs) is not widely understood in the US because there are different requirements for different products depending upon how they became over-the-counter (OTC) products.

A brief review of how a drug can get onto the market as an OTC in the US is in order.

Firstly, what is an OTC? It is a product that is marketed in the US without a prescription and, importantly, without medical intervention.  Thus the patient makes the diagnosis and decides on the treatment him or herself with no pharmacist, nurse, NP, PA or physician involved.  Actually, some products are so-called “behind the counter” products whereby one must ask the pharmacist (or at least the person behind the counter in the pharmacy – who may be a non-medical technician) for the product.  So, in theory at least, there is some medical intervention.  To be an OTC product means the drug should have a clearly positive benefit-risk profile and a wide therapeutic index (that is, the lowest toxic dose should be well above the therapeutic dose. Then the risk of safety problems is low –  particularly if too much is taken by the patient).

Drugs can be marketed OTC via two main routes.  The first is the “monograph” route which is the most common route to market. An OTC drug monograph (CFR Title 21 sections 300 and beyond) describes what kind of ingredients may be used in the product along with the appropriate dose and instructions for use. There are some 80 categories of monograph drugs.  If the manufacturer strictly follows the monograph for the product, the drug may be marketed without FDA review or approval.   The FDA actually calls the OTC drug monographs a kind of “recipe book” covering acceptable ingredients, doses, formulations, and labeling. These are drugs that are “generally recognized as safe and effective (GRAS/E)”.  See http://www.fda.gov/Drugs/DevelopmentApprovalProcess/HowDrugsareDevelopedandApproved/ApprovalApplications/Over-the-CounterDrugs/default.htm for more information on this.

The second major route is the so-called “Rx to OTC Switch”.  This is a smaller number of products which originally required a prescription and for which the sponsor submitted an application to the FDA to have the drug sold OTC.  Usually it involves doing one or more clinical trials sometimes at a lower dose than the prescription dose.  Sometimes the indications for the OTC are different from the prescription product’s approved indications.  Examples include antihistamines, PPI and H2 blocker acid reducers, laxatives, topicals, vaginal antifungals and others.  When these drugs are approved they still have open NDAs/ANDAs and thus must still submit adverse events and do all necessary safety reporting as before unless special arrangements or waivers are agreed upon by the FDA.

So now the question becomes what are the safety requirements for reporting SAEs and AEs.  As noted above, the Rx-to-OTC switch products generally have to follow the usual NDA/ANDA rules.  The monograph products have a totally different set of rules.

In fact, up until 2007 reporting AEs/SAEs on monograph products was not required though FDA encouraged reporting of SAEs.  Some manufacturers did so voluntarily but many, perhaps most, did not.  In 2006, Congress amended the law to require safety reporting for OTC products without NDAs/ANDAs starting in 2007.  In 2009 FDA issued a guidance covering this.  See www.fda.gov/downloads/Drugs/GuidanceComplianceRegulatoryInformation/Guidances/UCM171672.pdf

The law and guidance require:

  • The manufacturer, packer or distributor must now report SAEs.  The submitter is referred to as the “responsible person”.  The retailer who functions as the distributor may authorize the manufacturer or packer to handle this reporting.
  • The responsible person must submit to FDA all SAEs when the product is used in the US.  Note that this does not require a determination of causality or expectedness (labeledness).
  • All follow-up reports of new information received within one year of the initial report must also be submitted to FDA.  FDA recommends that all follow up be submitted even if received after one year though the law only specifies for one year.
  • The timeframe for such submissions is 15 business days.  Note that, also unlike NDA drugs, this is 15 business days not 15 calendar days.
  • For each initial (but not follow up) submission, a copy of the label which is “the full outer carton/container label and immediate container label (including the Drug Facts panel and the principal display panel) that are the same as the label on the drug product used, or most likely used, by the patient.”  The most current label should be sent.
  • The submission should be on an FDA MedWatch Form 3500A or the electronic equivalent.
  • Reasonable attempts must be made to obtain follow up.  “FDA encourages responsible persons to use trained health care practitioners to query reporters, computer-assisted interview technology, targeted questionnaires, and/or other methods developed to target specific events that help focus the line of questioning.”
  • If the reporter is a consumer or patient, the responsible person should attempt to contact the heath care provider who is familiar with the event (if there is one).
  • The usual four elements (patient, reporter, drug, SAE) must be present for a valid report.  Efforts should be made to get this information and they should be documented. When all four elements are present, the regulatory clock starts.
  • In terms of drug identification, which may be hard for “families” of drugs where the same brand name is used, the specific name or formulation is needed for a valid report.  If multiple drugs are involved all of which are manufactured by the same “responsible person” only one case should be submitted using the most suspect drug as defined by the reporter.  If that is not defined, then use the drug product that is first alphabetically.  If the drugs are from different manufacturers, the initial receiver should submit the case to FDA with a copy to the other manufacturer(s) who should also report the case and cross reference each other.
  • Case records must be made and retained for at least 6 years.
  • If the case actually belongs to another manufacturer, then the initial receiver should forward the case to that other manufacturer (this is not obligatory but FDA does recommend).
  • New information should be incorporated into the narrative “to present an accurate and comprehensive, but concisely written, description of the event as it is understood at the time of the follow up report.”
  • New or corrected information should be highlighted with an asterisk or underlining or other method to draw attention.
  • Source or supporting documents (e.g. hospital discharge summaries, lab results) should be submitted.
  • A manufacturer’s identification number should be created for the initial report and used on subsequent follow up submissions without change.
  • Details on filling out the MedWatch form are included and the reader should refer to the guidance.
  • Electronic submissions are possible and information can be obtained from the FDA website for this.  Note that requirements often change and the website should be referred to.  See: http://www.fda.gov/Drugs/DevelopmentApprovalProcess/FormsSubmissionRequirements/ElectronicSubmissions/UCM085361#Postmarketing

No aggregate reporting is required in the US.

Outside the US the rules vary.  In general, some regions, such as the EU, do not make distinctions between prescription drugs and OTC products as all these products have approved marketing authorizations and thus the safety reporting is the same whether OTC or not.  Check with each country or region.

Bottom line: Initial and follow up SAEs on monograph OTC products have to be reported to FDA within 15 business days of receipt of a valid report. Since SAEs are not really expected for such “benign” drugs, each SAE should be scrutinized by the responsible person.  Presumably, FDA will do the same.

Posted in Bart's Corner - Your Pharmacovigilance Resource Center | Tagged , , , , , , , | 2 Comments

The Pan American Network on Drug Regulatory Harmonization: Working Group on PV. Good PV Practices for the Americas.

Posted on June 5, 2013 by bcobert

http://apps.who.int/medicinedocs/documents/s18625en/s18625en.pdf

A very interesting and not widely known document on drug safety was released in 2010/2011 on Good PV Practices for the Americas.  It was prepared by a Working Group in the Pan American Health Organization which is a regional office of the WHO.  It was prepared between 2005 and 2008 and “validated” in 2010 and published in English in June 2011.  It also exists in Spanish and Portuguese.

The committee members who prepared the document were from Colombia, Cuba, Canada, Barbados, and Uruguay with additional expertise from Brazil, Guatemala, Spain and Argentina.  All of the members appear to be either academics or members of the government health authorities.  There appear to be no industry or public representatives nor do there appear to be any members from the US or Mexico. The references cited are largely WHO/UMC documents, publications in the literature and a few FDA regulations including the 2005 risk documents from FDA.  There do not seem to be any EU references.

The document runs some 85 pages and it covers good PV practices with particular attention aimed at setting up national PV systems and centers in the Americas, record management, identification and quantification of risks, generation of signals and further information on risk management, communication and risk prevention.  The bulk of the document relates to the governmental agencies, a little on hospitals, universities and other health institutions and there is less than one page devoted to the industry.

Although the document is a bit old, limited in its scope and stakeholder representation, it is still worth reviewing.

The first part of the document is aimed at setting up a government PV system and center but this is somewhat applicable to companies, CROs and other institutions if they want a primer on setting up such a system.

It covers the basics including contacting health authorities, national institutions in medicine, pharmacology and toxicology.  Get money  and office space and draft a plan.  Here are some of the other getting started items needed:

  • Setting up the center: main office, technical staff, other locales, telephones, word processors, database management capacity, bibliography, etc.
  • Designing a reporting form and beginning the data collection process by distributing the form to hospitals, clinics, family doctors in primary health care, and pharmacies;
  • Designing a reporting form and beginning the data collection process by distributing the form to hospitals, clinics, family doctors in primary health care and pharmacies;
  • Preparing printed materials to inform health professionals about the definitions, objectives and methods of the pharmacovigilance system;
  • Training pharmacovigilance personnel in the following tasks:

–  Collecting and verifying data;

–  Interpreting and coding descriptions of adverse reactions;

–  Coding medicines;

–  Assessing causal relationships;

–  Detecting signals;

–  Managing risks;

  • Installing a database—that is, a data storage and retrieval system;
    • Holding meetings in hospitals, universities, and professional associations to inform professionals about 
the principles and demands of PV and the importance of reporting;
    • Stressing the importance of reporting adverse medicine reactions in medical journals and other specialized publications.
    • The resources can be obtained from registration fees or by imposing a special compulsory PV fee. Both can be included in the budget of the medicine regulatory authority.
    • In addition to basic resources, the center can obtain additional funds from other entities with an interest in PV. The following institutions are examples of those that can be contacted:

- Government departments concerned with medicine safety;

- Health insurance companies and funds

- University departments

- Professional associations

  • Staff: a pharmacist, doctor or pharmacoepidemiologist, administrative staff, a programmer or systems analyst, a data processor, experts or consultants and “new professionals from the health sector that are beginning their training in the specialty” advisory committees, an information service and more.

Next they describe the characteristics of reports.  They use text to describe what is essentially a MedWatch/CIOMS I form or an E2B transmission but without reference to either of these two standard forms.  They next discuss good documentation practices, record keeping, a quality manual, a manual of SOPs and then they list the minimum SOPs that should be in place.

There is a description of basic safety computer systems and how to manage reports, coding and data entry, dictionaries (they suggest either WHO-ART or MedDRA) and the WHO Drug Dictionary.  Note that this is not surprising given the heavy WHO input.  It must be said though that the state of the art these days really is MedDRA for coding by major health agencies and most companies.  They recommend the WHO definitions and the Naranjo and FDA algorithms for causality determination. There is a discussion on how to assess reports.

There is next a brief discussion of Good Risk Analysis and Risk Management Practices including looking isolated cases, medical literature, spontaneous reports, trials, case series etc.  Data mining is briefly discussed as is signaling and the quantification, assessment, management and prevention of risk.  A risk management plan is suggested using more or less the ICH E2E document as a base.  Risk communication, periodic reporting, publications and crisis management are also discussed.

There is a large section relating to how the government should review and track and analyze its PV system.  They suggest setting up national and regional PV centers such as is done in France and elsewhere.  The responsibilities of physicians and other health care practitioners are discussed.

The pharma companies’ obligations are next discussed and these can be summarized as:

  • Reporting all suspected serious adverse reactions received from a health professional through the pharmacovigilance system within the period stipulated by the authority in each country (generally, within 15 days of receipt of the report);
  • Keeping detailed records on all suspected adverse reactions that it has learned of, which should be reported to the national regulatory authority;
  • Designating a qualified professional to take charge of PV tasks on a continuous and on-going basis, providing adequate means to exercise his or her functions; this professional will also serve as the liaison with the regulatory authority and should be the only spokesperson recognized by the competent public health authorities when it comes to pharmacovigilance;
  • Proposing timely changes to the fact sheet file, labeling and package insert when adverse reactions not listed in the material occur;
  • Ensuring that all laboratory technical staff receive the training required for the exercise of their PV functions;
  • Transferring some or all of its functions and responsibilities to another company, but not the ultimate pharmacovigilance responsibility for monitoring the medicines it is authorized to market;
  • Establishing agreements on PV issues in cases where a joint marketing agreement among several companies has been negotiated. Any transfer of pharmacovigilance functions and responsibilities must be documented through a written agreement signed by company representatives. Functions not transferred under this agreement remain the responsibility of the marketing authorization holder. Any transfer of functions and responsibilities must be reported to the respective health authorities;
  • Facilitating the designated professional’s access to the fact sheet and basic safety information for each pharmaceutical product approved, ensuring that they are properly updated;
  • Ensuring that appropriate standardized work procedures are adopted and followed;
  • Guaranteeing a filing system which permits the preservation of all documentation on PV responsibilities and activities.  The responsibilities for managing the files must be stated in writing;
  • Establishing an audit program to ensure that the pharmacovigilance system follows good practices.

There are extensive appendices with definitions (many are non-standard, unfortunately) as well as sample forms and templates.

Comments:

This is a very interesting and informative document that really is a primer on how to set up a drug safety unit either in a government, university, company or other entity.  The point of view is primarily that of the WHO and a lot of the suggestions are now either outdated or “non-standard” as much of the world has adopted ICH/CIOMS standards.

There is no mention of the internet, electronic transmission, social media and much of the other rapidly developing technology now impacting on drug safety and pharmacovigilance.  It seems to be aimed at beginners in the field, institutions that are newly created and those that have limited resources.

It is worth a read and, as noted, is available in Spanish and Portuguese.  But the reader should be aware that it presents a particular point of view, is somewhat out-of-date and uses some non-standard definitions and procedures.  Much has occurred since this was written and it seems that the document could now use a revised, second edition.  Still worth looking at though.

For governments and health authorities, this document should be used as a starting point in setting up a PV system or center but it should not be considered to really represent the state of the art.  Reference should be made, in particular to CIOMS and ICH guidelines, as well as how major agencies (FDA, EMA, MHRA, Australia, Canada, Spain and others) handle drug safety.  EudraVigilance should be looked at as well as FDA’s FAERS and commercial databases which several health agencies now use (e.g. France, Canada).  Note that many agencies (FDA, EMA and others) have their SOPs on-line.

Posted in Bart's Corner - Your Pharmacovigilance Resource Center | Tagged , , , , , , , , , | 2 Comments

Follow Up of SAEs and NSAEs

Posted on May 29, 2013 by bcobert

Performing follow up on spontaneous and clinical trial SAE and non-serious AE cases is a critical function and it is not always done optimally.

Does follow up have to be done?

Yes. This is clearly required by law.

In clinical trials FDA clearly states in 21CFR312.32 “Followup . (1) The sponsor must promptly investigate all safety information it receives.”

FDA actually goes into a further explanation in its 2012 Guidance on Safety Reporting Requirements for INDs and BA/BE Studies (http://www.fda.gov/downloads/Drugs/…/Guidances/UCM227351.pdf).
“Most IND safety reports are derived from observations from clinical trials. In the setting of a clinical trial, information is collected in a controlled environment so that the information needed to evaluate the suspected adverse reaction (e.g., information that would be contained in a narrative report or on FDA Form 3500A) is generally readily available. If any information necessary to evaluate the suspected adverse reaction is missing or unknown, the sponsor should actively seek such information from the source of the report.”

Companies are expected to make full efforts to obtain complete information. Similarly, in 21CFR314.80 FDA discusses in several places the requirements for follow up of expedited reports and for reports in PADERs.

For OTC products in the US, FDA noted its policy in a guidance: Guidance for Industry: Postmarketing Adverse Event Reporting for Nonprescription
Human Drug Products Marketed Without an Approved Application (http://www.fda.gov/downloads/Drugs/…/Guidances/ucm171672.pdf).

All follow-up information received within 1 year of the initial report must be submitted within 15 business days. Note that the law says states only 1 year of follow-up, but FDA has indicated that it wants no time limit. That is, report all follow-ups forever.

The EMA similarly requires follow up on cases from all sources. There are over forty references regarding required follow up in Module VI of the EU’s Guidelines on Good PV Practices – Management and reporting of adverse reactions to medicinal products (http://www.ema.europa.eu/docs/en_GB/document_library/Scientific_guideline/2012/06/WC500129135.pdf).

In general, the only cases that do not require follow up are those that are absolutely positively complete and/or no further information can be obtained as there is no contact information. This situation may occur with cases received from health agencies where the contact information is redacted or from other manufacturers who send reports with the contact information similarly hidden.

Secondly, it is highly unlikely that a complete set of information will be received on the initial report, particularly if the SAE has just begun and is evolving. The initial reporter may not have all the information, particularly if it is the patient doing the reporting. The health care professionals (HCPs) involved in the case will have a more complete data set. Finally, the outcome is needed and that may not be known if the case is still active.

Thirdly, signaling must be done and it is very hard to make reasonable, scientific judgments if the data is incomplete.

So, it is clear follow up has to be done.

The next question is how much follow up should be done and by whom?

The answer to the question on how much follow is needed is the Goldilocks principle. This was originally described with porridge: not too hot, not too cold but just right. What that means here is that one can go to extraordinary extremes and obtain every morsel of data or get minimal data, or one can get the appropriate data needed to understand the case. Obviously, the latter course is the best. This is clearly a judgment call and thus follow up should be done by someone who is both familiar with the case and also has medical expertise such that the right questions are asked and full and useful answers are received. Some companies have “canned” or scripted follow up requests which are usually not very useful unless they are created for specific AEs or situations such as a myocardial infarction script or a GI bleed script etc. In general these don’t work well unless they are clearly tailored to a narrow issue.

It is hard to know how much effort should be invested in the follow up. The exact amount is not written in any of the regulations that I am aware of. The broad rule of thumb is that for serious cases, two well-documented attempts should be made. This is usually more than just a phone call to the secretary or administrator asking for information or a call back but rather an attempt by someone who is likely to get through (e.g. a company physician, nurse or pharmacist) to the busy reporting physician or health care provider. It is sometimes not productive doing a phone call which won’t get through but rather sending a letter (sometimes certified return receipt requested) or email. For clinical investigators phone calls are more likely to be returned but for spontaneous reports less so. Sending a letter tends to call attention to the importance the company puts on the case. On the other hand, if the physician has to run down to the post office to get the letter and sign the certified receipt, the response will be one of fury!

What this means, is a medical professional should, in general, do follow up on all serious cases (and perhaps some non-serious ones too) such that the appropriate questions are asked and if the response is incomplete or not useful additional follow up questions can be posed. This is most often the case if the follow up is done by phone to the physician or HCP involved with the case.

All follow up efforts must be documented. By this, one means that the request (including the questions asked or documents requested) are listed in the electronic or paper case file along with the date of the request and the name of the requester.

The sender should track the follow up request and if no response is received in a week or two then the sender should try again. This should be clearly stated in the SOP covering follow ups. Although it is generally felt that two follow ups are sufficient, the number really should correspond to the importance of the case. A Stevens-Johnson or Torsades case should get strong and repeated follow up. A penicillin skin rash perhaps less so. The author remembers a case of alleged Torsades right after a patient took one of our anti-histamines (a very benign and safe product). This was so important, both for medical and commercial reasons, that multiple follow up attempts were made. However, when they failed to produce the needed information (cardiograms and previous cardiac history) the chief medical officer of the company flew on the corporate jet to the physician’s office some 800 miles away to personally see the treating physician and obtain the cardiograms and needed information. By doing this we discovered that the patient had long-standing Torsades which had occurred both before and long after taking the drug in question thus showing the drug was highly unlikely to be the cause.

So the bottom line is for serious cases, probably two follow ups but more if the case is important in signaling, is the first time that this was seen, was more severe etc. For non-serious cases, some companies do no follow up especially if the case is totally benign and the problem quickly disappeared such as a headache lasting an hour. Again, medical judgment and common sense should dictate the follow up.

The mechanics of follow up.

As noted above, there are several ways to do follow up: phone, email, letter, personal contact/visit. If in writing, the requests should be as explicit as possible (“the ECG of April 28, 2013 during the patient’s chest pain”) though sometimes this is not possible (“the ECGs relating to the patient’s chest pain in April 2013”). Be careful not to overask (“all lab reports during the patient’s 7 week hospitalization”). If the case is complex, consider asking for summary reports such as the discharge summary or the treating physician’s letter to the patient’s private physician.

Some companies now split up case processing into multiple components such as initial data entry, triage, coding, narrative writing, follow up request etc. whereby a different person may handle each step and no one owns the case. Although this may make for efficient case processing, things often fall through the cracks and no one remembers to follow up to see if the request for follow up was answered. Cases must be tracked.

Follow up should be done while the case is “hot” which usually means within a week or two at most after receipt of the case. If one waits longer than that the trail will get cold, the records shipped to the archive room, the treating physician is now working elsewhere, no one remembers the case etc. The likelihood of getting useful information in this situation is much lower. All new data must be triaged rapidly and handled per SOP procedures.

Documentation that is obtained should be as complete as possible. Ideally the actual cardiogram and interpretation should be obtained rather than a verbal report that the cardiogram showed an anterior wall myocardial infarction. The appropriate redaction of patient and reporter identifiers should be done to ensure compliance with HIPAA and other data privacy requirements.

Special Situations

  • There are instances where follow up is difficult or not even feasible. The most common example of this is litigation. If a patient is suing the company, the company’s attorneys may require that all requests for follow up go through the law department and that there be no direct communication by drug safety with the physician or anyone else involved with the case. This obviously makes life more difficult and the person suing may refuse to send the information.
  • As noted, cases from governments and other companies may not have any contact information. Companies often do this for business or competitive reasons especially in clinical trial cases. If the suspect drug is the comparator marketed by a competitor, the company doing the study may not want to send a MedWatch or CIOMS I form to the competitor as it would reveal some information about the study to the competitor. This is not good medicine but is the reality.
  • One of the worst situations occurs when a case is reviewed at the time of the PSUR/PADER or DSUR or during signaling when someone asks for more information on a long ago case. This is often very hard to obtain; the drug safety department should have thought of this and tried to obtain the information when the case was fresh. Thus, do it right the first time.

Bottom Line: Follow up must be done and the follow up should be well thought out and assiduously done up front.

Posted in Bart's Corner - Your Pharmacovigilance Resource Center | Tagged , , , , , , , , | Leave a comment

Quality Management Systems: FDA & EMA Requirements

Posted on May 22, 2013 by bcobert

One of the areas that is relatively new to drug safety and pharmacovigilance (PV) involves the emphasis now being placed on “quality”.  It is no longer enough to do a good job and know you’re doing a good job, but now this must be documented and reviewed by overseers to ensure you really are doing a good job!  I suppose one might say that, after x years of doing drug safety, “I know how to do this!”  But if one thinks about it, it is always worthwhile having another set of eyes look at someone’s work to be sure no issues or errors have slipped in.  We certainly want someone to double check airplanes and the pilot before take-off or the functioning of nuclear reactors.  So now we have it in drug safety.

 FDA

Both FDA and EMA (and other agencies) have made it clear that they expect quality to be built into drug safety (and all pharmaceutical systems).  FDA has issued several documents on quality though they are not as specific as EMA’s quality documents on PV.  Much of ICH and FDA’s quality publications relate to manufacturing but the expectation is that this will also be applied to PV.  FDA’s Office of Regulatory Operations has issued a Quality Manual ((http://www.fda.gov/AboutFDA/CentersOffices/OfficeofGlobalRegulatoryOperationsandPolicy/ORA/ucm135836.htm). FDA’s quality requirements have been built up over the years based on FDA’s 1999 publication on Quality by Design as well as ICH Quality documents.

The contents can be summarized as follows (with my interpretations for drug safety):

QMS: Each company should have a quality management system (QMS) which includes a mission statement of the goals and scope of the program as well as defining applicable laws, regulations and, importantly, best practices (procedures where the law is unclear or silent).  In addition there should be written, versioned procedural documents (SOPs, Manuals, Work Instructions etc.).  It is a good idea to create a corporate “Quality Manual” summarizing, at a high level, the company’s intent to maintain top quality.

Management Responsibility: There must be a commitment by management for quality and they should lead by example.  They should communicate this policy, receive and respond to feedback and maintain a customer focus noting that the concept of  “customer” is broadly defined to include not just patients and health care providers but many others such as health authorities, and internal company clients.  Management should ensure that planning and the quality system are put in place.

Resource Management: There must be adequate resources to get the job done and prevent backlogs.  This includes the usual things such as personnel, computers, work facilities, money/budgets etc.  There must be adequate training and the company must ensure that confidentiality and data privacy are fully maintained.

Planning, Processes, Controls and Execution: This broad area basically requires that the company be prepared and anticipate issues and problems.  This may be hard in PV where spontaneous reports determine one’s workload (and fate).  But broadly speaking this means:

  • Anticipate where possible (don’t schedule vacations for the PV staff at the time of the launch of a new drug),
  • Be prepared for the unanticipated such as unexpected severe toxicity, tampering, counterfeiting etc.  See the book The Black Swan: The Impact of the Highly Improbable by Nassim Nicholas Taleb – not about drug safety but about highly unlikely but catastrophic events.
  • Stay up to date on new regulations, technology, processes
  • Have valid, traceable processes with audit trails
  • Have the right technology (e.g. drug safety software)

Measurement Planning & Implementation:  “If you can measure it, you can fix it” is a well-known phrase in engineering and is applicable here.  The company must monitor and track “key performance indicators” (KPIs) to be sure that the processes are working.  The results should be made known to the appropriate stakeholders.  If problems are found, a root cause analysis should be done and corrective actions and preventive action plans (CAPAs) put in place.  Periodic audits should be done and “continual improvement” should be in place.  Some KPIs that PV should track include (my opinion, not from FDA’s document):

  • Late & on time ICSRs, e.g., 7-, 15-day reports, EU submissions)
  • Late reports into Drug Safety, e.g., from study monitors
  • Late workflow steps within DS, e.g., triage within 24 hours, case closure by day 7, coding, medical review, due diligence requests
  • Late reports to HAs, business partners etc.
  • E2B reporting failures
  • Late & on time aggregate reports (e.g. PADERs, PSURs, DSURs)
  • Late & on time Medical Monitor trip reports
  • CAPA commitments done on time, done but late, not done
  • SOPs updated on time & training done as required.

There should be consequences for both success and failure.  Results should be compiled by employee, department, team etc. (as appropriate) but care should be taken to avoid public embarrassment and shaming (“Praise publicly, reproach privately”).  Success should be rewarded; failure and poor performance penalized.

Audits: It is expected that all functions of PV (home office, subsidiaries, vendors, partners, etc.) should be audited periodically.  FDA does not specify the frequency but many companies do audits of major operations yearly and smaller or less critical PV units or functions every 2-4 years.  FDA and EMA maintain a 2-4 year inspection  cycle of companies unless for cause when inspections are more frequent.  There should be an internal company compliance function or group to handle this.  They should not be part of PV or drug safety.

EMA

Unlike the FDA, the EMA has put forth a very clear and explicit document covering quality systems in drug safety & PV.  See their recent Good PV Guidelines Module 1 (http://www.ema.europa.eu/docs/en_GB/document_library/Scientific_guideline/2012/06/WC500129132.pdf).

Many of the points are very similar or identical to FDA’s.  I will highlight the differences and note specific points that EMA makes.  The document is worth reading by anyone who does drug safety.

The EMA notes that a QMS must contain: organisational structure, responsibilities, procedures, processes, resources of and resource management, compliance management and record management.  The goals are compliance with the law, prevention of harm, promotion of safe drug use and patient/public health protection.

Responsibility and resource management are similar to FDA’s requirements.  There is some stress on the identification and investigation of non-adherence to requirements.  Upper management’s roles are the same as FDA notes.

Training is stressed for all personnel involved in PV activities.  Training records and plans must be kept and there should be a process to check that the training results in understanding and correct conduct of PV activities.  Interestingly, EMA notes that adequate training should also be considered even for staff members with no specific PV tasks and responsibilities but whose activities may have an impact on PV.  This includes personnel in clinical trials, technical product complaints, medical information, terminologies, sales and marketing, regulatory affairs, legal affairs and audits.

EMA is more specific than FDA in noting that the MAH (sponsor) must have:

  • Continuous monitoring of PV data, risk minimisation.
  • Scientific evaluation of all information on risks particularly regarding ARs from off-label or occupational exposure
  • Examination & submission of non-serious ARs
  • Integrity, quality & completeness of data
  • Processes to avoid duplicate submissions.
  • Effective communication with public, HCPs & CAs on all safety matters
  • Updated product labeling as new information becomes known
  • Written SOPs & procedural documents
  • Good PV record management & data security/privacy
  • Organization charts, HR management within PV, job descriptions

As with FDA there should be continuous monitoring of safety data for timeliness, quality and completeness.  EMA stresses that the PV function must be independent – that is, all decisions must be taken in the sole interest of patients & public health.  There must be business continuity plans to allow continued function in emergencies, computer crashes etc.

The module addresses some very specific EU requirements such as the responsibilities of the Qualified Person for PV (QPPV) and the new Pharmacovigilance System Master File.  See the document and other modules (as well as other Bart’s Corner postings on this) for further information.

Interestingly, the EMA defines some “critical PV processes”.  The implication of this is that they must be in place and will be inspected when the company gets a “visit “from a health agency:

  • Continuous safety profile & benefit-risk evaluations
  • Establishing, assessing and implementing risk management systems and evaluating the effectiveness of risk minimisation
  • Collection, processing, management, QC, follow-up for missing information, coding, classification, duplicate detection, evaluation and timely electronic transmission of individual case safety reports (ICSRs) from any source
  • Signal management
  • PSURs
  • Meeting commitments and responding to requests from CAs;
  • Interaction between the PV and product quality defect (i.e. manufacturing) systems
  • Communication of PV concerns between MAHs & CAs especially regarding changes to the risk-benefit balance of products
  • Communicating information to patients and HCPs about changes to the risk-benefit balance
  • Keeping product information up-to-date
  • Implementation of variations (i.e. changes) to MAs for safety reasons according to the urgency required
  • Submissions to EudraVigilance

The PV system must be continuously monitored with audits, KPIs and other procedures.

Subcontracting and out-sourcing are permitted with written, up to date contracts in place.  The MAH though is reminded that the ultimate responsibility for fulfilling the legal requirements and responsibilities for PV always remains with the MAH.

Bottom Line: Every company has to have a quality system in place.  The health agencies will inspect and punish those who don’t.  At the very least, the QMS should cover the critical processes noted above in the EMA section.  The consequences of failure to this are severe and the health agencies are getting tougher and tougher on this (as they should).

Posted in Bart's Corner - Your Pharmacovigilance Resource Center | Tagged , , , , , | Leave a comment

EU Good PV Module IV PV Audits

Posted on May 15, 2013 by bcobert

http://www.ema.europa.eu/docs/en_GB/document_library/Scientific_guideline/2012/12/WC500136233.pdf

  EMA Guideline on Good PV Practices: Module IV PV Audits

In December 2012 the EMA finalized and made effective module IV of its (so far) 15 guideline modules on pharmacovigilance (PV).  This one covers PV audits done by companies and third parties and is the “companion” piece to module III on PV inspections (by governments and competent authorities (CAs)).

The concept is very similar to FDA’s handling of postmarketing drug safety.  See, for example:

  • The FDA Compliance Program Guidance Manual which discusses risk-based PV investigations for its inspectors (now called “investigators”): CHAPTER 53 – Postmarketing Surveillance and Epidemiology which states “Each year, using a risk-based approach, the PVC Team selects firms to be inspected. The risk-based approach takes into account factors such as the date of the firm’s last PADE inspection, the firm’s past compliance history, identified deficiencies, acquisition of new drug approvals or abbreviated new drug approvals (A/NDAs), and product safety concerns.” http://www.fda.gov/downloads/Drugs/GuidanceComplianceRegulatoryInformation/UCM332013.pdf

The EMA’s document is somewhat more detailed than FDA’s documents on this subject and is worth examining carefully.  Its requirements are very similar to FDAs and thus represent a good framework to use in creating a PV audit and quality management system in a company.

Background

The EMA uses this module to cover guidance on planning and conducting audits of PV systems in companies and competent authorities as well as audits of accompanying quality management systems (QMS). The EMA uses standardized audit theory and techniques many of which may not be familiar to PV folks, though well known to compliance and quality auditors.  See The Institute of Internal Auditors at https://na.theiia.org/Pages/IIAHome.aspx.

The goal of a PV audit is to verify by examination and evaluation, using objective evidence, the appropriateness and effectiveness of the implementation and operation of the PV system including the quality system.

Requirements

The Marketing Authorization Holder (MAH) must perform regular risk based audits of their PV system and QMS as noted in DIR Art 104(2) and other EU documents.  The critical and major findings must be put into the PV System Master File and the CAPAs put in place must be implemented.

The CAs in member states must perform regular independent audits of their own governmental PV tasks and report the results of their audits every two years at least.

See this module for the full legal and regulatory background and governing laws and regulations.

Definitions

There is some jargon used in this document including:

  • Audit A systematic, disciplined, independent and documented process for obtaining evidence and evaluating this evidence objectively to determine the extent to which the audit criteria are fulfilled, contributing to the improvement of risk management, control and governance processes.
  • Audit evidence consists of records, statements or other information, which are relevant to the audit criteria and verifiable.
  • Audit criteria are, for each audit objective, the standards of performance and control against which the auditee and its activities will be assessed.  Audit criteria should reflect the requirements for the pharmacovigilance system, including its quality system for pharmacovigilance activities, as found in the legislation and guidance.

Note that, although not mentioned in this document, an auditor may also audit against the companies SOPs and other procedural documents as “audit criteria”.  For example, if the regulations require expedited reports to be sent to FDA or a CA in 15 calendar days and the company’s SOPs requires this to be done in 12 calendar days, an auditor might cite the company for failing to meet their own (higher and tougher) standards than the law and regulations require.  The lesson here is that companies should be careful if they make their own standards more stringent than the law.  They will be held to these harder standards by some auditors.

  • Risk based PV audits use techniques to determine the areas of risk and then focus on the areas of highest risk to the organization’s PV system & QMS system.
  • Strategic Level Audit Planning defines the long term approach for audits & endorsed by upper management.
  • Tactical Level Planning creates an audit program, objectives and the scope of the audits.
  • Operational Level Planning covers plans for individual audits, prioritizing the tasks, using risk-based sampling and, finally, reporting of findings and recommendations.

Strategic Level Audit Planning

This is a high level statement of how audit activities will be done over a time period of two to five years and includes a list of audits that can reasonably be done & outlines areas highlighted for audit, methods & assumptions.  For example, in a large global pharma company it may not be possible or appropriate to audit smaller subsidiary countries’ PV systems if they only send in a handful of well-done cases.  This might be covered by a “paper” or “distance” audit or some other means of quality assessment and control.  The goal here is for the company to have a well thought out long-term quality and compliance plan on the books.

The plan should cover governance, risk management and internal controls of all PV processes and tasks, the QPPV (for the EU), interactions and interfaces with other departments and PV activities that are out-sourced or done by other departments or third parties.  This scope may be very large and would include business partners and groups that are not primarily drug safety functions but touch on them (e.g. monitoring of phase IV trials or post-marketing commitments).

The document describes factors for prioritizing audits.  These could also be called “audit triggers” and should alert the company to consider giving priority to audits if one or more of these triggers appear.  Note, of course, that the EMA and FDA will use this list to prioritize their inspections also:

  • Changes in legislation
  • Major reorganization of the PV system, mergers, acquisitions (e.g. more & new drugs)
  • Changes in key personnel
  • “Risks” to availability of staff (that is, significant turnover of staff, deficient training, reorganization, increased work volume)
  • Significant changes to the system since the previous audit (e.g. new database, changes to processes or regulations)
  • First medicinal product on the market (a new MAH and for the US: a new NDA/BLA)
  • Products with specific RMPs or special safety conditions (and for the US: REMS)
  • Criticality that good PV be done to protect public health
  • Outcome of previous audits
  • Identified known gaps
  • Problematic compliance metrics (e.g. late expedited reports)

Tactical Planning

This is a risk based audit program for a shorter time period (usually a year) based on the strategic planning & approved by upper management as described above.  This focuses on:

  • The quality system for PV activities
  • Critical PV processes
  • Key control systems relied on for PV activities
  • Areas identified as high risk, after mitigating actions have been put in place
  • Historical areas with insufficient past audit coverage and high risk areas

Documentation should include a brief description of the plan for each audit with scope and objectives plus the rationale for the timing, periodicity & scope.

Operational Planning & Reporting

This section covers actions the company must have in place for audits and quality management and includes:

  • Planning & Fieldwork: Ensure that written SOPs are in place for audits with timeframes for each of the audit steps.
  • Reporting: Findings must be documented in an audit report for management, auditees & other relevant parties. The report must be done in a timely manner with a mechanism for feedback from all parties.

Grading Systems

The FDA generally does not use a grading system in its PV audits but simply reports numbered findings usually but not always with the more urgent findings first.

The EU has a formal grading system as follows:

  • Critical is a fundamental weakness in one or more pharmacovigilance processes or practices that adversely affects the whole pharmacovigilance system and/or the rights, safety or well- being of patients, or that poses a potential risk to public health and/or represents a serious violation of applicable regulatory requirements.
  • Major is a significant weakness in one or more pharmacovigilance processes or practices, or a fundamental weakness in part of one or more pharmacovigilance processes or practices that is detrimental to the whole process and/or could potentially adversely affect the rights, safety or well-being of patients and/or could potentially pose a risk to public health and/or represents a violation of applicable regulatory requirements which is however not considered serious.
  • Minor is a weakness in the part of one or more pharmacovigilance processes or practices that is not expected to adversely affect the whole pharmacovigilance system or process and/or the rights, safety or well-being of patients.

Obviously, the critical and major findings get highest priority and should be acted upon immediately or very rapidly.  Note that multiple or repeated major findings may be classified as critical and similarly multiple or repeated minor findings may be classified as major.

Actions after the Audit

The company should divide the findings and actions into those which require immediate action, prompt action, action within a reasonable timeframe and issues that need to be urgently addressed or communicated in an expedited manner.  This is the classification suggested in the guideline.

In addition the company must perform root cause and impact analyses of the findings and then prepare and prioritize corrective action preventive action (CAPA) plans.  Management must ensure that a mechanism is in place to address these issues and ensure CAPA implementation keeping in mind that a follow up audit will probably be necessary if there are significant issues. Everything should be well documented and reports and documentation should be retained for the appropriate required times.  In drug safety, this basically boils down to “forever” though one should check with the company attorneys, regulatory and archiving groups to be sure.

Quality Management Systems

The EMA notes that the PV auditors should be objective and independent of PV activities and be free of interference in determining the scope, performance and communication of the results.  The main reporting line should be to upper management.  Thus the auditors should not be a part of the PV function.

Obviously auditors should demonstrate and maintain proficiency in knowledge and skills in PV auditing.  The audit team should have a combination of education, work experience, training and skills to handle audits even if each individual in the team does not have all the skills.  Key areas of knowledge include audit principles, procedures, techniques, applicable laws and regulations, PV activities processes and systems, management systems and organizational systems.  In addition, evaluation of the quality of the audit work should also be periodically assessed – that is, someone should somehow audit the auditors!

External Auditors

As many smaller organizations do not have the PV audit expertise in-house, it is quite appropriate to go outside for people or companies to do the PV audits.  However, the ultimate responsibility for the PV system remains within the organization.  When out-sourcing is done the EMA recommends:

  • The requirements, preparation, risk assessment, strategy, program, details, scope, objectives and procedural requirements must be specified in writing to the outside organization.
  • The company should obtain & document assurance of the independence & objectivity of the auditors.
  • The outside auditor should follow the GVP modules.

Summary and Comments

The MAH and CAs must perform regular internal PV audits on themselves and report the findings to the authorities regulating or supervising them in the EU.  This is less spelled out in the US by the FDA but audits and CAPAs are expected and FDA can ask to see them.

The methodology spelled out in this document is not surprising and many if not most companies already have this in place in one form or another.  If your company (or CA) does not have it fully in place, it will need to do so sooner rather than later.  The EMA and some member states as well as the FDA and other agencies are now actively inspecting using these risk-based requirements.

Posted in Bart's Corner - Your Pharmacovigilance Resource Center | Tagged , , , , , , | Leave a comment

EMA Post-Marketing Regulations Q&A March 2013

Posted on May 8, 2013 by bcobert

http://www.ema.europa.eu/docs/en_GB/document_library/Regulatory_and_procedural_guideline/2009/10/WC500003981.pdf

European Medicines Agency Post-Authorisation Procedural Advice for Users of the Centralised Procedure

Background

In March the EMA released a Q&A document on many of the aspects of post-approval/marketing regulatory rules.  In particular it covers some of the new pharmacovigilance (PV) rules that went into effect in January of this year.  This Q&A document is 195 pages long(!).  It covers many regulatory issues.  Some of these are new and some old.  This is a consolidated view of questions on the website in various areas.  We will briefly(!) summarize the PV related points.  Not every Q&A is noted here and the more arcane details are omitted.  Refer to the document for the full detail.

Post Authorization Safety Studies (PASS) – a new section dated March 2013

A PASS is any study relating to an authorised medicinal product conducted with the aim of identifying, characterising or quantifying a safety hazard, confirming the safety profile of the medicinal product, or of measuring the effectiveness of risk management measures.  They may be voluntary on the part of the Marketing Authorization Holder (MAH) or the competent authority (CA).

Systemic reviews and meta-analyses imposed by the CA are considered non-interventional PASS.

Any CA imposed non-interventional study will be supervised and assessed by the PRAC.  The protocol should be approved (“endorsed”) by the PRAC and also submitted to the member state where it is to be done.  If the PRAC determines that the trial is, in fact, an interventional trial it must be handled as a clinical trial and not as a non-interventional PASS.  Amendments must also be so approved.  The final study report will be assessed by the PRAC.  Results of a non-interventional PASS may lead to a type II variation and/or a safety variation.

PSURs – a new section dated March 2013

There is a discussion of the “EU Single Assessment” which is a PSUR for multiple different Marketing Authorizations (MAs) held by one or more MAHs in which there is the same active substance or same combination of active substances and for which there is a harmonized frequency and submission date in the Union Reference List.  This could include centrally approved, mutual recognition and decentralized approvals.

Next there is a long discussion of the European Union Reference Dates (EURD) List which came into force April 1, 2013.  This is a list of active substances (or combinations) telling the MAHs the frequency and reference (reporting) dates for PSURs.  This list was created to harmonize data lock points and submission frequency and to allow a single assessment in the EU.  The EMA notes that this is a living document and can be amended when considered necessary should new information warrant a change.  This list overrules the “routine” submission schedule used in the past as well as the frequency listed in the MA.

PSURs must be submitted on all approved products even if they are not marketed.

PSURs, PSUR addenda, Summary Bridging Reports and line listings are no longer submitted as part of the renewal application.

An interesting question asks why some data lock points are so far in the future.  The response is that this is the determination based on the risk-benefit profile but the dates are “likely to be amended on a monthly basis to take into account any need to re-evaluate the risk-benefit profile…in case of emergence of any PV concerns.”  So the MAH should check the EURD every month to see if its products’ time lines have changed.

If a company’s product is not on the list they should follow the old schedule of every 6 months, yearly then every 3 years.  Some generics, homeopathics and traditional use products do not have to submit PSURs.  The MAH may request a change in the EURD list for its products for public health reasons, to avoid duplicate submissions and to achieve harmonization of dates.

Single CA PSUR assessments: This has come into effect for centrally approved products.  Nationally approved products are not yet under the single assessment system and will not be until further notice.  The procedures are complex:

  • For a single centrally approved products and for several centrally approved products with the same active substance or combination and where the submission dates are harmonized all PSURs must use the new GVP Module VII requirements (PBRERs) involving the PRAC.
  • For the same substance or combination where there is a mix of centrally and nationally approved drugs, the new single assessment will be done.
  • Nationally approved products may fall under the single assessment if they already participate in the “worksharing” scheme.  If not, the PSUR assessment remains at the national level for now.
  • Single member state approvals remain at the member state level for PSUR assessment and are not covered by the single assessment legislation.

Line listings are no longer required in the PSURs though the EMA or CA may request them.

Timing is 70 calendar days from the data lock point for PSURs covering up to and including 12 months.  PSURs covering intervals greater than 12 months are submitted within 90 days of data lock point.  There is much detail on the format and mechanism of submitting a CR0ROM or DVD.   See the Q&A for full details.

Generics, in general, do not have to submit PSURs if they are not included in the EURD list and there are no conditions in the MA.  Hybrid products must submit PSURs.

The timeline for the handling of the PSUR is as follows:

Day 0 Start of the procedure
Day 60 PRAC Rapporteur’s preliminary assessment report
Day 90 MAH & PRAC members’ comments
Day 105 PRAC Rapporteur’s updated assessment report (if necessary)
Day 120 PRAC recommendation adoption with the final PRAC assessment report
Day 134 CHMP opinion/CMDh position

The outcome of the PSUR assessment results in a legally binding decision (e.g. to vary, suspend, revoke an MA).  PRAC assessments go to the CHMP for PSURs if at least one centrally approved product is involved and the the CMDh if the PSUR only covers nationally approved products.

PV System Summary/PV System Master File (PSMF)

The MAH must have a PSMF which is a detailed description of the PV system used by the MAH.  This is not part of the MA and is maintained separately.  It must be permanently available and produced with 7 days upon CA request.  It must be located in the EU where the main PV work is done or where the QPPV works.  The QPPV must live and work in the EU.

Applicants are required, at the time of initial MA application, to have in place a description of the PV system that describes the system that will be in place and functioning at the time of the granting of the MA and marketing of the product.  A PV system must be in place at the time of the MA approval.  The PSMF may be requested during the MA review.

The MAH may subcontract some PV activities to third parties but the full responsibility for the PSMF remains with the MAH.  There must be a written list of subcontracts with third parties and detailed written agreements describing the roles and responsibilities for the performance of PV and for the PSMF with vendors.

The PSMF is submitted at the time of renewal of the application, at the time of the submission of the annual renewal application for a conditional MA or by July 2, 2015 whichever is earliest.  There is detailed information on the submission of a type IAIN variation and numbering.

Comments

This is a highly detailed and complex document summarizing certain issues involving the regulatory requirements in the EU for centralized products with some comments on national approvals too.  Clearly the EU system has become incredibly complex and arcane if not byzantine.  The regulatory requirements are very specific and detailed and must cover multiple approval routes as well as exceptions and waivers.

The new PV requirements that came into effect in 2013 (and some coming into force later) are similarly complex.  Since not all member states are ready to handle the new requirements, there are interim requirements (stated to a degree in this Q&A) which will change over the course of the next several years.  EudraVigilance will be changing and multiple other things will change over the course of time.  The transition to the new rules will take years (e.g. PSMFs may not fully be in place till mid-2015) necessitating all sorts of work-arounds and one-offs.

As always, we ask the question: will this improve public health?

Posted in Bart's Corner - Your Pharmacovigilance Resource Center | Tagged , , , , , , , , , , | Leave a comment

The UK’s Association of the British Pharmaceutical Industry’s Guidance on AEs & Product Complaints from Social Media

Posted on May 1, 2013 by bcobert

http://www.abpi.org.uk/our-work/library/guidelines/Pages/safety-data-websites.aspx

Background

The Association of the British Pharmaceutical Industry (ABPI) has just released an updated guidance on how companies should handle adverse events (AEs) and product complaints (PCs) derived from social media.  This is a very interesting and useful document and, although in many respects specific to the UK (and EU), there are some general concepts that are quite applicable in the US and globally.  We will review some of those concepts here.

In the introduction, the ABPI notes that pharma companies are indeed actively using social media for all sorts of things including corporate awareness, clinical trial enrollment, patient support programs, disease awareness and more.  They note, very correctly, that the company (Marketing Authorization Holder – MAH) has an obligation to monitor, collect and manage safety and quality issues that arise through the digital media.  This guidance was developed by the ABPI’s expert pharmacovigilance (PV) network and “shared” with the UK’s regulatory agency (Medicines and Healthcare products Regulatory Agency (MHRA)).  It is, of course, not binding nor a government issued document.  It is merely advice – but good advice.

The document goes on to review the historical (CIOMS), UK and EU legal framework and the reader is referred to the document for this information.

Social Media Activities

Next the guidance summarizes the social media activities done by companies:

  • Listening: By this the ABPI means the monitoring of what is being said on the internet and in social media about the company and its products.  The monitoring may be prospective (real-time) or retrospective and is usually done on non-company sites.  Companies may use key words (e.g. their products’ names) to do broad searches on the internet to pick up information.  Particular sites may be specifically followed if it is likely that the product will be discussed there.

    The ground rules the ABPI proposes are that the company declare its presence if it is in listening mode in a discussion, blog, chatroom etc.  Others however, might argue that this will either incite or limit free discussion.

    In addition the ABPI suggests that a formal company project plan be in place for this activity.

    During such listening at non-company sites, the ABPI recommends that the “relevant” pages be monitored for AEs and product complaints (PCs).  This is consistent with EU, MHRA (and FDA) advisories.  Most HAs have made it clear that they do not expect companies to search the internet broadly and proactively for AEs/PCs.

  • Broadcasting: By this the ABPI means one way communications with the public without the possibility of the audience responding, commenting or having any sort of dialogue.  They stress that the company should be very sure that no interaction or comment is, in fact, possible (e.g. via the webmaster or some other area on the website).

    If there is a contact us section, the company must document where the contact information goes, that it functions properly, that it is monitored for AEs and PCs and that a process is in place to handle them when received.

  • Engaging: By this the ABPI means two way interactive communication with the public, patients, opinion leaders etc. for whatever reason.  This may occur on company or non-company websites.  As with “listening” there should be a project plan with objectives and specific methodology, a project owner and AE/PC tracking.  In non-company websites the company should declare its presence and be transparent.

    On company sponsored sites the appropriate disclaimers, permissions and terms and conditions should be noted (author’s note: even if nobody reads them!).  Consent should be obtained for follow up with the reporter of AEs and PCs.  That is, it should be clear to the reporter/patient that the cases will be reported to health authorities.

    On interactive sites, the company must monitor the entire content on an ongoing basis, particularly on message, request information or contact us areas.  The author has seen AEs reported (usually inadvertently) on Human Resources websites when people are applying for a job (“I want to work for your company; I love your products, especially XXXX, which was great for my allergies but did give me headaches.”).  Such monitoring must be frequent enough to ensure that any possible expedited reports (e.g. 15 day reports) are picked up and handled in a timely manner.  Similarly for surveys, there must be clearly defined data gathering, monitoring and AE/PC evaluation.  On outside, non-company sites, the company should do this type of monitoring only during the duration of their project or involvement and stop after that.

Project Management

The ABPI makes some excellent recommendations for companies before embarking on a digital media project.  Clearly all appropriate stakeholders should be contacted: PV, legal, the Qualified Person for PV, data protection/privacy, compliance, medical information, corporate communications and market research.  The author would also add the information technology/webmasters, risk management, sales and, of course, regulatory.

They recommend that a “digital spokesperson” be designated who will manage the site and can escalate any issues in the company if appropriate.

There should be a written, formal project plan covering the objectives, the project owner, the project digital spokesperson, an AE/PC monitoring plan, reconciliation and QC, a review schedule, training as needed, vendor contracts and an exit (closure) strategy.  The author would add that legal should review the plan also.

 Company Responsibilities and Behavior

The ABPI advises that company involvement must be transparent.  If a site is owned or controlled by the company, this should be disclosed.  They also recommend that the company state how long the project is intended to run and how it will monitor and use any user-generated content.

The site should have a clear mechanism for the user to report AEs and PCs to the company.

Any interactive, user response area should be removed or locked to prevent further postings after the project is completed but the website remains available.

If there are out-sourced or third party vendors involved there should be a formal contract with defined responsibilities particularly regarding AEs and PCs.  The company should maintain the right to audit the vendor.

The company should have a stated policy on the website on how it will handle abusive, obscene, inflammatory or offensive content.  That is, if such content is going to be removed or not posted in the first place this should be noted.  A publishing policy (use of readers’ comments) should be noted.

All data privacy and protection laws and regulations must be followed.

There must be appropriate training for all those involved particularly on how to identify AEs and PCs and what to do with them.  Other training issues include off-label use, pregnancy, lack of efficacy and overdose.

 AEs and PCs

The ABPI recommends that companies consider using mechanisms which make AE and PC collection easier such as providing free text fields, AE/PC reporting tools, formal site registration (name & contact information) to allow identification of the reporter and follow up.

The usual validation criteria for an AE apply and the company needs to collect and follow up on AEs and PCs associated/reported with their products.  Data collected should be sufficient to make the usual judgments about labeledness, causality etc.  Data should be collected rapidly and the date of posting should be captured.

Contact details for the reporter are needed.  Usually an email or screen name will suffice and allow contact for follow up.  An attempt to identify the country of the reporter should also be made as this is not always evident.

The ABPI recommends that all AEs and PCs identified by the company (or its agents) be captured and sent to the PV department within one business day.  Confirmation of receipt should be issued and a screen shot of the data should be saved as the source document.  The screen shot is a good point that not everyone thinks of doing.

The company should follow its written procedures on AE/PC handling.  Non-valid cases should be included in signal analyses.

For non-company websites, PCs and AEs that are identified by the company or vendors should be forwarded to the company’s PV department within one day.

The ABPI then addresses software apps for smartphones and tablets.  They make certain recommendations that may not apply in the US.  This is a rapidly changing field and FDA is regulating software/apps with medical applications.  Check local regulations to see if anything special is required.

The ABPI notes that if the company becomes aware of an AE or PC on a non-company site, portal, blog etc. where the content can be viewed by other bloggers and users, the company has a responsibility to follow up and report the AEs/PCs as above.

Finally, the ABPI notes special reporting situations where the company must still pay attention, collect and report.  These include pregnancies, exposure during lactation, overdose, abuse/misuse, off-label use, lack of efficacy, tampering, counterfeiting, drug-drug, drug-food interactions, transmission of an infectious agent and occupational exposure.

Comments

These are very reasonable proposals from the ABPI.  They seem to follow standard practices currently done in North American and Europe.  The FDA and other health agencies are struggling with social media both in regard to AEs and PVs but also regarding claims, off-label use, advertising and promotion, fair balance (how can you give fair balance in a 140 character tweet?).  This is an evolving field and it is likely that FDA and other agencies will issue regulations, or at least guidelines, at some point.  As for now, these guidelines, a conservative policy on safety and common sense are the best way to handle social media.

Posted in Bart's Corner - Your Pharmacovigilance Resource Center | Tagged , , , , , | Leave a comment

FDA and PBRERs (PSURs)

Posted on April 29, 2013 by bcobert

http://www.fda.gov/downloads/Drugs/GuidanceComplianceRegulatoryInformation/Guidances/UCM346564.pdf?source=govdelivery

In April 2013 FDA issued a brief guidance entitled Providing Postmarket Periodic Safety Reports in the ICH E2C(R2) Format (Periodic Benefit-Risk Evaluation Report).  This document summarizes FDA’s position on accepting the new format EU/EMA PSURs known as PBRERs (pronounced “pee-bers”).

New & Old PSURs

A brief review of the new and old PSUR situation.  The PSURs (Periodic Safety Update Report) have been around for many years.  They are standardized and accepted by most health authorities (including FDA, Health Canada, the EU).  A PSUR covers one entity (all indications, dose forms, routes of administration and regimens).  They include an analysis and evaluation of new or changing safety data received during the period covered by the PSUR which includes:

  • Analysis of ADRs & lack of efficacy cases,
  • An interval data review.  Minimal cumulative overviews
  • Safety data from studies
  • Other relevant safety information
  • Pregnancy experiences
  • Increased frequency where meaningful
  • Follow up of any Risk Management Plans in place
  • Timing of submission was rigid (in the EU: every 6 months for 2 years, yearly for 2 years then every 3 years forever).

They are meant to be critical, medical analyses unlike the Annual Safety Reports they replaced which were more data dumps than analyses.

The new PSUR (which is still officially and confusingly called a PSUR but is unofficially called a PBRER) came into effect in the EU in January 2013 and is based on ICH E2C.  It is an analytical document covering “all available data” – both interval data and cumulative data.  It covers the items above but has much more including a review of market uptake and off-label use.  A big change is that it now views risk in the context of benefits.  That is, risk is no longer reviewed in isolation (as in the old PSURs) without considering whether the drug is used for a benign set of symptoms (e.g. anti-histamines for seasonal allergic rhinitis) or for deadly diseases (cancer, infections) and without considering whether the drug really has benefits or not.  New relevant interval data is reviewed in the context of cumulative information and how it impacts on the integrated benefit-risk assessment. The timing of its submission is no longer the same for all drugs but is rather determined by the regulators in the EU based on the drug, disease etc.  Frequency of submission is now published in the European Union Reference Date List and the agencies may change the timing at any point if they feel it to be appropriate.

So in the EU at least, the new PSUR is to be used.  There are complicated interval/interim rules in place and not all health authorities are quite ready to handle these new reports but nonetheless, everyone is now transitioning to them and by year end or so the process will presumably be smoother.  There are still outstanding issues that the EMA/member states must clarify (e.g. what is to be in the efficacy section) and this too will work itself out over the next year or two.

Some problems arise outside the EU.  Most of the rest of the world requires the old format PSUR often with local additions (e.g. the FDA requires additional US data) and sometimes with timing that differs from the old EU timing.  Nonetheless, after nearly two decades of PSURs everyone has gotten comfortable with them around the globe.

Now, with a new document going to the EU, the question is what will the rest of the world accept.  Will other countries accept the new EU format with its efficacy section and much more safety data? And what about the EU specific sections such as the review of EU risk management plans which may or may not be germane in other countries.  In effect, should Australian TGA or the US FDA be sent information on EU risk management plans?

Another complicating factor is that the EU changed the contents of its PSUR by getting rid of most of the line listings of individual cases that formed the voluminous appendices in the old PSURs?  Why did they do this? Because in the EU now, companies must submit all serious and non-serious post-marketing cases in 30 and 90 days respectively.  Thus the EU gets (essentially) all the cases in near real time, not just expedited reports, and doesn’t have to wait months or years to get the serious and non-serious AES in PSUR line listings.  They already have them in EudraVigilance by the time the new PSUR is submitted.

This is NOT the case in the rest of the world where the old expedited (15 day reports) requirements still remain in place and real time ICSR reporting is not done.  It’s not clear that other non-EU countries will want or be able to handle the continuous reporting of all cases as the EU now does (well sort of – EudraVigilance is still transitioning too and many of the member states – broke and bailed out – may not be able to handle them either. Not clear the US could handle them as we are nearly broke and sequestered too).

So now, if other countries just get the PBRERs without line listings, they won’t have received all the cases (serious non-expedited and non-serious).  So they will probably still require the old-style line listings thus creating another “flavor” (version) of the new PSUR which is a hybrid of the old and new.

Other countries may not accept the EU’s timing.  In fact, the EU has (sort of) said that some old and “safe” drugs won’t even need PSURs and generic drugs also may not need PSURs.  It is unlikely that other countries will accept the EU’s new requirements.  This is the continuing slow ending of harmonization (or at least whatever harmonization we have now).

Various other countries are now making PBRER policy.

The FDA PBRER Policy

The FDA has just issued its policy as a guidance: non-binding recommendations.  Since the US regulations actually do not require PSURs (even the old kind) but still require a Periodic Adverse Drug Experience Report (PADER/PAER), the FDA requires that companies must obtain a waiver from FDA to submit PSURs.  FDA has been giving (if not encouraging) these waivers for many years and they are usually easily granted.  The waiver procedure continues.  Even with a waiver though, companies must still provide the contents of the PADER as defined in the federal regulations:

  • Copies of all non-expedited individual case safety reports (ICSRs) received during the PSUR reporting interval must be submitted.
  • A narrative that identifies any changes made to the approved U.S. labeling based on new information in the PSUR
  • The data lock point may be changed to harmonize with international birthdates but no gaps in reporting are permitted
  • Reporting frequency essentially remains the standard US requirements (every 3 months for two years and then yearly forever).  If PSURs are submitted using ICH (or EU) timing, then the 3 month and annual reports must be submitted either as PSURs or PADERs/PAERs.  In other words, something has to be submitted every three months for 3 years and then yearly.  Some or all of these can be PSURs.

So in this guidance, FDA indicates that if a company/sponsor/applicant already has an old style PSUR waiver they do not need to submit a new waiver request.  If there are no changes in the data lock point or frequency of reporting, the sponsor does not need to tell FDA but can simply send the PBRERs.  If there are “substitutions” in the waiver (e.g. submitting some PADERs and some PSURs), the new PBRER can be used.  It is not stated, but it probably is wise to speak to FDA to be sure the new PBRER is ok. Of course, the new PBRERs still have to have the US specific data as required in the old PSURs.

If there are changes in the data lock point and/or frequency of reporting, the FDA should be contacted and a “notification” should be submitted noting the changes.  As always, no gaps in reporting are permitted.

If the plan is to submit the PBRER less frequently than is permitted in the current waiver, FDA needs to be notified and the measures taken to ensure that the usual US reporting requirements.

Interestingly, FDA indicates that “if you are on a quarterly reporting schedule but with to report every 6 months without submitting a quarterly PADER/PAER in the intervening quarters” this may be requested.  This is most interesting.  FDA does not, in this document, give criteria for when this might be acceptable.

Getting a New Waiver

If a sponsor does not have a waiver and wishes to get one, this document indicates what needs to be submitted and where to submit.  Each NDA/application must have a waiver though a single waiver request can cover multiple applications.  In the waiver, the company must indicate:

  • The product name(s) and application number(s).
  • A brief description of the justification for the request.
  • The U.S. approval date for the product(s) and current reporting interval used.
  • The reporting interval of the last PADER/PAER submitted for the product(s).
  • The data lock point you intend to use for each PBRER. If you propose a data lock point other than one aligned to the U.S. approval date, you should describe how you will ensure there are no gaps in reporting intervals.
  • The frequency with which you intend to submit reports.
  • The PBRER may be used with US specific appendices
  • Submission may be in the 70/90 day timelines in the ICH guideline

Implications

This is the author’s view (not FDA’s).

Does the company really want to give more information to the FDA than is required?  This may be a good thing but it may also raise more questions than it answers.  Each company must decide.

The workload at the company many increase if the company still submits PADERs (which are usually easier to compile) than PBRERs which must be customized for the EU and for the US and for which the timing may vary.  It might be that the company will write a US specific PBRER that does not get submitted to the EU or an EU style PBRER that doesn’t get submitted to FDA. Companies may have to produce PADERs, PSURs and bridging reports.  This may produce a series of “one-offs” whereby each product is handled differently making the life of the drug safety and regulatory folks rather complicated.  In spite of harmonized birth dates, there may be multiple submissions for each product each year around the world.

Complex drugs with high volume ICSRs or drugs with complex safety problems or REMS will become complicated.  Companies must ensure that they say the same thing to every regulator.

My personal preference is to try to minimize operational headaches, particularly if report preparation is outsourced or fragmented (e.g. multiple CROs or groups within a large company preparing reports).  The people and groups involved, the more approvals, the more formats, the greater is the chance for something to get inadvertently messed up.

As always, it is not clear that this new report will improve public health and minimize patient adverse events.  That remains to be seen (if we choose to actually measure whether safety has improved 5 or ten years down the road).

Posted in Bart's Corner - Your Pharmacovigilance Resource Center | Tagged , , , , , | 1 Comment

FDA’s Structured Approach to Benefit Risk Assessment

Posted on April 17, 2013 by bcobert

http://www.fda.gov/ForIndustry/UserFees/PrescriptionDrugUserFee/ucm326192.htm

In February 2013, FDA released a new document outlining their “structured approach to benefit risk assessment in regulatory decision making”.  This document was released as a result of requirements and commitments for FDA from PDUFA V.

Here is a review of the contents followed by some comments on it and its implications.

Background

Starting in 2009 FDA has been developing a systematic approach to benefit-risk (BR) assessment for drug review.  It has set several requirements for this new policy.  It must operate within the legal, regulatory and policy framework of FDA as it now exists; use a systematic approach for life cycle benefit risk assessment; and decide on a new approach.  FDA has decided, in regard to the approach, that quantitative decision modeling is sometimes useful but rather they will use a “structured qualitative approach” and integrate the new methodology into the existing work processes.

FDA’s framework for doing each analysis will now include the following components:

 

  • Analysis of Condition

Assess severity of the condition

  • Current Treatment Options

Analysis of other options

  • Benefits

Primarily clinical trials: 1o and 2o endpoints, subpopulation analysis

  • Risks

Adequacy of the safety database, the severity and reversibility of AEs, and the potential for sub-optimal management in the post-market setting

  • Risk Management Procedures
  • Evidence & Uncertainties in the known data
  • Conclusions & Reasons for Decision

Graphically it will look like this for each factor in the decision:

They performed a pilot project in 2012 in which six new NDA/BLAs were analyzed using this framework.  This permitted FDA to refine and test the process and integrate into the current work flow.

In 2013 they will revise the Clinical Review Templates that are currently used for product review.  Here is an example of a current one: http://www.fda.gov/downloads/BiologicsBloodVaccines/BloodBloodProducts/ApprovedProducts/LicensedProductsBLAs/FractionatedPlasmaProducts/UCM343981.pdf

The basic contents of such templates are usually as follows:

Table of Contents

Glossary

1. Executive Summary

2. Clinical and Regulatory Background

2.1 Disease or health related conditions Studied

2.2 Currently Available, Pharmacologically Unrelated Treatment(s)/Intervention(s) for the Proposed

Indication(s)

2.3 Safety and Efficacy of Pharmacologically Related Products

2.4 Previous Human Experience with the Product (Including Foreign Experience)

2.5 Summary of Pre and Post submission Regulatory Activity Related to the Submission

2.6 Other Relevant Background Information

3. Submission Quality and Good Clinical Practices

3.1 Submission Quality and Completeness

3.2 Compliance With Good Clinical Practices And Submission Integrity

3.3 Financial Disclosures

4. Significant Efficacy/Safety Issues Related to Other Review Disciplines

4.1 Chemistry, Manufacturing, and Controls

4.2 Assay Validation

4.3 Nonclinical Pharmacology/Toxicology

4.4 Clinical Pharmacology

4.4.1 Mechanism of Action

4.4.2 Human Pharmacodynamics (PD)

4.4.3 Human Pharmacokinetics (PK)

4.5 Statistical

4.6 Pharmacovigilance

5. Sources of Clinical Data and Other Information Considered in the Review

5.1 Review Strategy

5.2 BLA/IND Documents That Serve as the Basis for the Clinical Review

5.3 Table of Studies/Clinical Trials

5.4 Consultations

5.4.1 Advisory Committee Meeting (if applicable)

5.4.2 External Consults/Collaborations

5.5 Literature Reviewed (if applicable)

6. Discussion of Individual Studies/Clinical Trials

6.1 Trial #1

6.1.1 Objectives (Primary, Secondary, etc)

6.1.2 Design Overview

6.1.3 Population

6.1.4 Study Treatments or Agents Mandated by the Protocol

6.1.5 Directions for Use

6.1.6 Sites and Centers

6.1.7 Surveillance/Monitoring

6.1.8 Endpoints and Criteria for Study Success

6.1.9 Statistical Considerations & Statistical Analysis Plan

6.1.10 Study Population and Disposition

6.1.11 Efficacy Analyses

6.1.12 Safety Analyses

6.2 Trial #2

(as above with trial #1)

7. Integrated Overview of Efficacy

8. Integrated Overview of Safety

8.6 Safety Conclusions

9. Additional Clinical Issues

9.1 Special Populations

9.1.1 Human Reproduction and Pregnancy Data

9.1.2 Use During Lactation

9.1.3 Pediatric Use and PREA Considerations

9.1.4 Immunocompromised Patients

9.1.5 Geriatric Use

9.2 Aspect(s) of the Clinical Evaluation Not Previously Covered

10. Conclusions

11. Risk-Benefit Considerations and Recommendations

11.1 Risk Benefit Considerations

11.2 Risk Benefit Summary and Assessment

11.3 Discussion of Regulatory Options

11.4 Recommendations on Regulatory Actions

11.5 Labeling Review and Recommendations

11.6 Recommendations on Postmarketing Actions

12.  RECOMMENDATION

Thus many of these sections will be revised.  A major addition now will be the consideration and use of the drug in the post-marketing setting as this use is critical to understanding the drug’s profile, particularly regarding safety.  A new draft guidance will be developed on how to apply this methodology to whether a REMS is necessary to ensure that the benefits of a drug outweigh its risks.  This will then be used for FDA’s post-marketing review of the drug’s BR assessment when new information arrives.

FDA will need to consider the utility of new post-marketing data that comes from sources which are, as they put it, of “varying levels of rigor” and how well the previous BR assessment based on pre-marketing data compares with the post-marketing data.

This new methodology will be implemented beginning in 2014 when it will be used for NDAs on new molecular entities and original BLAs.  In 2016 efficacy supplements for new and expanded indications will be evaluated using this framework and in 2017 all original NDAs will then also use this methodology.

FDA will create various internal boards to track the changes and look at the outcomes and results of the assessments with the new methodology.  There will be a CDER and a separate CBER Advisory Group with members from multiple disciplines including New Drugs, Surveillance & Epidemiology, Medical Policy, Clinical Science, Planning & Informatics and others.  Evaluations will begin in 2015 and 2016 after several applications have been handled this way.

FDA will hold two public workshops with the first in 2014 covering the framework and methodology and the second at an unspecified date focusing on the results of the implemented frameworks.

Another interesting aspect is that FDA will hold four public meetings over five years to look at this framework for four disease areas which are in the process of being chosen.

FDA will obtain the patients’ perspectives on:

  • the current standard of care, what therapies are now being used including approved and off label use.
  • The effectiveness, tolerability and tolerability of the therapies
  • whether they change the course of the disease and are there subpopulations that respond differently.
  • What manifestations of the disease have the greatest impact on the patients particularly in terms of daily life activities.
  • What is the standard of care for the disease

Comments

This interesting document describes how FDA will look at benefit and risk.  It is a bit confusing (to me) but gives the broad strokes of where FDA is heading.  How it will integrate post-marketing data at the time of approval is unclear as this data does not yet exist.  It appears the likely uses in the post-marketing setting will influence whether a REMS is needed and, if so, what will be required.

This approach resembles, in many ways, the approach that is being undertaken by the EMA, Health Canada, the UK’s MHRA and others.  There is a broad approach of looking at the benefits and risks from all stakeholders’ points of view.  Clearly the NDA/MA submission presents the pharma company’s benefit profile (usually with a touch of marketing thrown in…), as well as the patients, the FDA and other interested parties including, in some cases, an Advisory Committee.  The big picture will be examined in terms of the disease and its clinical course, what other therapies there are and whether they can modify the disease, off label use (and presumably abuse) and other factors.  As with the EMA, the idea of folding in the post-marketing picture in addition to the clinical trials pre-marketing data will now be formally included.  The EMA makes the distinction between (pre-marketing) “efficacy” and (post-marketing) “effectiveness”.  The FDA does not use these words but the concepts are similar.  The EMA has also included these concepts in the new format Risk Management Plans (RMPs) and in the new format PSURs (PBRERs-Periodic Benefit Risk Evaluation Reports).

Thus the concept of continuous and continuing benefit risk analysis during the full life cycle of the drug is now the “new normal”.  There is likely to be much overlap between FDA and EMA processes though surely each will have its own peculiarities and twists.  The challenge for the industry is to marry the two such that the conclusions and mitigation procedures are in harmony.

Another tricky area will be to see how bureaucratic and detailed the requirements will be.  Whether the same depth of BR analysis is needed, for example,  for a “benign” anti-histamine and a toxic oncology drug remains to be seen.  How generics, biologics and biosimilars will be handled in this framework also is not yet defined well on either side of the Atlantic.

We are in the infancy of the benefit risk paradigm.  As large databases and electronic health records come on-line there will be enormous amounts of data available.  How one sifts through the data and how one separates the needle from the haystack remains to be seen.   Hopefully the agencies will actually measure the effectiveness of the new processes and keep what works and discard what doesn’t.  It’s a reasonable start but if we don’t have a reasonable finish the system won’t fly.

Posted in Bart's Corner - Your Pharmacovigilance Resource Center | Tagged , , , , | 1 Comment