Safety Data Exchange Agreements (SDEA) are legal written contracts ensuring that all safety data regarding a licensed product makes its way quickly and reliably back to the marketing authorization holder(MAH) so that they may fulfill their legal obligations to aggregate safety data and to submit safety reports in a timely manner. Companies must have safety exchange agreements in place in order to remain in full regulatory compliance.
It is the prime responsibility of the marketing authorization holder to have an SDEA in place to control and guarantee that no safety data falls through any “gaps”. It is imperative that all the data gets through and there is a system of acknowledgement of receipt and reconciliation of data sent and received. This applies to both clinical trial and post-marketing situations as well as any special programs such as patient support programs. Some companies want just MedWatch or CIOMS I forms for each case, others want the source documents also.
SDEAs are prepared between different stakeholders such as:
1. Marketing authorization holder and manufacturers
2. Marketing authorization holder and distributors
3. Marketing authorization holder and MAH licensing partner or cross licensing partner
4. Marketing authorization holder and batch release site
The agreement between marketing authorization holder and distributor and that with MAH licensing partner or cross licensing partner is the most critical as there are high chances of getting safety data at distributor, MAH licensing partner or cross licensing partner’s end. The key players in setting up SDEAs are the lawyers. All contracts are (or certainly should be) approved by the legal department.
Since this agreement is binding on all the partners, the legal department should review and approve the document. Usually, companies develop the SDEA template.
Key aspects which should be covered in SDEA are:
· Definition of terminologies and language of communication
· Format and mode of communication
· Products and territory for agreement
· Exchange of medical or product enquiries and quality complaints- timelines, format and responsibilities
· Exchange of cases- timelines, format and responsibilities
· Exchange of aggregate reports- timelines and responsibilities
· Exchange of validated signals- timelines, responsibilities, information on communication to regulatory authority
· Information on pharmacovigilance management system
· Reconciliation method and frequency
· Safety database
· Responsibility during regulatory inspections for PV
· Data privacy and confidentiality clause
· Business continuity plan
· Termination clause
· Revision details- when and how
· Contact details such as phone no, email ID for communication of safety related details
Depending on the requirement, the SDEA may have to include assigning responsibility for EU QPPV, PSUR writing, literature searching, submission of reports to regulatory authorities, answering regulatory authority questions, handling product complaints, signal detection, hosting the safety database and ongoing benefit-risk evaluation. If some or all pharmacovigilance activities are being outsourced, including Medical Information, Call Centers, Adverse Event Processing, the SDEA needs to be comprehensive, detailing which parties are responsible for which activities, even though the ultimate responsibility lies with the MAH. The types of data and activities governed by SDEAs differ from company to company and from product to product.
All of the SDEAs must be part of the MAH’s quality management system and the writing, approval and documentation of each SDEA and each type of SDEA must follow company SOPs and be auditable. This is a regulatory requirement and SDEAs are inspected during pharmacovigilance inspections and audits.
One of the major reasons for non-compliance in pharmacovigilance is the SDEA deficiencies. A routine tracking of data exchanged as per the SDEA is required. There should be a database maintained for SDEAs for all products listing partners, dates of the agreements, drugs covered, obligations and documents exchanged, and so on.
In addition, there must be tracking of those companies who violate the agreements by sending late reports or by not sending reports at all. How one can identify a company who is a remote location and is not sending serious adverse events, is another tricky issue altogether and involves working with the corporate quality and auditing groups.