IT: a compliance lifeline

Lars Davies, Chairman of the Life Sciences Compliance Forum, looks at how technology can help pharmaceutical companies cope with the industrys growing regulatory burden.

Audit trails, authenticated emails, and data retention policiesthese are the lifelines that pharmaceutical companies will need to cling to if their processes are ever called into account by the regulators.

Although a hefty fine is the most obvious risk of non-compliance, life sciences firms could also be putting new products, their brand and customer loyalty on the line by failing to meet legislative demands.

Meeting the rigours of compliance, however, poses a massive challenge for IT departments, who must not only consider UK legislation but also regulations emanating from government and industry bodies in the US and Europe.

UK leads the way
Although the life sciences sector still faces a considerable compliance challenge, IT departments in the UK are well ahead of their US counterparts in terms of technology investment.

New research from the Life Sciences Compliance Forum (LSCF) reveals that nearly three-quarters of UK pharmaceutical firms are already deploying IT solutions to help them comply with regulations governing pharmaceutical research, manufacture and distribution.

Meanwhile in the US, a study by Gartner shows that life science firms do not appear to have much confidence in IT to help them manage compliance, with less than half currently having solutions in place.1
Ellie Pendreich from Informatica, one of the founding member companies of the forum, comments: Technology has a crucial role to playnot only in achieving compliance, but also in aiding ongoing efficiency in the supply chain. Early adopters that have already invested in IT solutions for compliance purposes are seeing additional operational benefits, such as improved confidence in information integrity and enhanced access to data, which will help increase overall productivity.

Unlocking the potential of IT
Harnessing the power of IT to aid compliance, however, involves the introduction of not only new systems but also processes, as well as the adoption of a new mindset towards corporate data.

As IBMs Ray Morris, a member of the forum, explains: Enabling data and corporate transparency is at the heart of many of the new regulations, which means all companies will be forced to make business and customer information more accessible. Enabling such access, however, relies on a number of complex data management processes being in place.

Before data can be made widely available, life sciences companies need to identify the information that they hold, then categorise, sort and store this materiala process that will involve multiple systems and sources, such as emails, VOIP telephone conversations and ERP solutions.

Metadata tagging is valuable tool for dealing with such a disparitynot only does it describe a file and its contents, it can also be used to track the files creation and any subsequent changes. The ability to track and prove decisions made about a products manufacture or distribution will be vital for complying with the audit trail demands of both Sarbanes Oxley and the Food and Drug Administration.

Achieving integrated compliance
Identifying such common elements in current and future regulations will help life sciences firms implement a holistic approach to compliance, which can reduce both the associated costs and complexity.

Despite the potential benefits of a holistic strategy, the LSCF research reveals that few UK companies have yet to adopt this approach, with many organisations seeing outsourcing as a solution to the compliance problem.

However, Richard Hawtin, an outsourcing specialist with lawyers Baker & McKenzie, warned: Compliance obligations can never be off-loaded to a sub-contractor or outsourcer. What is critical for life science firms is to ensure that contracts document clearly what the supplier's responsibilities are in terms of enabling the firm to be compliantand that the liability if those obligations are breached is clear. The nirvana is ensuring that third party suppliers, such as clinical trial specialists and research partners, can adhere to new rules before they hit the statute booksbut who bears the costs when those rules change is a whole different ball game.

Although the barriers to compliance appear manifold, life sciences firms have no choice but to conform. Tackled successfully, however, compliance need not be just an encumbranceit can also become the springboard for improved operational efficiency.


Lars Davies is Chairman of the Life Sciences Compliance Forum. The Life Sciences Compliance Forum was founded in 2004 to help the industry cope with its regulatory challenges and establish best practice IT solutions for aiding compliance



1 Learning from Compliance Efforts at Life Science Firms, Gartner Research, December 2004.

Compliance checklist

Audit which documents need to be stored for legal or commercial reasons, and identify any duplicate or irrelevant material

Assess how your company would respond to a request for information under the FDA or Data Protection Act regulations. Could you access all the necessary data within the time period required?

Evaluate whether your IT systems have the evidential weight to prove the authenticity and integrity of retained emails

Monitor suppliers compliance measures to ensure they adhere to new legislation

Create a holistic compliance strategy to avoid duplication of effort and maximise the potential of existing IT systems

At a glance: timeline for key legislation

Future Medicines Legislation, October/November 2005

WEEE Directive, June 2006

Restriction of Hazardous Substances Directive July 2006

Sarbanes-Oxley, July 2006 onwards

FDAs 21 Code of Federal Regulations (CFR), Part 11, 2007

Comments (0)

Add a Comment

This thread has been closed from taking new comments.

Editorial: +44 (0)1892 536363
Publisher: +44 (0)208 440 0372
Subscribe FREE to the weekly E-newsletter