Pharmaceutical companies and the FDA conduct postmarketing surveillance to detect problems with medicines after the FDA has approved them for distribution. These problems are similar to what can occur before a given drug is approved for sale; they include side effects, adverse interactions with other medicines, and manufacturing problems. Postmarketing surveillance, by its nature, benefits from large numbers of consumers, as opposed to the relatively limited numbers of people enrolled in premarketing studies, and can uncover issues that were statistically less likely to appear before a given medicine's commercial release. Postmarketing surveillance of drugs falls under the jurisdiction of the FDA. Although postmarketing surveillance is primarily intended to identify unexpected adverse effects of drugs, intentional contamination of drugs has occurred and adverse event reporting systems are a potential means by which such events may be detected.
For this reason, we review how pharmaceutical adverse-event reporting occurs in the United States, identify and examine related electronic systems, and consider whether additional systems are required to counter this threat.
Both pharmaceutical manufacturers and the FDA maintain adverse-event reporting, or safety, databases. The FDA's system—discussed below—contains reports that have been vetted by pharmaceutical makers but that are weeks old. Manufacturers' databases are populated with reports with actual latencies for serious or life-threatening incidents that may be as little as 48 hours, or as much as several days to weeks for minor or trivial drug reactions. In the latter cases, the patient may not have even bothered consulting a physician for care. Because monitoring for adverse events is more extensive in clinical trials involving investigational drugs, relevant information may be available earlier than 48 hours; public health authorities may use this to improve detection of events, such as drug tampering. Drug tampering can occur during such trials, but clinical trials do not represent the target of most tampering attempts.
Adverse event reports may vary in content, depending on the source of the report. A report from a physician will generally be the most complete, including a description of the event itself, the affected patient's relevant medical history, results of physical examination (if performed), and results of laboratory tests (if any). A call to an adverse drug reporting hotline by a consumer may yield a complaint that something is wrong, as well as some medical history, but will not include physical examination results or other data obtainable from a physician. A competent hotline interviewer should strive, in that case, to ensure that information relevant to most, if not all, categories of public health threats may be elicited.
FDA-Operated Adverse Event Reporting System. The FDA operates AERS, the Adverse Event Reporting System. This system resides on an Oracle database maintained by the agency. Adverse event reporting consists of a mix of voluntary and mandatory reporting. Reporting by manufacturers, healthcare providers, and patients may be accomplished in a number of ways: by telephone to a FDA hotline, by fax, or by submission of a form through the FDA's Web site. In June 1993, the FDA
established Medwatch, which is specifically designed to facilitate voluntary reporting by healthcare providers.
Manufacturers are required by law to report adverse events. When they do so, names and addresses of patients suffering an adverse event are not reported to the FDA in the initial report, but the reporting manufacturer must maintain raw information used to file the report for at least 10 years.
Mandatory reporting of adverse events is governed by sections of the Code of Federal Regulations (CFR), including Part 21 sections 310.305, 312.32, 314.80, and 600.80. These regulations cover use of prescription drugs and biological products, investigational new drug (IND) safety reporting, and postmarketing reporting of adverse experiences. The FDA requires a pharmaceutical maker or distributor to report unexpected adverse events brought to its attention within 15 days. Although the regulations state such reporting should be accomplished as soon as possible, the absolute deadline is 15 days. Expected adverse events, meaning events noted during prelicensing trials, must be reported quarterly; in cases of serious or life-threatening events, the FDA requests that companies file within 15 days, a guideline that is generally accepted and adhered to. At least one company has stated it files adverse events reports with the FDA, for investigational drugs, within 7 business days. The 15-day reporting requirement reduces the timeliness and thus the potential value of AERS as a contributor to early detection of public health threats. According to FDA staff, the agency has not investigated or documented the average lag time for reporting; one staffer remarked that pharmaceutical makers, although adhering faithfully to the regulations, frequently filed reports very close to the deadline, implying that the average lag between the time of awareness of an event by a company and its report to AERS may be close to the 15-day limit. Officials at three pharmaceutical manufacturers confirmed this; although interviews with them revealed the average may be 8 to 12 days.They explained that the reason lay in a need to confirm the veracity of collected information. Moreover, this lag does not include the time between a patient's initial call or presentation for examination and the mandatory reporter's (i.e., pharmaceutical maker) becoming aware of it. This lag may be minimal, in the case of serious or life-threatening events, or it may be several days or even weeks for less serious events.
Another limitation is the misattribution of a report of illness or ill effect to another cause. Unless a physician, pharmacist, or the patient identifies a malady as a drug-related adverse event, no one will report it to AERS. Medwatch has four goals, stated on FDA's Web site. The following bullets are quoted exactly (MedWatch, 2005):
• Make it easier for healthcare providers to report serious events.
• Make it clearer to healthcare providers what types of adverse events FDA is interested in receiving.
• More widely disseminate information on the FDA's actions that have resulted from adverse event and problem product reporting.
• Increase healthcare providers' understanding and awareness of drug—and device—induced disease.
Medwatch does not demand adherence to a standard here for timeliness of reporting and inclusion of data on the AERS system.
Because of recent concerns that healthcare providers and the public are not learning about serious safety-related issues in a timely way, the FDA announced in February 2005 that it had established a new Web site, Drug Watch, to alert the agency's various constituents to problems identified after drugs are approved for marketing (FDA, 2005a). The FDA developed this Web site to address side effects, drug to drug interactions, and other safety data pertaining to the drugs themselves, not to enhance the early detection of epidemics or bioterrorism. Nonetheless, the decision is significant because it represents a new information-sharing policy. Previously, FDA consulted with pharmaceutical makers before releasing new safety-related information. Now, "we're not going to discuss it [public release] with them.They're not going to review it,'' acting CDER Director Steven Galson told Knight-Ridder Newspapers (Young, 2005).
How FDA Learns of Adverse Events. The FDA's staff learns of adverse pharmaceutical-related events in a number of ways. The pharmaceutical industry reports drug experience data before approval via clinical trial reports (phases I to III) submitted as part of a new drug application. After receiving marketing approval from the FDA, pharmaceutical companies send the agency the results of phase IV trials and regular postmarketing reports. These manufacturers also report data through AERS; the FDA also receives information from market research and tracking firms who work for drug makers, such as IMS or National Data Corporation.
Healthcare providers supply data to the FDA through AERS, and FDA staff regularly review published, peer-reviewed medical literature. Foreign drug regulators exchange information with the FDA on a regular basis. Figure 10.2 illustrates the various data sources available to the FDA.
Not all of these data sources can address the need for early detection. The best source available to the FDA is AERS.
Pharmaceutical Maker Adverse Event Reporting. Pharmaceutical makers maintain their own safety-related databases of adverse events, reported by healthcare providers and consumers. These database systems generate adverse event reports, as appropriate, to the FDA. The databases may be purchased from vendors or may be adaptations of software developed in-house by the manufacturer to record untoward events during clinical trials of investigational drugs. Recent installations all use relational database technology. Trained personnel,
usually registered nurses, who are familiar with the drug manufacturer's reporting requirements and protocols, record reporting data.
The time lag between receipt of report by a company and its appearance in a safety-related database is typically at least 48 hours, because the unit receiving the report must pass it on to other units that evaluate and code it before entering it in the database. In the case of serious or life-threatening events, the pharmaceutical maker receives the information very quickly, but query results from the safety database will still be at least 48 hours old. They may be even older, depending on the workload of the reporting unit and the employees' ability to "turn around'' reports quickly. The following hypothetical example, based on actual events in the recent past, will illustrate how this process may be temporarily slowed: Company A's drug, intended to treat hypertension, is found to have caused a number of fatalities, and a highly publicized recall occurs. Company B markets a competing drug in the same class. Company B's consumer hotline is inundated with calls from people concerned that they are being adversely affected by Company B's drug. Each report, regardless of how improbable the actual connection to the drug may be, must be documented and followed up, resulting in an increased lag time from initial report to inclusion in Company B's database.
However, there is still some potential for safety databases' use in early warning. The company receives reports from its affiliates/programs, which in turn have stored reports only
24 hours old. In these cases, it may be possible for public health authorities to tap these databases. In addition, when drug manufacturers run clinical trials involving investigational drugs, tighter monitoring for adverse events occurs, which often enables the manufacturer's database to receive an adverse event report within 1 day. This makes the database useful for threats involving investigational drugs.
Pharmaceutical makers are very reluctant to allow outside parties, except the FDA under Part 21 of the CFR, to have access to company databases for fear of revealing proprietary information to competitors; inadvertently releasing information, out of context, which the public may misinterpret; and, of course, violating patients' right to privacy under HIPAA. Thus, the government would have to present a very compelling reason before any manufacturer or distributor would be willing to grant access to this kind of information. The manufacturers would also require the government to pay for any software or hardware development performed. Information from the safety database may be useful when coupled to the use of prescription tracking systems. One provides early, inferential warning; the other, more direct confirmation. Their complementary use may enhance detection of public health threats.
5.6.4. Prescription Pharmaceutical Sales/Marketing Systems
Pharmaceutical companies routinely outsource the tracking of the sales of their prescription medicines to firms that specialize in healthcare- or pharmacy-related marketing and sales analysis. These firms, such as IMS Health and National Data Corp., provide extensive sales tracking, market analysis, and customized reports to their clients. Each pharmaceutical maker is shown specific sales results in its markets, data that are not shown to competitors. These market surveillance firms will also provide data to researchers, but not at the same levels of granularity as afforded their primary clients, to ensure compliance with confidentiality agreements.
Pharmaceutical makers are provided with a range of customized reports. They detail many things, including where each drug was prescribed and sold, a comparison of one time period's sales with another, and a comparison of one sales region with another. The primary purpose of these services is to facilitate analysis of market performance for each product and to aid the pharmaceutical maker in making needed adjustments to its manufacturing, shipping, and marketing efforts. These data do not include diagnostic information or other data elements found in medical records. Their value is likely to be inferential, in that an unusual or unexpected increase in dispensing or shipments of a given drug may raise suspicion of an imminent public health threat. The data collected by the market surveillance firms arrives both electronically and on paper, with collection frequency usually ranging from weekly to monthly. Thus, raw data regarding a sales event are received at least 1 week after the drug has been sold; the resulting report package is sent to the client (pharmaceutical maker) with a lag of as much as 4 to 6 weeks. The lag is primarily related to cost, not technological obstacles.
Market surveillance firms are likely to be leery of offering public health authorities access to detailed, vendor-specific data. They decline to provide such details to researchers. But, even if a public health agency were to address such reservations and pay for software modifications with "early warning'' functions, the results gained would probably be marginal. The time lag in both data collection and reporting significantly reduces the potential of pharmaceutical sales tracking systems to aid in the early detection of public health threats. They were not designed for this purpose.
5.7. New Technology and Future Developments 5.7.1. Marketing Practices
The FDA states that by the end of 2007, the adoption of reliable technology-based solutions for the electronic tracking, tracing, and authenticating of pharmaceuticals is expected to accomplish the goals of the Prescription Drug Marketing Act (PDMA), which was signed into law in 1988 and was modified by the Prescription Drug Amendments of 1992 (P. L. 102-353, 106 Stat. 941) on August 26, 1992 (Federal Register, 2003).
Most PDMA provisions became effective in 1988 to address some drug marketing practices that have contributed to the diversion of large quantities of drugs into a secondary market. These marketing practices include the distribution of free samples, the use of coupons redeemable for drugs at no cost or low cost, and the sale of deeply discounted drugs to hospitals and healthcare chains. These marketing practices provide a venue through which mislabeled, subpotent, adulterated, expired, and counterfeit drugs are able to enter the nation's drug distribution system. The most simple and straightforward of the acts prohibited by the PDMA is knowingly selling, purchasing, or trading, or offering to sell, purchase, or trade a prescription drug sample (U.S. House of Representatives, n.d.). Another key provision of the PDMA requires that drug wholesalers, before distributing any prescription drug, provide the purchaser with a statement of origin identifying all prior sales of the drug, including the dates of the transactions and all parties thereto (U.S. House of Representatives, n.d.). This provision, which does not apply to the drug's manufacturer and its authorized distributors, is intended to ensure that all prescription drugs in commercial channels are accompanied by a paper trail and can be traced, if need be, in the event of a recall or for any other reason. Violation of this requirement is a misdemeanor (U.S. House of Representatives, n.d.). However, if the offense is committed with the intent to defraud or mislead (including the intent to defraud or mislead the FDA) the offense is a felony.
Just as food distributors mull over new technologies, and their benefits and costs, so do drug distributors. Drug distributors are looking at RFID for purposes similar to those of food distributors.
The electronic product code (EPC) is a unique number that identifies a specific item in the supply chain. EPC is a product numbering standard developed by the Uniform Code Council (UCC) that can be used to identify a variety of items using RFID technology. EPC tags were designed to identify each item manufactured, as opposed to only the manufacturer and class of products, as bar codes do today. Similar to a bar code, the EPC is divided into numbers that identify the manufacturer, product, version, and serial number. But the EPC uses an extra set of digits to identify unique items. The EPC is stored on an RFID tag. Once the EPC is retrieved from the tag, it can be associated with specific data, such as where an item originated, or the date of its production.
The goal is to track every item anywhere in the supply chain securely and in real time. RFID can dramatically reduce human error. Instead of typing information into a database or scanning the wrong bar code, goods will communicate directly with inventory systems. Readers installed in factories, distribution centers, and storerooms and on store shelves will automatically record the movement of goods from the production line to the consumer. There is no guarantee that the EPC system will catch on. But Wal-Mart, P&G, Coca-Cola, and others are implementing EPC systems. By using authenticated RFID to certify the tag and ensure chain-of-custody event information is available for supply chain software, pharmacies can confidently receive and distribute drugs that have moved through a safe and secure supply chain.
The data generated by RFID systems are likely to be very accessible, from a technical standpoint. However, the systems holding these data will be sensitive and highly guarded, and biosurveillance system access to them will require administrative, legal, and political agreements.
In November 2004, the FDA announced a new initiative to encourage use of RFID technology to protect drug supplies, and issued guidance for pilot studies using RFID (FDA, 2004c). Purdue Pharma announced it was placing RFID tags on bottles of Oxy-Contin, a powerful narcotic; in 2005, Pfizer pledged to introduce RFID for the shipment of Viagra, and Glaxo-SmithKline also announced its intention to introduce RFID tags for shipments of drugs judged likely to be counterfeited (FDA, 2005b).
As in food distribution, cost is a factor in RFID adoption. Manufacturers are focusing current efforts on specific drugs, not an across-the-board implementation. However, the largest pharmaceutical manufacturers have deeper pockets than do their counterparts in the food industry; hence, we can expect progress to be faster.
Was this article helpful?