Pharmacovigilance: A Company-Wide Challenge


Applied Clinical Trials

Applied Clinical TrialsApplied Clinical Trials-02-01-2008
Volume 0
Issue 0

Truly integrated risk management requires breaking down silos and strong business leadership from the top.

Clinical research and pharmacovigilance (PV)1 have come a long way. Many things have changed since 120 BC, when Mithridates VI "trialed" his concoctions on convicted criminals.2 But it was more than 2000 years later that the thalidomide disaster finally alerted the world that the safety of medicines is not a given. It was indeed thalidomide that triggered a wave of governmental and regulatory activities in the 1960s, which defined the principles of modern clinical research and pharmacovigilance.

In principle, even in light of the ever-increasing regulatory activity in the field of drug safety and risk management, three key issues dominate the current discussion on drug safety:

  • Risk Management—now including risk management plans

  • Safety surveillance and signal detection

  • The establishment and continuous monitoring of the benefit–risk relationship.

A truly integrated approach to pharmacovigilance and risk management—that delivers not only results but controls the overall risk management perception—does not widely exist. This is particularly challenging for small and mid-size startup R&D companies, for which the absence of such solutions can easily stall the success of development pipelines and business models.

Failure to deliver

Safety and risk management systems aligned with company strategy that are integrated into business processes and based on a broadly managed and visible safety culture3 are not currently widespread.

One of the reasons for this can be seen by looking at the recent history of R&D. Clinical research has always centered on human pharmacology, therapeutic exploration, and therapeutic confirmation, as demonstrated by the traditional Phase I to III clinical development. Particularly, Phase III aims to prove efficacy and safety and produce safety data on hundreds or thousands of subjects. But there was a functional difference: Serious adverse event collection and regulatory reporting—a long standing part of clinical research—was performed by drug safety or pharmacovigilance departments, whereas the collection of nonserious adverse events was the responsibility of clinical development teams. The safety database and clinical database were held by different groups.

The Language of Safety

This technical fact alone underlines the traditional divide that can still be observed in most companies. On one side is the clinical development group, which is on the forefront of medical development and frequently involves internationally accepted experts, with high visibility within the company. In the eyes of business management, the clinical research department was ultimately responsible for finding the blockbusters of tomorrow. On the other side is the safety department—compliance driven and mainly the keeper of timelines and completeness metrics (considered a cost center rather than a value adding activity). Two departments working on the same product, each with very distinct objectives and deliverables. The exchange of technical drug safety competence and information, residing in the drug safety group, was frequently not available to clinical teams, and vice versa. Worse, it was not deemed necessary.

Ownership for the overall development (i.e., efficacy and safety) remain ed with the clinical team. Biased toward therapeutic use, the acceptance of risk was secondary, risk acknowledgement difficult, and risk communication nearly impossible. In fact, until recently, talking about product risk, at least in public, was unthinkable. Even in internal discussions, risk analysis and risk management either did not take place or were only subject to discussions behind closed doors.

Product safety and risk management

From the perspective of R&D companies, a number of stakeholders exist that will eventually determine the success of any development portfolio. Broadly, these stakeholders can be categorized into internal and external stakeholders [for an extensive table online, visit].

Internal stakeholders include all parts of the research companies that are affected by the success or nonsuccess of the R&D activities. They are not limited to the clinical department, and also include drug safety, regulatory, medical, finance, legal, human resources, and even sales and marketing—and of course, the owner of the company, which today normally means investors and the global financial community. External stakeholders include patients and health care providers, regulatory and government agencies, professional organizations, and policy makers, as well as the media, legal firms, pharmacies, and other drug retailers.


Internal and external stakeholders all have one thing in common: They have interest in the investigational product, albeit for differing reasons. Whereas patients are looking for a cure for their diseases, health authorities may be looking to fulfill their public role to minimize public health risks. Legal firms may be looking out for new opportunities to increase revenue, and the media is after new headlines. Within the R&D company, it's a similar picture. The drug safety department may have different objectives and deliverables than the clinical department, and the marketing or medical group may follow business objectives that are different from other groups'.

There is a wide variety of how different functions communicate within companies of different sizes and geography. Top 10 companies appear to be more aware of the advantages of integration, although true implementation and alignment is not frequently found. This internal misalignment is matched by a perceived or actual conflict of interest between the pharmaceutical industry, regulatory bodies, patient groups, and health professionals, and has developed into a major problem for pharmacovigilance4 and return on investment. And this situation is at least partially to blame for why we face more stringent regulations: Governments and the public don't trust pharmaceutical and biotechnological companies to get risk management right. Internal disconnect and competition leads to external loss of credibility. And risk perception becomes more important than the actual risk.

Failure, withdrawals, and new regulations

Many international pharmaceutical companies suffered at least one product recall in recent years. The last decade also saw a significant number of high-profile brands publicly struggling with safety concerns, alerting lawmakers in the United States to ask for stricter laws and regulations.5 Many smaller and startup biopharmaceutical companies are getting increasingly concerned about how to reduce the risk of their portfolios and where to find the support and expertise to develop an appropriate safety and risk management strategy.

All these public safety events fuel civic discussions, alert politicians and public health officials, and motivate law firms to file for class actions. More importantly, they confirm the old public perception that biopharmaceutical companies want to hide information on the risks of their products.

Clearly, many existing clinical development and drug safety systems were not designed proactively, wisely or to manage risks as required by the comprehensive list of regulations for drug safety and risk management. These new regulations mean that the compliance paradigm does not control the situation—and more needs to be done. Compliance per se is a necessary prerequisite, but it is not suitable to demonstrate the safety of products and manage risks appropriately. Only a safety and risk management system can do this.

Increased legislation and public skepticism suddenly threaten the return on investment for researching companies. Shares may drop significantly because of safety concerns, and the perception or suspicion of risk could lead to a less favorable financial risk assessment. In financial management, the higher the risk, the less money companies have to invest and the less money for R&D. To escape this vicious cycle, R&D companies are faced with the following challenges:

  • Risk limitation through the introduction of an integrated, company wide safety and risk management strategy and infrastructure

  • Elimination of the traditional silo culture between R&D, safety, and other stakeholders

  • Integration of clinical development operations into the pharmacovigilance value chain

  • Establishment of risk management and pharmacovigilance as value-adding processes within clinical development

  • Improve time to market through a systems approach, aligning people, process, technology, and governance structure

  • Integration of risk communication and public risk perception as part of risk management

  • Strategy with the end in mind

  • Management of change = change management (role of professional managers).

An inclusive safety vision

The industry is waking up to the fact that successful risk management and pharmacovigilance is a system output rather than the deliverable of a department or group. As a direct or indirect consequence of the changes in the regulatory environment, there is an increasing number of guidance coming from experts and regulatory agencies alike to describe their vision of future pharmacovigilance and R&D systems.


There is little doubt about the fact that the purpose of pharmacovigilance is to promote the safe clinical use of medicines, prevent adverse drug reactions, and, thus, protect public health.6 Any model will—on a technical level—need to include best evidence and robust scientific decision making, supported by effective tools, to deliver protection to public health, scientific development, and audits.6 The implications of this rather technical aspect support the call for integrated systems.

The fact that recent risk management regulations require companies to shift risk management activities to earlier phases of clinical development does not automatically mean that risk is actually being managed in the best possible fashion. In integrated systems, integration of risk management and the change of paradigms toward proactive risk and safety management are necessary. This is opening the discussion to a wider field of stakeholders, such as the public and regulators.

On the company level, and more in line with the development of a safety vision, are calls for a company-wide policy of precaution7 and acceptance of the "precautionary principle" for risk management to avoid arbitrary and unpredictable decision making.8 Implicit in such a system is the requirement to promote risk communication and the appropriate transparency of the entire lifecycle of a product.

In recognizing that lifecycle drug safety and risk management are rapidly moving beyond the core competencies of R&D and drug safety departments, it becomes evident that frequent marketing and other means of communication influence the overall risk–benefit balance, or at least its perception, of a product. Henceforth, marketing and marketing strategy become integral parts of risk management.9

Also, the question needs to be asked how to acquire and compile safety information and where to get this information from. One possible approach could be the concept of Safety Evaluation Plans as a medium to assemble and communicate information on safety concerns from a wide range of sources during clinical development.10 Such plans include a structured approach to the definition of a potential safety concern, its evaluation (including risk assessment), and potential implications.

Although all of these approaches add important value to the design of R&D programs, they miss one important point: how companies of different sizes and geographies can deliver integrated lifecycle risk management as an outcome of all their internal systems, rather than of one or two departments.

Integrated system development

As with an orchestra, it is important to identify the conductor, or governance structure. Very clearly, the skills required for the development of an integrated pharmacovigilance and risk management system go well beyond the traditional remit of R&D and pharmacovigilance departments: they are C-suite responsibilities. The person responsible for pharmacovigilance and risk management should sit in the boardroom.

Once leadership is established, the question of how a safety and risk management culture can be created and maintained and how to manage this change needs to be addressed. The required skill sets are clearly no longer limited to medical and scientific skills. Higher level management skills are required to visibly lead such an effort.11 Finding the right set of expertise and competencies is critical in making the transformation a success. For smaller companies, the task is much more complicated than just appointing a pharmacovigilance manager.

Systems development requires the integration of people, processes, and technology under strategy governance in order to be aligned with business strategy. The strategic aspect of developing a pharmacovigilance system means that such a venture needs to be future oriented from the very beginning. Truly proactive planning of an entire lifecycle pharmacovigilance system requires those involved to answer one important question: What needs to be done to get my product to the market on time and in five or eight years? The here and now is less important than the tomorrow, particularly since it will be likely that future competition will not only take place on the basis of efficacy, but also on safety and risk.

The value chain

A fully integrated approach to drug safety and risk management as corporate commitment leads to competitive advantages through the creation of core competencies. This model is based on the definition of a pharmacovigilance value chain, which sees a company-wide safety culture developing on the back of a vision and includes all stakeholders (see Figure 1).

Figure 1. In this model, which integrates all internal stakeholders, risk management strategy is an integral part of pharmacovigilance. To create such a value chain, companies must be willing to make changes.

This model accounts for the fact that most companies will not be in the position to build an integrated pharmacovigilance and risk management system from scratch. It allows companies to perform a thorough analysis of already existing systems and core competencies. This analysis, which integrates all internal stakeholders of pharmacovigilance, is an important tool to develop an appropriate strategy. Integrated into the value chain model is risk management strategy as an integral part of lifecycle pharmacovigilance. To support safety and risk communication, it is important to harmonize language (see sidebar).

The value chain model allows all necessary steps of building a system to be aligned with the actual stages of development programs. The design and strategy component shifts to very early phases of clinical development—ideally, before Phase I. This will create the foundation of successful safety and risk management operations. The more products progress, the more resources can be diverted to systems improvement and active stakeholder management (see Table 1).

Table 1. Breaking down the systems and technical components of the three phases of pharmacovigilance.

Creating a pharmacovigilance value chain is a serious change that requires not only proper management of the change process itself, but also the willingness to change management. In today's globalized and rapidly growing biopharmaceutical R&D environment, there is no out-of-the-box solution that fits all. Too big are differences in vision, strategy, business model, level of in-house expertise, and global regulatory and pharmacovigilance awareness. It is evident that most companies will require help when designing and running such an integrated system.

Proactive risk management

Proactive and systems-integrated drug safety and risk management is a very new concept. One of the factors holding back the development of such an integrated approach is the inability to determine if the investments in such a model will hold any benefits and generate returns on investment.

One of the great examples of successful integrated risk management and identifying integrated risk management as business opportunity is the STEPS program (System for Thalidomide Education and Prescribing Safety), which not only helped Celgene (Summit, NJ) bring thalidomide back to the market, but also could hold commercial opportunities for a number of other withdrawn medicines, such as lenlidomide (Revlimid) and alosetron (Lotronoex).

Although it may still be difficult to design a direct investment return analysis for pharmacovigilance and risk management systems, the financial advantages of such an approach are clear, and the costs of not getting involved in an integrated pharmacovigilance and risk management system are significant. By following the systems approach, companies have the opportunity to make risk communication and systems integration part of their core competencies. And this will create competitive advantages. More importantly, it will generate returns on investment and help to transform drug safety and risk management expenditure from a cost center to a true value adding activity, visible on the balance sheet.


Formal risk management plans (RMPs) are now required in key regulatory areas. However, effective safety risk management ideally begins long before RMPs. For a pharmacovigilance system to work, biopharmaceutical companies must not only integrate risk management systems and break up silos, they must also change their historical culture of perceiving risk as failure. Effective risk communication and managing the perception of product risk is rapidly becoming an important consideration in risk management strategy. Hence, the changes modern safety and risk management systems impose on companies are more significant than many think. They include a highly visible safety culture in order to recover long lost trust with the public, health care professionals, and health authorities. Only then can clinical research achieve its goal to maximize the benefit of products for patients.

Safety culture and risk communication requires companies to integrate safety risk management within the context of their overall business strategies. This requires applying not only medical, scientific, and regulatory expertise, but also first-class business management expertise to drive high-quality and efficient processes, establish governance, and measure results. With all this in place, integrated safety and risk management will become a competitive advantage.


1. The terms Pharmacovigilance and Drug Safety are used interchangeably for the purpose of this article and in alignment with CIOMS VI, covering all drug safety and risk management related aspects during the entire lifecycle of a medicinal product (prephase I through postapproval).

2. J.P. Griffin and R.R. Shah, "History of Drug Regulations in the United Kingdom," in The Textbook of Pharmaceutical Medicine, 4th Edition (Blackwell Publishing, Malden, MA, 2006) pp. 457–488.

3. G. Saarony and U. Maennl, "Building a Culture of Safety," Good Clinical Practice Journal (accepted for publication).

4. K. Beard and P. Waller, "Challenges in Ensuring Drug Safety," Behind the Medical Headlines,, The Royal College of Physicians of Edinburgh, 2006.

5. The Economic Times, 6 July 2007.

6. P.C. Waller and S.J.W. Evans, "A Model for the Future Conduct of Pharmacovigilance," Pharmacoepidemiology and Drug Safety, 12, 17–29 (2003).

7. C. Hartford, "An Industry Perspective on Clinical Drug Safety Risk Management: From Concept to Practice," Canadian Journal of Clinical Pharmacology, 13 (1) e22–e28 (2006).

8. T. Callreus, "The Precautionary Principle in Pharmaceutical Risk Management," Drug Safety, 28 (6) 465–471 (2005).

9. B. Edwards, "Managing the Interface with Marketing to Improve Delivery of Pharmacovigilance Within the Pharmaceutical Industry," Drug Safety, 27(8) 609–617 (2004).

10. J.F. Haas, "A Problem-Oriented Approach to Safety Issues in Drug Development and Beyond," Drug Safety, 27(8) 555–567 (2004).

11. U. Maennl, Challenges in Human Resource Management in Pharmacovigilance Systems, a Presentation at the SMI Conference, Reporting Adverse Events, London, UK, 2006.

12. K. Rawson, "Building a Business in Drug Safety," In Vivo: The Business and Medicine Report, 24 (1) 68–74 (2006).

Uwe Maennl, MD, PhD, MBA, is vice president, global head Parexel PharmacoVigilance (PPV), Parexel International, The Quays, 101-105 Oxford Road, Uxbridge, Middlesex, UB8 1LZ, United Kingdom, email:

Related Content
© 2024 MJH Life Sciences

All rights reserved.