Pharmaceutical Regulation in the United States: A Confluence of Influences

Background

Pharmaceuticals, like other consumer products distributed in the United States, are subject to regulation and scrutiny from multiple sources. Legislative oversight and statutory pronouncement, regulatory mandate and oversight, judicial review, and non-governmental organization (NGO) and media oversight directly and/or indirectly impact the conduct of pharmaceutical manufacturers. In addition, stakeholders including pharmaceutical company shareholders, employees of pharmaceutical companies, and those entities that ultimately bear the costs of paying for drugs – known as third-party payors –also influence the conduct of drug manufacturers.

For example, the securities markets that price stock rely, in part, on representations that drug companies make about the integrity of their products. Public misrepresentations to regulatory bodies and/or consumers also play out indirectly as misrepresentations to shareholders resulting in additional liability for companies and those individuals who run them. Accordingly, shareholders – the owners of the pharmaceutical companies – have an interest in ensuring not only the integrity of products sold to consumers, but the integrity of public statements about their products.

Through their retirement plans, Pharmaceutical Regulation in the United States: A Confluence of Influences1 pharmaceutical company employees invest in their employer and, to some degree, stand in the same shoes as shareholders except that they have rights of redress under United States Pension laws. Product recalls result in diminished stock value and lost savings for employees who invest in their companies.

Third-party payors, including labor union health and welfare funds, State Medicaid and employee health and welfare funds, and the federal Medicare system, have also had an immense impact with regard to the conduct of the pharmaceutical industry.

To say that any one of these influences is the real source of regulation would paint an incomplete picture. It is the totality of these influences, and their interplay with each other, that either impact or have the potential to impact manufacturer conduct.

Read the full article . . .

Corporate Integrity Agreements: Asking the Companies to Police Themselves, Please

I. Introduction

The use of a corporate integrity agreements (“CIA”) in resolving the prosecution of pharmaceutical and medical companies is commonplace. As part of a deferred prosecution agreement, the U.S. Department of Justice, or the U.S. Department of Health and Human Services, Office of Inspector General, will ask the defendant corporation to enter into a CIA to police its behavior and, in part, ensure compliance with the terms of the settlement.

II. Background on Corporate Integrity Agreements

Since the mid-1990s, CIAs have accompanied the federal government’s enforcement efforts in the field of health care regulations, and to recover funds lost to fraud and abuse. The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) significantly enhanced the resources and capabilities of federal agencies involved in these efforts, including the OIG.

For example, the website of the HHS states: “The Office of Inspector General (OIG) often negotiates compliance obligations with health care providers and other entities as part of the settlement of Federal health care program investigations arising under a variety of civil false claims statutes. A provider or entity consents to these obligations as part of the civil settlement and in exchange for the OIG’s agreement not to seek an exclusion of that health care provider or entity from participation in Medicare, Medicaid and other Federal health care programs.” (FN 2)

In the years that followed the mid-1990s, OIG has entered into more than one thousand CIAs and similar agreements, including many with pharmaceutical and drug companies. (FN 3) CIAs were originally structured around the core elements of the Federal Sentencing Guidelines of 1995. After an early period of taking a rigid approach to the agreements, OIG began recognizing over time that there was a need for greater awareness about compliance and sanctions, as well to encourage self-regulation through the adoption of ongoing compliance programs. OIG also sought to create an atmosphere conducive to self-disclosure by offering concessions to those who came forward.

In 1997, OIG announced that in determining the level of sanctions, penalties and exclusions, it would take into account any reasonable efforts made by a company’s management to avoid and detect any misbehavior within their operations. In 1998, it published a detailed self-disclosure protocol. By 2000, seven segment-specific compliance program guidance documents were issued, providing suggestions on how providers could design internal controls to monitor adherence to applicable statutes, regulations and program requirements. OIG also began issuing fraud alerts, advisory opinions, advisory bulletins and work plans to make its concerns and expectations more transparent.

III. Structural Limits of the Corporate Integrity Agreements

A. Purposes of the CIA

The CIA details the duties of various compliance positions within the corporation; requires the adoption of certain written standards, including a code of conduct, and policies and procedures related to compliance topics; and implements a minimum number of hours of employee training in compliance. (FN 4) The company’s compliance officer might be assigned to uphold the CIA, or sales representatives are sometimes tasked with reporting violations.

However, too often the CIA assumes the corporation’s internal compliance officer, or sales representatives, who are assigned a role in the CIA, will prove as objective as a third-party might, or as effective as the law requires. The fines for violation of the CIA may pale in comparison to the business pressures to engage in a banned practice, and may not deter the corporation in the future from a repeat of the wrongdoing that initiated the CIA.

B. Pfizer CIA for Illegal Promotion of Drugs

A review of the Pfizer deferred prosecution is illustrative. On September 9, 2009, the U.S. Department of Justice announced that Pfizer, Inc., and a subsidiary, agreed to pay $2.3 billion to settle the largest health care fraud case in the history of the Department of Justice, to resolve criminal and civil liability arising from the illegal promotion of certain pharmaceutical drugs.

According to the press release, a Pfizer subsidiary pled guilty to a felony for its promotion of Bextra, and settled civil charges, as follows: “In addition, Pfizer has agreed to pay $1 billion to resolve allegations under the civil False Claims Act that the company illegally promoted four drugs – Bextra; Geodon, an anti-psychotic drug; Zyvox, an antibiotic; and Lyrica, an anti-epileptic drug – and caused false claims to be submitted to government health care programs for uses that were not medically accepted indications and therefore not covered by those programs. The civil settlement also resolves allegations that Pfizer paid kickbacks to health care providers to induce them to prescribe these, as well as other, drugs.” (FN 5)

The settlement implemented a CIA, and monitoring program to be run by the company’s internal compliance officer. The press release states: “As part of the settlement, Pfizer also has agreed to enter into an expansive corporate integrity agreement with the Office of Inspector General of the Department of Health and Human Services. That agreement provides for procedures and reviews to be put in place to avoid and promptly detect conduct similar to that which gave rise to this matter.” (FN 6)

Nowhere in Pfizer’s CIA, or any document accompanying the CIA, is disclosure made of the breadth and depth of the allegations surrounding Pfizer’s alleged marketing violations, notwithstanding that 11 drugs were encompassed by whistleblower complaints, including Geodon, which was allegedly marketed to children. Likewise, there was no complete disclosure to the medical community about what misrepresentations were made concerning the safety and efficacy of these drugs.

C. CIAs Rely on Internal Monitoring by the Company

An analysis of several CIAs reveals four obvious problems in their structure and allocation of responsibility. First, the agreements give credit for the company having a voluntary compliance program, designed to ensure compliance with the law. Second, the company appoints its own compliance officer and review committee. Third, as discussed, the agreements leave the corporate integrity obligations to the defendant company’s compliance officer, who reports to an internal compliance committee. Finally, the penalties set forth in the CIA are modest, typically $2,500 per day for a violation, but some violations are as low as $1,000.

As shown in Table 1, below, the company compliance officer is placed in charge of CIA compliance, among other examples of internal monitoring, in each of the nine CIAs analyzed, dating from 2003 to 2010, specifically: (1) SmithKline, (2) Medtronic, (3) Aventis, (4) Merck & Co., (5) Eli Lilly, (6) Pfizer, (7) Biovail, (8) Boston Scientific, and (9) AstraZeneca.

IV. Conclusion

A review of CIAs indicate that they do not address the actual evidence uncovered during lengthy investigations of fraud. The following points are noteworthy:

  1. the CIAs do not address bonus plans which compensate sales representatives for off-label promotion;
  2. the CIAs do not categorically proscribe the role of marketing personnel in the selection of outside speakers;
  3. the CIAs do not require companies to disclose, for the period of alleged wrongdoing, alleged kickbacks paid to doctors or speakers at promotional conferences;
  4. the CIAs do not provide for an independent monitor to investigate the claims of whisteblowers;
  5. in some cases, CIAs actually allow for marketing personnel to play a role in compliance monitoring;
  6. the CIAs, in some cases, make ensuring compliance with the underlying settlement agreement the responsibility of the company’s internal compliance officer; and
  7. finally, the CIAs do not require release of information maintained at the FDA which would provide the medical community with the transparency of information needed to protect patient safety.

Table 1. Corporate Integrity Agreements with Selected Pharma / Medical Companies, 2003-2010: Compliance Responsibility Assigned to Company
Sorted by date…

# Date Company Requirements
1 2003 SmithKline 1. Gives credit for simply complying with the law. “Prior to the Effective Date, SKB voluntarily established a comprehensive Compliance Program.” CIA, Sect. I, at 1.2. SKB appoints its own compliance officer and review committee. CIA, Sect. III(A)(1), (2), at 5.3. Leaves corporate integrity obligations to SKB compliance officer. “The compliance officer is, and shall continue to be, responsible for overseeing the development of and coordinating the implementation of policies, procedures, practices designed to ensure compliance with the requirements set forth in this CIA and with federal health care program requirements for US pharma.” CIA, at 3.4. Penalty for non-compliance $2,500 per day. CIA, at 23.
2 7/4/06 Medtronic, Inc. 1. Gives credit for simply complying with the law. “Medtronic represented to the OIG that, prior to the effective date of this CIA, Medtronic established a voluntary compliance program.” CIA, Sect. I, at 1.2. Medtronic appoints its own compliance officer and review committee. CIA, Sect. III(A)(1), (2), at 3-6.3. Leaves corporate integrity obligations to Medtronic compliance officer. “To the extent not already accomplished, within 120 days after the Effective Date, the Medtronic Compliance Officer shall be responsible for developing and implementing policies, procedures, and practices designed to ensure compliance with the requirements set forth in this CIA.” CIA, Sect. III(A)(1)(a), at 4.4. Penalty for non-compliance $2,500 per day. CIA, Sect. X(A)(1)-(5); $1,000 – $5,000 per day penalties for other violations. CIA, Sect. X(A)(6)-(8), at 30-31.
3 8/30/07 Aventis, Inc. 1. Gives credit for simply complying with the law. “Prior to the Effective Date, API established a voluntary compliance program applicable to its United States operations.” CIA, Sect. I, at 1.2. Aventis appoints its own compliance officer and review committee. CIA, Sect. III(A)(1), (2), at 4.3. Leaves corporate integrity obligations to Aventis compliance officer. “The U.S. Corporate Compliance Officer shall be responsible for developing and implementing policies, procedures, and practices designed to ensure compliance with the requirements set forth in this CIA and with Federal health care program requirements.” CIA, Sect. III(A)(1), at 4.4. Penalty for non-compliance $2,500 per day. CIA, Sect. X(A)(2)-(4); $1,000 – $5,000 per day penalties for other violations. CIA, X(A)(5)-(7), at 28-29.
4 2/5/08 Merck & Co., Inc. 1. Gives credit for simply complying with the law. “Prior to the Effective Date, Merck voluntarily established a comprehensive Compliance Program.” CIA, Sect. I, at 1.2. Merck appoints its own compliance officer and review committee. CIA, Sect. III(A)(1), (2), at 5.3. Leaves corporate integrity obligations to Merck compliance officer. “The Compliance Officer is responsible and shall continue to be responsible for developing and implementing policies, procedures, and practices designed to ensure compliance with the requirements set forth in this CIA and with Federal health care program requirements.” CIA, Sect. III(A)(2), at 5.4. Penalty for non-compliance $2,500 per day. CIA, Sect. X(A)(1)-(4); $1,000 – $5,000 per day penalties for other violations. CIA, X(A)(5)-(7), at 28-30.
5 1/14/09 Eli Lilly 1. Gives credit for simply complying with the law. “Prior to the Effective Date of this CIA[], Lilly established a voluntary compliance program applicable to all Lilly employees.” CIA, Sect. I, at 1.2. Eli Lilly appoints its own compliance officer and review committee. CIA, Sect. III(A)(1), (2), at 5.3. Leaves corporate integrity obligations to Eli Lilly compliance officer. “The Chief Compliance Officer shall be responsible for developing and implementing policies, procedures, and practices designed to ensure compliance with the requirements set forth in this CIA and with Federal health care program requirements and FDA requirements.” CIA, Sect. III(A)(1), at 4.4. Penalty for non-compliance $2,500 per day. CIA, Sect. X(A)(1)-(4); $1,000 – $5,000 per day penalties for other violations. CIA, Sect. X(A)(5)-(7), at 40-42.
6 8/31/09 Pfizer, Inc. 1. Gives credit for simply complying with the law. “Prior to the Effective Date, Pfizer established a compliance program and initiated certain voluntary compliance measures.” CIA, Sect. I, at 1.2. Pfizer appoints its own compliance officer and review committee. CIA, Sect. III(A)(1), (2), at 4.3. Leaves corporate integrity obligations to Pfizer compliance officer. “The Chief Compliance Officer shall be responsible for developing and implementing policies, procedures, and practices designed to ensure compliance with the requirements set forth in this CIA and with Federal health care program requirements and FDA requirements.” CIA, Sect. III(A)(1), at 4.4. Penalty for non-compliance $2,500 per day. CIA, Sect. X(A)(1)-(4); $1,000 – $5,000 per day penalties for other violations. CIA, Sect. X(A)(5)-(7), at 52-53.
7 9/11/09 Biovail 1. Gives credit for simply complying with the law. “Prior to the Effective Date, Biovail initiated certain voluntary compliance measures and established a voluntary compliance program designed to address its U.S. operations and compliance with Federal health care program and FDA requirements.” CIA, Sect. I, at 1.2. Biovail appoints its own compliance officer and review committee. CIA, Sect. III(A)(1), (2), at 5.3. Leaves corporate integrity obligations to Biovail compliance officer. “The Chief Compliance Officer shall be primarily responsible for developing and implementing policies, procedures, and practices designed to ensure compliance with the requirements set forth in this CIA and with Federal health care program and FDA requirements.” CIA, Sect. III(A)(1), at 4.4. Penalty for non-compliance $2,500 per day. CIA, Sect. X(A)(1)-(4); $1,000 – $5,000 per day penalties for other violations. CIA, X(A)(5)-(7), at 28-29
8 12/22/09 Boston Scientific 1. Gives credit for simply complying with the law. “Prior to the effective date of this CIA Boston Scientific established a voluntary compliance program.” CIA, Sect. I, at 1.2. Boston Scientific appoints its own compliance officer and review committee. CIA, Sect. III(A)(1), (2), at 5.3. Leaves corporate integrity obligations to Boston Scientific compliance officer. “The Chief Compliance Officer shall be primarily responsible for developing and implementing policies, procedures, and practices designed to ensure compliance with the requirements set forth in this CIA and with Federal health care program requirements.” CIA, Sect. III(A)(1), at 5.4. Penalty for non-compliance $2,500 per day. CIA, Sect. X(A)(1)-(4); $1,000 – $5,000 per day penalties for other violations. CIA, X(A)(5)-(7), at 35-36.
9 4/27/10 AstraZeneca, L.P., and AstraZeneca Pharmaceuticals, L.P. 1. Gives credit for simply complying with the law. “Prior to the Effective Date, AstraZeneca initiated certain voluntary compliance measures and established a voluntary compliance program designed to address its U.S. operations and compliance with Federal health care program and FDA requirements.” CIA, Sect. I, at 1.2. AstraZeneca appoints its own compliance officer and review committee. CIA, Sect. III(A)(1), (2), at 5.3. Leaves corporate integrity obligations to AstraZeneca compliance officer. “The Compliance Officer shall be responsible for developing and implementing policies, procedures, and practices designed to ensure compliance with the requirements set forth in this CIA and with Federal health care program requirements.” CIA, Sect. III(A)(2), at 5.4. Penalty for non-compliance $2,500 per day. CIA, Sect. X(A)(1)-(4); $1,000 – $5,000 per day penalties for other violations. CIA, X(A)(5)-(7), at 52-53.

Footnotes:

1. Reuben A. Guttman is a founding partner at Guttman, Buschner and Brooks PLLC in Washington, DC.
2. Department of Health and Human Services, Office of Inspector General Web site (http://oig.hhs.gov/fraud/ cias.asp).
3. See, e.g., U.S. Dept. of Health and Human Services, Office of Inspector General, “Corporate Integrity Agreements Document List” (http://oig.hhs.gov/fraud/cia/cia_list.asp).
4. E. Basile et al., “Boston Scientific Corporate Integrity Agreement,” FDA and Life Sciences Client Alert, King & Spalding, Jan. 8, 2010, at 1.
5.  Press release, “Justice Department Announces Largest Health Care Fraud Settlement in Its History,” U.S. Dept. of Justice, Sept. 2, 2009.
6. Id.

Blowing the Whistle on Securities Fraud Means Money for Whistleblowers

The Dodd- Frank Wall Street Reform and Consumer Protection Act: The SEC Whistleblower Provision

On July 15, 2010 the Senate voted 60-to-39 to adopt the Dodd-Frank Wall Street Reform and Consumer Protection Act (the “Act”). President Obama signed the bill into law on July 21, 2010.

Under the new legislation, the Securities Exchange Act of 1934 (15 U.S.C. 78a et seq.) is amended by inserting a new Section 21F, which includes provisions dealing with whistleblower incentives and protection.

Under Section 21F the voluntary submission of “original information” relating to a violation of the securities laws to the Securities and Exchange Commission (“SEC”) that leads to the successful enforcement of a judicial or administrative action, and that results in monetary sanctions exceeding $1,000,000, will entitle the whistleblower to an award equal to not less than 10 percent, but not more than 30 percent, of the total amount of the monetary sanctions collected from the action.1 In contrast with the provision included in the False Claims Act (“FCA”), the whistleblower may not bring an action before the Court pursuant to Section 21F of the Act in the event that the SEC decides not to pursue judicial or administrative action.

The term “whistleblower” includes any individual who provides, or two or more individuals who jointly provide, information relating to a violation of the securities laws to the SEC, in a manner established by rule or regulation by the SEC. The SEC has 270 days after the date of enactment of the Act to issue final regulations implementing section 21F of the Securities Exchange Act of 1934.2

Of particular interest is the broad definition of “original information” that may be presented by the whistleblower. Public information may be included, provided that the information leading to the SEC action is derived from the independent analysis of the whistleblower. The original information cannot be exclusively derived from an allegation made in a judicial or administrative hearing, in a governmental report, hearing, audit, or investigation, or from the news media, unless the whistleblower is a source of the information. Likewise, the information is not “original information” as defined by the Act if it is known to the SEC from any other source, unless the whistleblower is the original source of the information.

While the Act provides whistleblower protection against retaliation, the information may be offered anonymously if the whistleblower is represented by counsel. The identity of the whistleblower will be disclosed to the SEC prior to the payment of the award.

All information provided by the whistleblower, unless and until required to be disclosed to a defendant in connection with a proceeding instituted by the SEC or by certain entities specifically identified,3 shall remain confidential and privileged and shall not be subject to civil discovery, or other legal process, and shall not be subject to disclosure under the Freedom of Information Act.

The award is not limited to the information submitted after the enactment of this Act. Rather, if the violations of securities laws have been reported by the whistleblower prior to the enactment of the Act, the whistleblower has a right to collect the award if the monetary sanctions are collected by the SEC after the date of enactment of the Act or if related to a violation for which an award under this section could have been paid at the time the information was provided by the whistleblower.

[1] The final determination of the amount of the award is in the discretion of the SEC, but among the criteria to be evaluated in determining the amount weigh is given to the degree of assistance provided by the whistleblower and any legal representative of the whistleblower, thus granting significance to the expertise and ability of whistleblower’s counsel. Additional criteria in the determination of the amount of the reward are the significance of the information provided by the whistleblower to the success of the covered judicial or administrative action, the programmatic interest of the SEC in deterring violations of the securities laws by making awards to the whistleblowers, and additional relevant factors as the SEC may establish by rule or regulation. The determination is discretional, but it may be appealed, except the determination of an award, if the award was made in accordance with subsection (b), which provides for a bounty of not less than 10, but not more than 30, percent of the total amount of the monetary sanctions that are recovered.

[2] The Act does not provide that loss causation is a required element of the action and does not specify how the SEC will calculate the monetary sanctions. The SEC final regulations implementing section 21F of the Securities Exchange Act of 1934, however, may contain provisions on those issues.

[3] The SEC in its discretion may determine if the information may be disclosed to certain entities, if necessary to accomplish the purpose of the Act and protect the investors. The information, which will not lose its confidential and privileged status, may be made available to: (i) the Attorney General of the United States; (ii) an appropriate regulatory authority; (iii) a self-regulatory organization; (iv) a State attorney general in connection with any criminal investigation; (iv) a State attorney general in connection with any criminal investigation; (v) any appropriate State regulatory authority; (vi) the Public Company Accounting Oversight Board; (vii) a foreign security authority; and (viii) a foreign law enforcement authority. With respect to foreign authorities, the information shall be maintained “in accordance with assurance of confidentiality” as the SEC determines appropriate.

Reuben Guttman is a founder partner in Guttman, Buschner and Brooks PLLC. in Washington, D.C.

1 60 61 62 63