The pharma landscape is evolving as rapidly as the speed of technology. The industry that former FDA Commissioner Dr. McClellan admonished in 2003 with, “You need to improve!”1 has taken those words to heart to embrace innovation and technology as never before. Whether motivated by the FDA’s shift toward a scientific, data-driven definition for quality or a need to innovate to survive and be competitive in the new world marketplace, there is no doubt the push for greater understanding has resulted in a renewed emphasis on the ability to acquire, verify and leverage the power of data.
THREE DRIVERS FOR CHANGE
Every market sector needs a push sometimes to adapt and evolve. The regulated life sciences are one of the most conservative sectors when it comes to technology innovation. However, several developments have elevated the need for pharma to make the management and security of data a primary strategy.
First, vertical drug manufacturing in the United States is no longer a leading strategy. While some companies continue to build internal manufacturing capability, this is largely the exception. The emerging markets have matured over the last decade and most large pharma and biotechs have established a distributed supply chain leveraging regional contract manufacturing organizations for internal development and manufacturing capability.
Second, supply segmentation has become a core strategy for large complex supply chains, creating multiple virtual supply chains within the construct of a single physical supply chain. Achieving this has reemphasized the importance of visibility and access to key information within each virtual supply chain.
Third, the maturity of mobile clinical platforms has resulted in a significant reduction in clinical trial costs on a per-patient basis, allowing virtual startups to move further into the clinical development process. Today, the rise of virtual biotech organizations has become a major factor in driving and growing the outsourcing movement. Compounding this is the growth of combination products. For many biotech products, the ability to utilize a pre-filled syringe or auto-injector dramatically broadens the potential patient market. However, the complexity of establishing and controlling the drug, device and system supply chain is significant for many virtual organizations. Finally, some may argue that the true potential for the life sciences will hinge on the ability of big data to identify new and effective therapies for disease.
The common denominator of these market drivers is information and data. The following piece will explore the technology, regulations, security strategies, industry solutions and challenges behind this elevated emphasis on information and data management.
THE IMPACT TECHNOLOGIES
Several technologies will have a profound impact on how drug companies bring products to market:
E-clinical Mobile Platforms
The e-clinical solution software market, valued at $3 billion in 2014, is expected to grow at a CAGR of 13.8 percent from 2014 to 2020 to reach an estimated value of $6.52 billion in 20202. Technology platforms have evolved with the market, focusing on functional re-usability, standardization and quality, resulting in decreased cost and implementation timelines. These solutions allow clinicians to rapidly tailor clinical data gathering and protocol requirements as commercial off-the-shelf (COTS) applications that are configurable. These systems will allow many pharma companies, on a global basis, to more easily comply with GCP requirements and best-in-class data management requirements from the Clinical Data Interchange Standards Consortium (CDISC) and Clinical Data Acquisition Standards Harmonization (CDASH).
E-clinical platforms are showing significant growth with the Software as a Service (SaaS) business models. All pharma organizations are managing risks in the extended enterprise — suppliers, contractors and vendors. The SaaS model supports third-party risk management by providing an application to external users outside of the company’s firewall.
Challenges — The two dominant mobile computing platforms are Google’s Android and Apple’s IOS operating systems (OS). The market share for these two platforms cannot be more different between the rest of the world and the U.S., which causes near-term and long-term management challenges. A recent study3 by Atredis Partners summarized the U.S. market share for IOS and Android, as 43 percent and 53 percent, respectively. The rest of the world is far more one-sided with Android commanding 83 percent and IOS only 14 percent. The challenge for mobile platform software is the issue of fragmentation. Fragmentation describes a software solution provider’s ability to keep up with OS changes. Android launches incomplete OSs and then iteratively optimizes them while Apple launches complete operating systems to the market. The disparity between U.S. and the rest of the world (ROW) is the ability to keep pace with patches. In the United States, the assumption is you will change your phone every two years, while the ROW may be closer to four to five years. This makes the challenge of managing security and updates incredibly complex for any organization banking on a mobile solution as a core vehicle for product development.
Cloud-Based Electronic Data Capture (Cloud EDC)
Augmenting the positive opportunities created by mobile data collection is the expansion of Cloud EDC. Clinical trials data management is the biggest opportunity for Cloud EDC and is the fastest growing application within pharma. The advantages of traditional EDC are well understood. By moving away from human data recording, the consistency of data acquisition and accuracy of data acquired has increased exponentially. Anyone who attempted clinical trials 10 years ago in the emerging markets experienced the frustration and regulatory consequences of having to repeat clinical studies because of poorly acquired data that could not be verified. These systems provided rapid search and query functions, the ability to make field edits, and the ability to establish rules and get early notification of anomalous data. The downside of these systems is that they were fairly inflexible, very expensive and typically required an external software team with the specific system expertise, making training and startup potentially a rate limiting step.
Cloud EDC addresses many of these shortcomings. From an investment and scalability perspective, deploying a cloud-based system is far more scalable than traditional EDC and avoids the heavy investment required up front. These systems do not require specialized programming, but are configurable to obviate the need for a large, specialized software platform team. This also means the clinician or end-user can easily configure forms for a study without having to invest in custom programmers. Data-intake forms can be built to guarantee Title 21 CFR Part 11 compliance and can be validated as such. Data can be stored in a data warehouse.
Challenges — The challenges facing Cloud EDC are the same as for any IT solution. A comprehensive Information Security (InfoSec) and governance plan is required to assure data integrity
Internet of Things (IoT)
The Internet of Things (IoT) is a network of physical computing devices, sensors, mechanical and digital machines with the ability to transfer data over a network without human-to-human or human-to-computer interaction. IoT devices are being used in many industrial market sectors including the regulated life sciences, such as the case of a human with an intelligent pacemaker. Potentially, the IoT allows objects to be controlled remotely across existing network infrastructure, creating opportunities for more direct integration of the physical world into computer-based systems that allow data to be collected for analysis.
Challenges — While there has been a tangible effort to standardize IoT interfaces, there are still no universally accepted standards for IoT. This is likely to change in the next few years as the creation of huge data sets force organizations to pump development dollars into IoT solutions. Intelligent devices will continue to gain a greater foothold in almost every market sector, and concerns about integrity, data structure, privacy and security will move to the forefront of the discussion.
BIG DATA VS. SMART DATA
Few topics have been discussed as much as the promise behind big data. Big data is used to describe data sets that are so large that conventional data analysis solutions are inadequate. It represents a voluminous amount of structured, semi-structured and unstructured data that has the potential to be mined for information. Pharma looks to big data analytics as a possible avenue for everything from looking for the next big blockbuster drug to identifying a competitive advantage by analyzing its customer relationship management (CRM) data. The big question facing all sectors is, “What is big data versus smart data?”
Big data can be broken down into five primary dimensions that describe the challenge: Volume, Variety, Velocity, Veracity and Value. When any one of these characteristics is not controlled, this constitutes a big data problem. Smart data focuses on Veracity and Value and argues more does not necessarily equate with better.
GO ASK ALICE
Complementing these challenges are the cybersecurity challenges associated with big data. These issues can be described as a “Red Queen” problem. The Red Queen principle was first proposed by the evolutionary biologist L. Van Valen (1973), and is based on the observation to Alice by the Red Queen in Lewis Carroll’s “Through the Looking Glass” that “in this place it takes all the running you can do to keep in the same place.” Because of the evolving nature of the threat to cybersecurity, hackers and companies are improving their methods and maintaining a sort of balance. Adopting the right analytics as part of the data mining exercise or cybersecurity strategy is central to obtaining the right conclusion.
Complicating the entire discussion of big data and smart data is the emerging ethical issue of data gathering and analysis. Europe has taken the first serious step in this direction. The European Data Protection Act, set to go into effect in 2018, will do away with the current fragmentation and costly administrative burdens across the EU. It will ensure that the personal data of victims, witnesses and suspects of crime are duly protected, and will facilitate cross-border cooperation in the fight against crime and terrorism.
Historically, regulators have approached rapidly evolving problems using outdated approaches to problem solving, sometimes called “darkroom solutions” — where experts on a particular subject are locked in a dark room until they solve the problem. This approach rarely works as the problem will have changed by the time they have identified a regulatory solution. More likely, these problems can only be solved by orthogonal, outside-the-box thinking. As organizations move in this direction, it is likely that ethics will become part of the conversation as smart data becomes entrenched in the pharma development strategy.
EVOLVING COLLABORATION MODELS
Drug discovery has also evolved from the classical vertical models of two decades ago. Today, early drug discovery is outsourced to research organizations around the world, and competitors collaborate to manage early product risk and accelerate product delivery. To be successful, the data management strategy must be able to address data integrity and data security among collaboration partners and contract research organizations that may have developed supportive data using different systems.
DATA INTEGRITY AND INFORMATION SECURITY
Data integrity has always been a primary component of GxP system design. The FDA’s recent emphasis on laboratory and manufacturing data integrity has resulted in high profile import restrictions. As the complexity of data acquisition, transmission and analysis expands to include big data, smart data, mobile platforms and the IoT, ensuring data integrity will require a cohesive strategy encompassing every facet of data management. This responsibility falls under the area of information security (InfoSec).
InfoSec is concerned with the confidentiality, integrity and availability of your data. Most modern business data resides electronically on servers, desktops, laptops or somewhere on the Internet. However, InfoSec is concerned with making sure data in any form is kept secure. It subsumes cybersecurity, which is only interested in data in electronic form. The focus is on the value of information, which, in the end, is the primary consideration for those who create it, access it and seek to protect it.
The U.S. healthcare industry has been under siege by ransomware attacks that seek to usurp access to critical data. The exact number of attacks is not known because ransomware places hospitals in a unique legal position when, technically, HIPAA-protected data has not been breached. Hospitals are less inclined to report such attacks as HIPAA violation breaches, because they can incur a hefty financial penalty for every compromised record. The challenge with many hospitals is their antiquated and vulnerable IT infrastructure. Rather than invest in their IT infrastructure, the default has been to invest in insurance in the event of a breach.
Unlike hospitals, pharma does not fall under the same financial constraints, so as we expand to harness the capabilities of new and better data, it is essential to consider vulnerabilities of these systems.
With the plethora of wireless protocols used in IoT devices (from Wi-Fi, Bluetooth, ZigBee, GPRS, NFC, 6LowPan, LoRaWAN, Sigfox, Neul), security becomes an issue and in the absence of security countermeasures, it is a simple matter for hackers to launch and exploit Man in the Middle (MITM) data interventions.
So what do these security threats mean to data transparency advocates? The movement is not isolated to a few small markets: Both the U.S. and Europe have legislation in place to address clinical data transparency. Yet only 9 percent of most Big Pharma’s clinical data is made available to clinicians and regulators. Many believe that even the data from failed clinical studies and new molecular entities (NMEs) can provide valuable information to physicians and researchers in industry and academia. Issues raised by big pharma are the challenges associated with Intellectual Property control and legal liability.
Beyond these uncertainties is the question of what liability exposure exists for third-party entities analyzing incorrect data that has been tampered with or adulterated? This cannot be a secondary consideration, or left to departmental functional areas of responsibilities. The creation and aggregation of data spreads across an entire enterprise and requires a clear strategy to ensure data integrity is maintained.
THE NEXT DECADE
The next decade of therapeutic drug development will be based upon new and more effective means of data mining and data analytics. Competitive business drivers and compliance requirements will converge as data acquisition and analysis move to the forefront to drive discovery and manufacturing of new and more complex drug molecules. Clinical data transparency is here to stay, and establishing a structured framework, infrastructure, policies and practices will be central to being compliant and avoiding controversy or even litigation in the future. As the industry looks ahead and moves forward, its ability to manage these constantly evolving threats to data management and integrity will define how we develop new drug therapies in the future.
ABOUT THIS ARTICLE
The preceding article is Bikash Chatterjee’s contribution to the CPhI Annual Industry Report 2016, which was released at CPhI Worldwide, Oct. 4-6, in Barcelona. The CPhI Annual Report is a comprehensive and critically important publication that analyzes key trends and inno- vations forecast by a panel of world class experts. Running as a series of opinions and articles, the CPhI experts call upon their commercial and technical acumen to prophesize the future direction, technologies, opportunities and threats in pharma. The full report is available at www.cphi.com/europe/cphi-annual-report.
1. L. Abboud, New Prescription For Drug Makers: Update the Plants: After Years of Neglect, Industry Focuses On Manufacturing; FDA Acts as a Catalyst, The Wall Street Journal, September 2003
2. Transparency Market Research (TMR), E-Clinical Solution Software Market- Global Industry Analysis, Size, Share, Growth, Trends and Forecast, 2014 – 2020 (July 21, 2014)
3. Atredis Partners, Can you trust me now? The Current State of Mobile Security”, Blackhat Conference, 2016