FDA Introduces Portal for Public Reporting of Regulatory Misconduct

Kate T. Klaus, Esq. | Staff Attorney, Medmarc Loss Control

Earlier this week, FDA launched a new program in which individuals can report, directly to FDA’s Center for Devices and Radiological Health, allegations of regulatory misconduct on the part of medical device manufacturers and marketers. The agency understands very well the vast reach of the medical device industry, but its limited resources have allowed bad actors to market their products while attempting to remain below FDA’s radar. In addition to creating potential risks for patient safety, this flouting of regulations has long been a source of frustration for medical device companies that do operate within the bounds of the law and feel unfairly disadvantaged when competitors skirt the rules.

Examples of reportable misconduct include:

  • Advertising or promoting a device beyond the bounds of its indications for use;
  • Marketing a device without the necessary clearance or approval;
  • Failing to implement or comply with necessary Quality System requirements;
  • Importing devices that do not meet U.S. legal criteria;
  • Failing to register and list with FDA, thus preventing FDA from properly overseeing operations; and
  • Knowingly deceiving FDA in some fashion, whether falsifying documents or hiding information.

Reports are accepted through the FDA webpage, as well as by mail and email. While FDA encourages reporters to include their name and contact information in the event that additional information is required, reports can be filed anonymously. FDA will review the reports, evaluate potential risks to public safety, and determine the appropriate intervention or enforcement action.

What is the takeaway for medical device firms? For those already operating in compliance with FDA regulations, there should not be a burdensome impact. Even if FDA chooses to investigate an allegation, frivolous claims will likely be dispensed with easily when met with strong quality systems and thorough recordkeeping practices. However, for those firms attempting to fly beneath FDA’s radar, they may find themselves on the receiving end of a Warning Letter in short order. Your competitors have been watching your practices for years, but FDA has now empowered them to act.

For more information on compliance with FDA regulations, please see our Life Sciences Guidebook, available for sale on Amazon.

The Yates Memo, One Year Later

The Yates memo hit the trade and legal press with the same kind of resounding thud that accompanied previous DoJ memos such as the Thompson memo, and indeed, more than one prosecution has resulted in the imposition of fines imposed on corporate officers as expected. However, the memo has also affected the way companies think about directors and officers liability insurance thanks in part to the potential for the Yates memo to conquer by dividing.

Deputy Attorney General Sally Quillian Yates inked the memo that bears her name in September 2015, a seven-page document that makes its aims clear in the second paragraph. Yates, whom the Senate confirmed to the position a scant four months earlier, said in the memo, “one of the most effective ways to combat corporate misconduct is by seeking accountability from the individuals” believed to have been involved in the wrongdoing.

Yates stopped short of some of the more extreme prescriptions found in the memo named for one of her predecessors, Larry Thompson, whose January 2003 memo seemed excruciatingly close to requiring that corporations leave their executives and officers without the benefit of their directors and officers (D&O) liability policies, not to mention the hazard Thompson’s memo had introduced to attorney-client privilege.

Nonetheless, the Yates memo might seem to drive a wedge between employer and employee. By some accounts, corporations must divulge any and all information about anyone who was involved in the purportedly violative conduct in order to engender any forbearance at all on the part of a federal prosecutor.

If anyone needed to see evidence of this dual individual-corporate accountability at work, the case of North American Health Care provided that evidence. The Department of Justice announced in mid-September that it and NAHC had come to terms over allegations the company had induced false claims for rehabilitation services. The company agreed to pay more than $28 million to settle the case, but two of the company’s executive staff lost a total of $1.5 million, thus demonstrating that Yates meant what she said about individual accountability.

The size of the NAHC penalty was not conspicuous, given the $1.5 billion fine paid by Abbott Labs in 2012 over the company’s promotion of Depakote for off-label indications. On the other hand, the Yates memo would seem to add a new wrinkle to the question of D&O insurance inasmuch as corporations and individuals might have a different set of incentives regarding cooperation. Depending on the circumstances, corporate officers may feel compelled to seek their own representation, particularly when documents begin to show up in a prosecutor’s briefcase.

In addition to the fact that individuals may have less incentive to cooperate than their employer, more than one director or officer could opt for independent counsel, thus raising the cost of fulfilling contractual obligations to provide counsel. In some instances, the cost of counsel for all the affected parties could quickly exhaust the policy’s liability limits.

These considerations are obviously high on the list for a candidate for an executive position with a company or a seat on the board of directors, and those in the life science industries are keenly aware of the intense government scrutiny of their activities, particularly since the FDA off-label promotion issue is as yet unresolved. One way to deal with some of these considerations might be to add a supplementary policy for directors and officers that will handle issues such as a prosecution of individuals that continues after the corporation has come to terms with federal attorneys. There are other considerations to sort through as well.

The Yates memo might not have a profound effect on the size of penalties imposed on accused companies, but adding corporate officials to the list of those who are subject to prosecution certainly raises the stakes where legal costs are concerned. Companies in the life sciences can’t afford to wait until a federal attorney comes knocking to ensure their policies cover such considerations.

Hot Topics & Technologies in Life Sciences

Medmarc Loss Control

When asked to come up with a list of what’s hot in life sciences right now, Medmarc’s Risk Management team put our heads together and came up with the following list.

  1. Off-label Promotion Revisited
  • Following the recent case involving Amarin Pharmaceuticals, FDA is reconsidering the extent to which it will permit companies to make truthful and non-misleading statements about off-label uses as they relate to clinical decision making, research, and reimbursement.
  • FDA will hold a public hearing on November 9 and 10 as part of a comprehensive review of its regulations and policies regarding off-label promotion.
  1. Unique Device Identifier (UDI) – Extended Deadline
  • Under the UDI directive, Class II devices were supposed to be in compliance with the law’s label and GUDID (pronounced “Good ID”) rules by September 24, 2016. The same provision also eliminated the use of National Health Related Item Code (NHRIC) and National Drug Code (NDC) numbers and replaced them with the UDI codes.  Suppliers and pharmacies rely on NHRIC and NDC numbers to identify products, including for reimbursement purposes, and are unprepared to eliminate the use of these numbers.  In response to industry objections, FDA has agreed not to enforce the prohibition against NHRIC and NDC numbers until September 24, 2021.
  1. New Rule on Antibacterial Soaps
  • On September 2, 2016, the FDA issued a final rule establishing that over-the-counter (OTC) consumer antiseptic wash products containing certain active ingredients can no longer be marketed.
  • This rule does not affect consumer hand “sanitizers” or wipes, or antibacterial products used in health care settings.
  1. Point-of-Care Diagnostic Testing
  • Currently, the diagnostic testing model has the provider taking samples for testing and outsourcing the analysis to a diagnostic laboratory (such as Quest Diagnostics), which involves a several day wait for test results. However, in line with the push toward preventive and personalized medicine, medical device firms are seeking to improve upon this model by offering equipment for in-office and portable diagnostic testing.
  • Alere and Roche are the current market leaders, offering point-of-care diagnostic testing for cardiometabolics (e.g., blood gases), infectious disease, toxicology, oncology, women’s health, anticoagulation therapy, and urinalysis.
  • The point-of-care model raises questions about software validation and maintenance as well as the inherent cybersecurity challenges.
  1. The Fall of Theranos
  • Known as the blood-testing start-up founded by Elizabeth Holmes as a 19-year-old Stanford dropout, Theranos was once valued at some $9 billion when a damning report published in The Wall Street Journal alleged that the company was, in effect, a sham—that its core technology was actually faulty and that Theranos administered almost all of its blood tests using competitors’ equipment.
  • The FDA investigated two Theranos sites and issued two 483s, finding that Theranos kept poor records, mishandled complaints, failed to conduct quality audits, and was “unable to produce documented supplier qualifications,” among other observations.
  • CMS imposed sanctions on the company in July 2016, prohibiting it from receiving Medicare and Medicaid payment for lab services and imposing a civil monetary penalty, among other sanctions.
  • The company is also under investigation by the SEC and FBI.
  1. Zika Lab Tests
  • Zika testing is used to detect infection in a person without signs and symptoms or to determine whether a person with signs and symptoms of Zika has been infected after exposure in a region with Zika virus. It may also be used to test people who have had sexual contact with a recent traveler to a region with Zika.
  • Zika infection may be difficult to diagnose without laboratory tests because symptoms may resemble those of other diseases, such as dengue fever or chikungunya infection.
  • FDA has been allowing the emergency use of some yet-unapproved Zika tests. To do so, FDA uses the Emergency Use Authorization (EUA) procedure (under the Food, Drug & Cosmetic Act), which allows use of the unapproved product for a specified duration of time. The FDA website lists ten Zika-related products currently approved on this basis.
  1. Cool New Technology Alert – Augmented Reality
  • Augmented reality—a blend of virtual reality and one’s real-world surroundings—looks like it may have some real beneficial uses in medicine. In 2014, the FDA cleared an augmented reality device for surgeons to use in preparation for surgery, and other devices may appear in surgical suites before long. Using these devices, surgeons can visualize the patient’s anatomy from outside of the body, by constructing a holographic overlay created from CT scan data.
  1. “Dirty” Endoscopes
  • Endoscopes, and particularly duodenoscopes, have long been recognized as high-hazard devices due to their design (i.e., the flexible neck of the scopes allows for bacteria to become trapped, potentially eluding cleaning). Olympus, a major scope manufacturer, was forced to recall thousands of its scopes following the discovery that its devices harbor bacteria that could not be eliminated even when the company’s own instructions for disinfection were followed. As a result, there were several deaths and more than 200 infections of CRE (carbapenem-resistant enterobacteriaceae), which has a significant mortality rate─some reports cite rates as high as nearly 50%.
  • This incident refocused industry attention on scopes. A German company has developed a robotically-assisted, sterile, single-use colonoscope. Because the device is single-use, it eliminates the risk of bacteria transmission between patients – assuming hospitals follow the instructions not to reuse the device, which has been an issue in areas with scarce resources.
  1. Software & Predictive Analytics
  • Several recent studies reveal that certain software and predictive analytics tools can better identify and predict the presence and path of health conditions among patients than trained doctors and pathologists.
  • The capability of the software raises questions about how the FDA will regulate them and to what extent they should be used—merely as clinical support for decision-making, or as independent diagnostic tools.
  • In its mobile medical apps guidance, the FDA specifically declined to address software “that performs patient-specific analysis to aid or support clinical decision-making.” Thus, the Agency has not interpreted such as being medical devices so far. However, if used independently to diagnose conditions, these software programs would likely come under the FDA’s scrutiny as medical devices.
  1. Cybersecurity & Device Breaches
  • Insulin pumps, heart monitors, x-ray communications systems and other medical devices have been shown to be vulnerable to cyberattack. Accordingly, there is much concern about the security of patient information entered or stored in medical devices or the cloud in the “internet of things” in which multiple devices communicate with one another.
  • In light of such concerns, and news of breaches in hospitals and insurance networks, the FDA has published cybersecurity guidance for medical-device makers to ensure the security of patient information the devices gather.

New California and Illinois Opinions Force Drug Companies to Litigate Out-of-State Plaintiff Cases in California and Illinois

Jordan Lipp, Esq. | Partner, Davis Graham & Stubbs LLP

In the last week, the California Supreme Court and the Illinois Court of Appeals have each issued opinions finding that their respective states had personal jurisdiction to hear lawsuits by out-of-state plaintiffs against out-of-state defendant drug companies.

On August 29, 2016, in Bristol-Myers Squibb Co. v. The Superior Court of San Francisco County, — P.3d –, 2016 WL 4506107 (Cal. 2016), the California Supreme Court in a 4-3 decision addressed the issue of personal jurisdiction in a case where 678 individuals, consisting of 86 California residents and 592 nonresidents, all alleged adverse consequences from the use of Bristol-Myers Squibb’s drug Plavix.  Bristol-Myers Squibb is incorporated in Delaware, headquartered in New York City, with substantial operations in New Jersey.  The lawsuits were filed in San Francisco Superior Court.

On the issue of general jurisdiction (i.e., whether a defendant can be sued in the forum regardless of whether the case is related to the forum), the Court stated that “although the company’s ongoing activities in California are substantial, they fall far short of establishing that it is at home in this state.”  However, on the issue of specific jurisdiction (i.e., whether the case-linked conduct occurred in the forum), the Court found that Bristol-Myers Squibb’s national marketing, promotion, and distribution of Plavix in California, coupled with its research and development facilities in California, created specific jurisdiction, even with respect to the out-of-state plaintiffs.  Although the majority opinion stated its decision did “not render California an all-purpose forum for filing suit against [the defendant] for any matter,” the dissent warned that the “the majority [decision] expands specific jurisdiction to the point that, for a large category of defendants, it becomes indistinguishable from general jurisdiction.”

Only a few days earlier, on August 26, 2016, in M.M. v. GlaxoSmithKline LLC, 2016 Ill. App. LEXIS 575 (Ill. App. 2016), the Illinois Court of Appeals for the First District addressed whether the Circuit Court of Cook County, Illinois had specific jurisdiction over GlaxoSmithKline in lawsuits brought by 12 nonresident plaintiffs against GlaxoSmithKline based upon the drug Paxil.  Although GlaxoSmithKline is based in Delaware and does not have corporate or administrative headquarters in Illinois, the Illinois Court of Appeals found that personal jurisdiction existed over GlaxoSmithKline.  The Court reasoned that as the Plaintiffs’ allegations involved GlaxoSmithKline’s alleged errors during its clinical trials of Paxil, which partially occurred in Illinois, these Illinois clinical trial actions established specific jurisdiction.

While Daimler AG v. Bauman, 134 S. Ct. 746 (2014) and other recent decisions have given hope to drug and device companies that they will not be sued in forums other than their home states, especially in cases where the plaintiffs also do not reside in the forum state, neither the California nor Illinois decisions advance this cause.

Life Sciences News Roundup, 6/30/2016

  • Code of Conduct on Privacy for mHealth Apps Finalized by EU – Medical Product Outsourcing
  • Study: Initially CE Marked Medical Devices Have Higher Recall Rate – Mass Device
  • The Defend Trade Secrets Act’s Implications for Medtech – MD+DI
  • China FDA Releases New Self-Assessment Reporting Requirements for Medical Device Distributors – Inside Medical Devices (Covington)
  • Medical Device Companies Feat Parallel Regulation After Brexit Vote – Mass Device

Stepped Up Regulation of Lab-Developed Tests Has Products Liability Implications

Courtney A. Stevens, Esq. | Senior Attorney, Medmarc Loss Control

Significant advances in science, and particularly in genomic medicine, have catapulted lab-developed tests (LDTs)–diagnostic tests designed, manufactured, and used in the same laboratory–past the benign uses they fulfilled decades ago. When LDTs were used with relative infrequency and often for a crucial segment typically neglected by in vitro diagnostic (IVD) manufacturers–namely, rare diseases–they received lax oversight from the FDA under what the Agency deems its “enforcement discretion.”

Now though, in the wake of well-publicized disasters like Theranos and the realities of both (1) the huge cost incentives to use these “home brew” tests over FDA approved tests that can cost as much as ten or twenty times as much; and (2) the transformative effect of genomic testing advances which have meant LDTs are now employed to test everything from birth defects to ovarian cancer, the FDA has undertaken to significantly step up its oversight and require pre-market approval for many such LDTs.

According to the first of three draft guidance documents on the Agency issued on the subject in the last two years, Framework for Regulatory Oversight of Laboratory Developed Tests (LDTs), it proposes a risks-based oversight strategy under which those tests the wrong result or interpretation of which would have the greatest implications for patient mortality or morbidity would receive the most stringent oversight and have to obtain pre-market approval prior to their use.

This stepped-up oversight isn’t merely burdensome to labs making LDTs; it has real products liability implications. For one thing, a company’s misstep with the FDA in the form of an enforcement action or inspection is often either an initial attractant or a catalyst for plaintiffs’ attorneys. Knowing that these kind of regulatory missteps are helpful at trial to paint a picture of a non-compliant, careless manufacturer, plaintiffs’ attorneys may seek grounds for suits after learning of a company’s FDA trouble.

Additionally, standards and regulations are useful to products liability plaintiffs in establishing a standard of care, one hurdle of a negligence case (the next being showing that the defendant deviated from that standard of care). The more detailed and complex the regulations, the easier it is to find some lapse in consistency with them.

LDT makers must be quick to recognize the burdens of their new regulatory environment and adapt accordingly. Quality assurance/regulatory affairs personnel should be hired or engaged as soon as possible to avoid regulatory and products liability consequences.


FDA Update: News, Products, & Guidance Documents

Courtney A. Stevens, Esq. | Loss Control |Medmarc Insurance Group

The FDA has had a busy first quarter, and this post provides a brief run-down of some of the more news-worthy items coming out of the Agency since the dawn of 2016.

New Guidances

Data Integrity

Last week, the FDA released a draft guidance titled Data Integrity and Compliance with CGMP. Noting that the Agency had seen a growing number of cGMP violations involving data integrity, it sought to provide further clarity and detail to the data-related cGMP requirements. The guidance largely takes the form of a question and answer dialogue, posing and answering questions like:

  • Is it acceptable to only save the final results from reprocessed laboratory chromatography?
  • Is the FDA investigator allowed to look at my electronic records?
  • How does FDA recommend data integrity problems identified during inspections, in warning letters, or in other regulatory actions be addressed?

In answering the last question with regard to the kind of corrective action a company should demonstrate in the wake of a data-related cGMP violation, the Agency restated its oft-articulated position that is not specific to data problems, saying: “FDA encourages you to demonstrate that you have effectively remedied your problems by: hiring a third party auditor, determining the scope of the problem, implementing a corrective action plan (globally), and removing at all levels individuals responsible for problems from cGMP positions.

Interoperable Devices

On January 26, 2016, the FDA released a draft guidance document titled Design Considerations and Pre-Market Submission Recommendations for Interoperable Medical Devices. As interoperability (accidental and intentional) of medical devices has been a headache not only for regulators, but for products liability, this guidance was of particular interest.

This the first guidance on the topic of interoperability that the FDA has published, and its real focus on the design controls and considerations important in interoperable products. As its impetus, the FDA noted that “the failure to establish and implement appropriate functional, performance, and interface requirements during product development may lead to the exchange of inaccurate, untimely, or misleading information[,] device malfunction, including the failure to operate, and can lead to patient injury and even death.”

The device highlights the following items:

  • Designing systems with interoperability as an objective;
  • Conducting appropriate performance testing and risk management activities; and
  • Specifying the functional, performance, and interface characteristics in a public manner such as labeling.

New App

The FDA has teamed up with the Federal Trade Commissionmobile medical app (FTC) in the production of a new interactive tool mobile app developers. The tool goes through several questions about the processes and purposes of the developer’s prospective app, and helps the developer determine the regulatory framework under which its product will likely be scrutinized. The tool can be found and tested here.

New Products Approvals and Clearances

The Agency had a busy last couple of months, approving and clearing numerous drugs and devices. A few of particular note are provided below.

  • On April 8, the FDA’s Center for Veterinary Medicine (CVM) began the process of rescinding approval of a swine drug in light of new evidence that the drug may leave trace amounts of a carcinogenic residue. (FDA News Release | April 8, 2016.)
  • On April 7, the FDA approved the marketing of the first tissue containment system for use with certain laparoscopic power morcellators. “Although the device is an effective tissue containment system, the FDA is requiring the manufacturer to warn patients and health care providers that PneumoLiner has not been proven to reduce the risk of spreading cancer during these procedures.” (FDA News Release | April 7, 2016.)
  • On March 30, the FDA granted an investigational new drug application for a test screening blood donations for presence of the Zika virus. (FDA News Release | March 30, 2016.)