Helping Our Clients Conduct Globally Compliant Market Research December 14, 2016
The Affordable Care Act
US Market Research Federal Affordable Care Act ObamaCare governs double-blind market research and makes it unnecessary to report payments to federal government under sunshine reporting. The Act is published into CMS (Center for Medicare and Medicaid Services) Rules followed by pharmaceutical clients: 42 CFR Parts 402 and 403 If incoming administration makes changes to the Act it may or may not change the rules: Needs to be watched carefully by the pharmaceutical and market research industry. Internal Revenue Service requires W-9 documentation and 1099 issuance for any respondent earning $600 or over in a calendar year 2016 M3 USA Corporation. All rights reserved. Globally Compliant Market Research 3
The European Union
US-EU Market Research The EU - US Privacy Shield is designed to protect the privacy rights of citizens of the European Economic Area (EEA) when their personally identifiable information (PII) is transferred to the USA. This new framework is the replacement for the invalidated Safe Harbor Framework. The Privacy Shield places stronger obligations on US organizations to protect the personal data of EEA citizens. It requires greater transparency about transfers of personal data to the US and it offers more accessible redress options in case of complaints. The European Commission (EC) and Federal Trade Commission (FTC) established the EU Privacy Shield to provide enforceable protection of EU citizen data and privacy. UK voted for BREXIT to leave EU but has not yet ratified the request which allows for a 2 year negotiating period. A separate UK US Privacy Shield may be necessary. 2016 M3 USA Corporation. All rights reserved. Globally Compliant Market Research 5
NEW EU General Data Protection Regulations (GDPR) EU has been following General Data Protection Directives which are locally implemented suggestions for data protection and privacy EU Commission passed regulations (laws) that replace the directives starting May 2018 so there is an equal understanding and implementation of data protection in Europe These laws apply to anyone who controls or processes data with personally identifiable information (PII) You can expect inquiries from clients about how EU data are protected Some of these laws apply directly to market research including o Registration with one Data Protection Authority (DPA) o Requirement to opt in and disclose how personal data will be used o Allowance to opt out at any time and be forgotten Anonymized data is the best way to stay clear of GDPR obligations 2016 M3 USA Corporation. All rights reserved. Globally Compliant Market Research 6
Loi Anti- Cadeaux & Loi Bertrand
French Market Research French Government passed Loi Anti-Cadeaux (Anti-Gift) and Loi Bertrand (Transparency) laws with reporting requirements that include honoraria payments over 10 Euro for market research with all HCPs Research must be registered with Conseil National de l'ordre des Médecins (CNOM) 30 days in advance (recommended but not required before starting research) and requires disclosure of topic, duration, and incentive sponsor is blinded If an issue is raised, corrective action is suggested but not required. Names and amounts paid to HCPs must be reported within 30 days after research is completed Fines are significant and compliance is required by the Health Care Professional and the Agency conducting the research New Annual Approval Process for Physicians being set up by CNOM 2016 M3 USA Corporation. All rights reserved. Globally Compliant Market Research 8
French Market Research Fines Payments to Healthcare Professionals is taken very seriously in France Under Loi Anti-Cadeaux Physicians who do not disclose their payments can be fined EUR 75,000 and imprisoned. Companies not registering the research the fine is multiplied by five (EUR 375,000) and business sanctions may be issued (Article L.4163-2 PHC). 2016 M3 USA Corporation. All rights reserved. Globally Compliant Market Research 9
French Market Research Fines Under Loi Bertrand Manufacturers (pharma) are required to push for the disclosures of market research honoraria and themselves can be fined (Article L.1454-3 PHC). 2016 M3 USA Corporation. All rights reserved. Globally Compliant Market Research 10
Asia Data Export Bans and Licenses
Asia Data Export Bans and Licenses Asian countries which have a personal data export ban Japan Russia China Additionally in Japan 2003 Act 57 on the Protection of Personal Information requires companies to certify data protection Licenses from the Chinese government are required to be on the Chinese internet (.cn) and conduct data collection on Chinese citizens 2016 M3 USA Corporation. All rights reserved. Globally Compliant Market Research 12
M3 is helping our clients and end clients remain compliant with healthcare market research in the US, Europe, and Asia.
How to Stay Compliant M3 uses a local model to be aware of local rules and regulations M3 maintains an ISO (International Standards Organization) certification for market research data collection (ISO26362) and an ISO certification for data protection and security (ISO27001). An executive for M3 chairs the Institute for Research Quality that certifies companies to the market research ISO standards M3 sits on the board of directors of industry associations CASRO and PMRG and sits on committees for MRA, BHBIA, EphMRA, and PBIRG so we can stay vigilant M3 has in-house counsel that participates in industry legal roundtables M3 passes our knowledge on to you to keep you and your end clients compliant with local, regional, national, and international rules, regulations, and laws. Please reach out to M3 for any questions about compliance 2016 M3 USA Corporation. All rights reserved. Globally Compliant Market Research 14
QUESTIONS?
501 Office Center Drive, Suite 410 Fort Washington, PA 19034 THANK YOU coverpeck@usa.m3.com 202-293-2288 http://research.m3.com