With the latest EU IDMP guidance now published, pharma companies must now measure their readiness for the new world, in which data-based regulatory submissions run parallel with, and will ultimately replace, single-use documents. Here, Adnan Jamil, a Senior Consultant at data-driven life sciences transformation specialist, Iperion, offers step-by-step advice to pharma companies keen to reap the full benefits of a digital product information management future.
Recently the European Medicines Agency published the second version of its EU IDMP Implementation Guide. This was a trigger for software vendors and pharma companies to progress systems that support compliance with simultaneous data-based and packaged-dossier regulatory submissions – all based on the standard vocabularies and descriptors that have been agreed.
Yet this is much more than a technology-based transformation – or it should be. Done properly, IDMP preparations should encompass changes to processes (not just data management processes, but also core regulatory business processes that are part of the value chain) to ensure they are working with the best possible data, supported by appropriate governance. Organisational changes need to be a part of the picture, to elicit the fuller gains of a data-based product management future.
But how ready are companies to move forward? With new implementation guidance hot off the press, now is the ideal time for the pharma industry to determine its readiness both for EU IDMP compliance, but also for a future that will allow companies to do things very differently.
Until those involved understand the gaps in their current capabilities and processes, however, they will struggle to make efficient progress towards either their short- or longer-term goals. It is important, then, to begin with an IDMP readiness assessment, a clear target and a practical roadmap to get there – with appropriate consideration of organisational, process, information and governance changes, as well as the adoption of fit-for-purpose technology and data management capabilities.
Ideally IDMP maturity assessment should be broken out into four categories of work (much of which can take place in parallel):
Category 1: Process & governance
Too often, companies assume that compliance activity starts with the enabling technology. But if a great software system is applied to ill-fitting processes, the desired transformation will be compromised. So it is important to start by reviewing all processes currently affecting the way data is generated, captured, checked, combined and maintained, and how this feeds into existing document/dossier creation.
Drawing on industry-standard IDMP process reference models, accessed via an external advisor for instance, companies should assess their current business and data management processes and identify the impact IDMP will have on current modes of operation. This knowledge will help inform the necessary process changes – and estimate the effort needed to implement them.
Mapping out the company’s current approach is important – identifying any gaps compared to the new target data governance framework, pinpointing areas of risk and opportunity, and devising optimum data governance.
In an IDMP context, data and documents must be both consistent in terms of what is provided to the authorities, being submitted simultaneously. So companies will need to consider whether current processes allow for that and, if not, what will need to change to pave the way for parallel, linked, high-quality structured data- and electronic document-based submissions.
Understanding the current state of play will also help with the set-up of process design/redesign activities. Depending on the size and scope of the organisation, the data collection, quality control and cleansing requirements, and any new or revised processes needed to ensure ongoing IDMP compliance, could be significant, so companies should not underestimate what will be involved. Any process redesign will be central to every other aspect of IDMP preparation and the success of the implementation.
Category 2: Organisational considerations
In the new world – and certainly in the future as companies realise the power of working with data and a single, central master version of their product truth – managing product-related information will transcend the remit of Regulatory Affairs. If companies want to fully capitalise on the potential of a new data-focused way of thinking, planning and ensuring quality and safety, it follows that maintaining a consistent, high-quality master data set will be a task bigger than any one department.
For now, an organisational assessment – an assessment of the company’s readiness for organisational change – will help ensure that the right stakeholder groups are given the attention they need throughout the digital transformation that is IDMP implementation. Crucially, this process will determine everyone’s awareness of IDMP and its implications both for interactions with the authorities, and for internal ways of working. It will also provide vital input into the necessary organisational change management (OCM) strategy, and guide a communication plan mapped to the particular needs of each stakeholder group.
Upfront stakeholder analysis – via interview sessions and surveys among identified parties of interest – will help in the formulation of a near-term change management strategy and a high-level communications plan, ensuring buy-in and alignment across all phases of the project.
Category 3: Technology readiness
The technology assessment is important in its own right, but needs to be considered in tandem with process/organisational findings to ensure that any system updates or replacements are able to support the new target operating model (in which data and documents are submitted in sync). Moreover, both individual system and overall architecture provisions must be looked at with an eye on future compliance needs and other data-driven process ambitions.
Taking in analysis of the current system architecture, as well as the core systems of interest, the goal should be to define a fit-for-purpose technology strategy. Topics for consideration/discussion here should include the use of or upgrade to a regulatory information management (RIM) system; use of a product backbone or master data management (MDM) solution; building an in-house solution, or even using EMA’s product management services (PMS) web interface – based on the company’s specific situation and future IT plans.
Where the organisation already has a RIM system in place, it will be important to assess its capabilities in the light of IDMP: its specific configuration as well as the way data management has been set up within the system.
Category 4: Data assessment
The data assessment should aim towards a detailed understanding of the location, ownership, quality and quantity of the company’s IDMP data set, such as it is currently. This will enable the planning of tailored data remediation activities.
Companies are likely to need some help here – to understand more fully the IDMP data model, the ins and outs of the latest EU Implementation Guide, as well as the typical business processes generating and/or handling IDMP data. Performing data pilots with a carefully considered cross-section of current products is advised.
The aim should be to compare internal data sets with both the IDMP ISO standard requirements, as well as the specific definitions set by the EU Implementation Guide. Lastly, in-house data will need to be compared to the data within EU IDMP Referential Management System (RMS) and Organisation Management System (OMS).
Once data mapping is complete, companies should have a clear overview of where their IDMP-relevant data resides today, both in a structured format (ie system/database) and in an unstructured format (ie within documents); the current quality of that data; which functions own the data/ which systems are currently considered the ‘sources of truth’ when putting together dossiers or answering agency queries; which data is currently missing and what this will mean in terms of data remediation; and more.
In addition, drawing on the outcomes of the data mapping undertaking, along with those from the technology assessment, will help in drawing up a data remediation plan with appropriate activities and timings.
Overall, the results of these assessments will help inform a pragmatic, futureproof IDMP vision and strategy and an optimally aligned IDMP roadmap and implementation plan.
IDMP vision & strategy
Once all of the assessment elements have been completed, companies will need to develop the main driving principles for the company’s IDMP Initiative – starting with compliance with EMA’s IDMP implementation, but ensuring that the IDMP ISO core remains suitable for other regulators’ requirements down the line (such as the FDA’s). In other words, global re-use of the initial European compliance effort is a key principle. Another should be to provide a pathway to other business value (from high-quality data-driven product management) in the longer term.
These driving principles will set the course for any IDMP implementation and will support decision-making, preventing the company from making choices that take it into new silos or technology dead-ends.
It is important to ensure, too, that the IDMP strategy dovetails with/does not conflict with any other pivotal company initiatives (the organisation’s broader enterprise data strategy, use of an agile delivery model, etc.).
With the foundational basis for the vision and strategy in place, next steps should include:
- Agreeing on the value-driven additional use cases for IDMP, which will involve cross-functional collaboration and decisions about initiative sponsors;
- Setting the target timeframes for the initial IDMP go-live/’release 1’; and
- Defining the target approach for the xEVMPD-IDMP Product Management Services (PMS) database transition period.
IDMP roadmap & implementation plan
The final push should be to set out a clear IDMP roadmap and implementation plan – which doe not try to accomplish everything in a first project release. Trying to bite off too much in one go could slow progress, overwhelm budget, and have a negative impact on morale. So, while company-wide master data management (MDM) – extending across RIM, Pharmacovigilance/Safety and ERP – might ultimately be the goal, it is more prudent to start with a fairly lean program that can be added to later.
Aim to enable a step-wise increase of IDMP capability maturity over time. The incremental releases should be defined using the outcomes of the IDMP maturity assessment, factoring in three components each time:
- Compliance-driven components – eg IDMP EU Iteration 1 compliance, ‘step 1: Central Authorisation Procedure (CAP) products’, followed by ‘step 2: non-CAP products’;
- Value-driven components – eg batch release optimisation; automatic population of electronic regulator forms; and
- Supporting infrastructure to enable process and technology implementation data remediation activities, etc.
At this point, the detailed implementation plan for the initial release(s) can be created.
It is important for companies to realise that they do not need to try to tackle all of this complexity alone, but starting with a thorough assessment, strong strategy and staged plan will set them in good stead to make the most of their EU IDMP implementation.
About the author
Adnan Jamil is a Senior Consultant at Iperion, now part of Deloitte. Iperion’s approach to assessing companies’ IDMP maturity has been standardised and fine-tuned based on leading subject-matter expertise on regulatory information management, data submissions (eg IDMP, xEVMPD) and extensive first-hand experience from projects with a broad spectrum of life sciences clients.