We are all familiar with the old saying, “the best offense is a good defense.” When it comes to highly regulated industries such as pharma getting involved with social media, having a well-prepared defensive plan in place at the outset is critical to risk management. With the recent publishing of the FDA draft guidelines addressing unsolicited requests for off-label information about prescription drugs and medical devices, pharmaceutical companies are in an excellent position to expand their social media programs into engagement. Still, with the draft nature of the guidelines, risk management is critical.
While there has been some mixed reaction to the draft guidelines, the FDA is giving a clear show of confidence in pharma companies, stating, “FDA recognizes that firms are capable of responding to requests about their own named products in a truthful, non-misleading, and accurate manner.” In fact they take this a step further to say it makes sense for pharma to be engaging,
“…because firms usually have robust and current information about their products, it can be in the best interest of public health for a firm to respond to unsolicited requests for information about off-label uses of the firm’s products that are made in public forums, especially since other responders may not provide or have access to the most accurate and up-to-date medical product information.”
With all of that positive messaging, what are the key points affecting how pharma companies interact with the public? The FDA advises that pharmaceutical companies may give out information about off-label uses to patients, but only if the question was not solicited through marketing materials or advertising, for example. Additionally pharma companies are cleared to respond to public questions about off-label uses they get on social media sites such as Facebook, Twitter or forums, but the response must be private communication and shouldn’t come from sales or marketing personnel.
Okay, so that sounds fairly straightforward. Now, how do you help mitigate risk exposure when you venture into a more active and engaged social media program? The key is to establish clear guidelines for everyone participating, centralize your efforts and intercompany communications around social and create an audit trail by tracking everything. Let’s take a closer look at the five ways pharma can mitigate risk when using social media:
1. Establish a social media policy and keep employees informed. Of course the most important starting place for any company, in a regulated industry or not—whether they are currently participating in social media or just watching from the sidelines—is to have a social media policy in place and make sure employees and appropriate vendors are trained on it. Even if your company isn’t social, your employees probably are.
Your policy, which should be documented, should be specific as to who has the authority to speak on the company's behalf on social networks and the consequences that exist if any of these rules are broken. If expectations and processes are not clearly outlined and regularly communicated internally, well-meaning or disgruntled personnel can be one of your greatest liabilities. Policy templates and examples are available here if you need examples to help you get started.
2. Centralize your program with a social media monitoring and engagement platform. Running a social media program requires the means to effectively collect, organize and manage large volumes of social media content to make sense of it, report on it, find insights in it and react where appropriate. Sure you can use Google Alerts to get an idea if people are talking about your brand and some conversational themes. But if you are tying metrics and accountability to your program, you’ll need a professional platform designed to do the job.
Working with an enterprise-ready social media platform will no doubt make your job easier. However when it comes to risk management, centralizing all of your social activities becomes more than a convenience, it becomes a requirement. Managing risk requires the functionality to see your entire social media ecosystem in one place while enabling staff in all departments to operate and communicate within the same “sandbox” keeping everyone on the same page. This minimizes duplicate efforts, faux pas such as multiple responses being to the same consumer and missed opportunities when the right hand doesn’t know what the left is doing. Here is an analyst report by Gleanster that can provide some guidance to choosing the right one for you.
3. Be proactive with Adverse Event tracking and reporting. Pharma companies are used to reporting them and thanks to recent Adverse Event (AE) reporting rate research, companies are breathing a little easier with their social media programs knowing that on average, only 0.3% of brand mention posts contain an AE. While FDA guidelines do not require companies to seek out AEs, brands are starting to proactively monitor for them building goodwill in the process, creating risk-deflecting records and doing their due diligence to keep the health and interests of the consumers they aim to help a priority.
4. Establish a workflow with built-in checkpoints. Your social media policy should outline both the expectations for employees but also the basic workflow and escalation path for reporting social media content they feel needs a response. For those employees who are actively working with social content, your brand and company Facebook pages, Twitter handles and other profiles, building in checkpoints to approve content can be invaluable.
For example consider putting controls in place to automatically review any outbound content for policy violations. Having a process like this ensures that communication can still be published in a timely manner without exposing the company to unnecessary risk. Social media monitoring and engagement platforms designed for enterprises will let you to do this even customizing it to your own situation. Look for one that allows you to have multiple users work with your social accounts, if you need, without exposing your password credentials to anyone but an administrator as well as reporting on user activities.
5. Create audit trails for activities and users. Any company facing regulatory controls can face an audit at any moment. Your social media policy should take this into consideration and include implementing technology that archives all content and activity in a way that can quickly and adequately prepare you for an unexpected call from the auditors. Knowing your ducks are in a row and you are continuing to do your best to meet and exceed all regulatory guidelines should enable you and your executives to sleep a little better at night.
What other steps do you feel help protect pharma companies from compliance risk in social media?