Marketing and sales departments make projections quarters—sometimes years—in advance. Finance groups crunch numbers on a strict schedule. But continual shifts in the healthcare regulatory environment have made the job of compliance officers unpredictable. Traditionally, this uncertainty has led to a perception of compliance activities as invasive, particularly for product managers whose entire strategies can be disrupted when eleventh-hour kinks are thrown into their plans.

But it doesn't have to be that way. By being aware of current and pending regulatory issues—and setting an agenda upfront for how to respond—compliance officers at pharma companies can move from being one-person bands to orchestra conductors: Rather than playing the instruments themselves, they should ensure that all players are reading from the same sheet of music. This approach will allow compliance officers to anticipate the processes and hurdles their organizations will have to endure, rather than just responding to them.

Agenda Time

First, healthcare-law policies and procedures affect all parts of the organization. Making sure that all policies are in place and that all healthcare-law risk areas are covered can be a daunting task. Therefore, compliance officers need to collect all policies and processes across the organization and conduct a gap assessment to identify areas that are not covered, or require updating. There are typically between 12 and 15 risk areas that need to be addressed by healthcare-law policies, while the total number of policies covering all risk areas can range from 150 to 200. Policies need to be aligned and made consistent across the different areas.

Second, most companies have substantially changed their healthcare-law policies and procedures. Audits will validate whether the new policies have been adopted by the organization and whether further development and refinement of the policies are needed. In addition, companies need to document audit methodologies and findings in order to learn from past experience and reviews, and to track progress. Considering the large volume of such data, plus the need to retain information for five to 10 years, companies may choose to automate this process.

In addition to the issues addressed above, compliance officers must remain vigilant as new risks emerge. The following seven risk areas should be considered high on the agenda for the coming year:

1. Funding of CME grants
2. Payments to healthcare professionals
3. State laws
4. Clinical trials
5. Pricing
6. DTC advertising
7. International compliance

1. FUNDING OF CME GRANTS
Funding of CME programs exposes pharmaceutical companies to several potential compliance risks, including anti-kickback and off-label promotion concerns. Although addressed in OIG's 2003 "Guidance for Pharmaceutical Manufacturers," many companies still have not solidified their positions on CME-grant decision-making. Some have taken a literal interpretation of OIG guidance and have removed decision-making authority from the marketing and sales functions. Others have made different fixes to protect against conflicts of interest between their companies' promotional and educational activities. While risks are apparent, most companies have chosen to continue funding CME due to its valuable contribution toward improving healthcare.

In addition to the longstanding risks associated with CME, recent actions taken by the Senate Finance Committee show that CME remains top-of-mind with government authorities. In June, Senators Charles Grassley (R-IA) and Max Baucus (D-MT) had letters sent to major pharmaceutical companies requesting information on their policies and processes for CME-grant funding. Specifically, the senators want to ensure that CME is not "a backdoor way to funnel money to doctors and other individuals who can influence prescribing and purchasing of particular prescription medicines, including off-label prescriptions." This type of intensity of scrutiny shows that compliance officers must actively pursue appropriate policies and practices related to CME, and monitor and enforce compliance with these policies.

2. PAYMENTS TO HEALTHCARE PROFESSIONALS
Whether through speaker programs, consultant meetings, or investigator studies, pharmaceutical companies employ many healthcare professionals as contractors. These relationships are important to furthering pharmaceutical research as well as improving the knowledge base of healthcare professionals in general. Healthcare contractor relationships are governed through multiple regulations and voluntary guidelines, including the anti-kickback statute, the PhRMA Code, and others. These rules are focused on ensuring that contractor payments do not constitute inducements that could bias prescribing behavior.

In addition, the recently updated ethics manual for the American College of Physicians, the nation's largest medical-specialty society, stated that even small payments may create the appearance of impropriety and that physicians and pharmaceutical companies must take care to ensure transparency in all financial transactions. While most major pharmaceutical companies have made progress in developing consistent payment methodologies to ensure compensation at fair market value, many still struggle with implementing the policies.

Effective implementation depends on a culture change, as it will require companies to change the way they have been conducting business. The role of the compliance officer is to make sure that policies concerning payments are developed, communicated, and accepted by the business. This includes, but is not limited to, setting policies around annual and daily payment caps to physicians, developing exception processes, and educating meeting-planning companies on the new policies. As this is a high-risk area with many parts of the organization involved, auditing for adherence becomes an essential part of the successful implementation of these policies.

3. STATE LAWS
California Law SB 1765 will remain on the compliance radar in the immediate future because annual limits need to be tracked, and new policies and procedures implemented and audited. Since the effective deadline of July 1, 2005, has passed, compliance officers should turn their focus to implementing any remaining organizational changes—updating internal systems to support tracking against the limit, and developing reporting and auditing protocols to document compliance with the law. In addition, this may lead to developing stricter policies where internal systems may lack the ability to accurately track against the limit.

Prior to July 1, publications warned that advocacy groups like CALPIRG and others would be ready with various theories of litigation. In order to heed the warnings, compliance officers should consider some of the following points: Companies that have based their spend limit on the average spend on physicians may want to reconsider because physicians could be receiving more than 10 to 15 times the average spend in any given year. Simulation analysis can provide an indication of what the maximum spend per physician is.

Furthermore, companies that have set a low spend limit will need to set strict policies and procedures in order to ensure they remain in compliance. This may involve reconsideration of marketing and sales practices, such as reducing or eliminating use of premium leave-behinds in favor of informational materials, reducing or eliminating in-office meals provided by representatives, and/or reducing or eliminating speaker- and consultant-program meals. Changing policies requires the timely training of, and communication with, the sales and marketing organizations, and the auditing of actual spending to physicians to prevent companies from going over the limit.