CIOReview
Sign In

Subscribe to our Weekly Newsletter to get latest updates to your inbox
| | NOVEMBER - 20219CIOReviewthe world. So, regardless of whether the activity involves the French business team hiring a physician in France, the Japanese business team conducting an advisory board in Japan, or the US business team sponsoring medical education in the US, all requests for approval are submitted using the exact same online compliance approval system, which we've called the Amicus Compliance Engine (ACE). ACE is powered by an out-of-the-box, yet highly configurable, compliance automation software provided by Lextegrity, a leading software firm started by former in-house life sciences compliance and audit professionals. When new submissions are entered into ACE by the business,Amicus compliance officers receive immediate email notifications and can log-on at any time to review those submissions. But the great advantage of this system is that it serves as a single point of control and documentation for the vast majority of global activities requiring compliance approval.Regardless of geographic location, the business must upload into ACE all information regarding the activity and complete the relevant ACE approval form, which means all information related to the submission gets documented in ACE. Likewise, all information related to approval also gets documented in ACE, including compliance officer activities like follow-up questions to submitters, due diligence, and final approval.But compliance approval systems with an open architecture that are highly customizable are even more valuable. In pharmaceuticals, the corporate compliance function typically oversees the activities of the commercial, medical, patient advocacy, and clinical departments. As such, many compliance approval systems focus on controls related to those departments. However, compliance departments are evolving and at many companies are tasked with responsibilities that extend beyond the traditional areas of oversight. For example, a compliance department may be responsible for managing employee-reported conflicts of interest, for conducting due diligence on third parties, for reviewing patient-related activities, and/or for driving the company's privacy program, including the review of privacy impact assessments under the GDPR. So, the more a compliance approval system can be customized to cover allareas, both traditional and non-traditional, the more valuable it will beas a single point of control and documentation.Yet most valuable of all are compliance approval systems that also allow for real-time integration and key data transfer to other systems. For example, at Amicus, ACE is connected to our contract management system.So, once data related to an activity is entered by the business into ACE,the business doesn't need to re-enter that same information into the contract management system in order to get a contract. Rather, after the activity has been approved in ACE, the data related to that activity is automatically transferred to the contract management system, and out pops a contract, leading to a happy business partner. Not only is this process efficient and user-friendly for the business, but it also serves as an additional compliance control, because the only way for the business to get a contract is to submit the activity in ACE and have it approved by the compliance department.In sum, technology-based compliance approval systems offer not only a single point of global control and documentation, which is key from a compliance program perspective, but also permit an efficient and user-friendly experience for the business. A true win-win for all. Compliance approval systems with an open architecture that are highly customizable are even more valuablePatrik Florencio
< Page 8 | Page 10 >