Streamlining pharma-HCP communications with a common identity standard

Consortium led by Veeva will establish a non-proprietary identity and permission framework


It is commonplace for physicians and other prescribers to visit pharma company websites for drug information; it is also commonplace for pharma companies to connect with physicians for both promotional messages and more critical communications such as recall notices. Much of the time, healthcare providers (HCPs) set up online accounts, but as the sources of information (and the information itself) proliferate, sign-ins and accounts become a burdensome chore. The result: for many physicians, a wide-open site like Wikipedia becomes the default information source, with less-than-ideal accuracy and relevance for what physicians seek. Now, Align Biopharma, a consortium of pharma companies brought together by Veeva, the life sciences IT vendor, has been established to develop such a standard on, potentially, a global basis.

“We have over 500 websites or portals that provide medical information to HCPs across our company globally,” notes Patrick Retif, VP of IT global commercial operations at Allergan, one of the six pharma companies currently participating. (The other five companies are AstraZeneca, Biogen, GlaxoSmithKline, Novartis and Pfizer.) “Developing common log-in and authentication processes is next to impossible, if only because different national frameworks have different requirements for industry-HCP communications.”

The consortium is being led by Veeva, the life sciences IT vendor whose CRM and document-management tools are widely used in the industry. Paul Shawah, VP of commercial cloud strategy. He stresses first that the group is developing a standard, and not an identity-management software product, and second that it will be open to any pharma company willing to participate. All the same, it’s not accidental that Veeva is leading the charge in this effort; that company shook up the universe of customer master data management (MDM) with OpenData, its service for maintaining contact information of HCPs for pharma outreach, in part by offering to combine basic-level MDM databases of its clients. He adds that as the effort advances, it’s conceivable for the group to seek certification from government organizations like the National Institute for Standards and Technology (NIST).

In theory, then, an HCP will be able to use one log-in, and one authentication process, to access restricted information for HCPs across pharma companies, making that information more accessible. Another element of the standard will be for HCPs to specify what sorts of communication they’re willing to accept, what Align Pharma calls consent and communication preferences. There are a host of such types of communication, ranging from promotional messages, to details about medications, acceptance of drug samples, and conceivably such regulated communications as Risk Evaluation and Mitigation Strategies (REMS, which sometimes require a training certification of the HCP) or the Controlled Substance Ordering System (CSOS) administered by the Drug Enforcement Administration. On the flip side, pharma companies will better be able to manage their own outreach communications, such as ensuring that promotional messaging is delivered only to those HCPs for which it is authorized to communicate (a common issue in medical specialties).

A longstanding cliché in tech circles is, “We love standards—that’s why there’s so many of them!” points both to the need to standardize technology-driven processes, and the difficulty of keeping all participants going in the same direction. The field of identity management and authentication is a frothy one currently, with multiple standards and a fuzzy line between single-vendor, proprietary systems and those established by public or private consortia. Cases in point are CDISC, the Clinical Data Interchange Consortium or TransCelerate (which are mostly about standardizing how certain life sciences information is structured). More to the point, SAFE-Biopharma is a nonprofit that has established an identify-management process mostly for clinical researchers who want to share information either among themselves, or with government bodies like FDA. Additionally, private companies like Exostar, DocuSign and others have identity-management tools that are purchased by corporations to manage their communications. (Those two companies participate in the SAFE-Biopharma effort; TransCelerate is also a partner.) Ultimately, Align Biopharma’s success won’t be measured solely on the quality of its standard, but how widely it is adopted across the industry.