By Jennifer M. Thomas –
Last week, FDA rolled out a new online reporting program, titled “Reporting Allegations of Regulatory Misconduct,” with little fanfare. No blog post in FDA Voice, no press conference, and even the (longwinded) name of the program seems calculated to send the message “nothing to see here, folks.” Which, of course, made us take a closer look.
- What is it?
An online tool for reporting allegations of regulatory misconduct against medical device companies. Allegations may be submitted using a simple form, which provides anonymity for the submitter if he or she chooses, or by email or regular mail. According to the program’s homepage, FDA envisions that the types of allegations will include (1) off-label marketing, (2) marketing without the requisite approval/clearance, (3) QSR violations, (4) falsifying records, (5) failure to register and list, (6) failure to submit required reports, or (7) knowingly deceiving FDA. Although the program appears similar in some ways to CDER’s “Bad Ad” Program, the scope is much broader.
- Is it really “new”?
Not according to FDA. Consistent with the circumstances of its launch, the homepage for FDA’s new reporting tool practically begs readers to view it as a non-event. The homepage indicates that FDA has received these types of reports in the past, and that the online tool is simply a new way of receiving the same information. That said, to our knowledge there has never before been a formal mechanism to capture and track allegations like these.
- How will FDA use the reports?
This remains to be seen. The homepage mentions only administrative actions in response to allegations submitted through the program, with a Warning Letter or recall request being the harshest administrative measures described (others include conducting inspections, contacting the company for further information, or simply “monitoring the allegation”). Nowhere is there mention of possible referral to the Office of Chief Counsel or Office of Criminal Investigations for review of more egregious alleged misconduct, although several of the categories of misconduct FDA cites as examples are of a kind often referred to the Department of Justice for civil or criminal action. The homepage states that “FDA will not share [the submitter’s] identity or contact information with anyone outside the FDA” unless required by law, but makes no such promise with regard to information obtained from the submitter. Therefore, presumably, FDA is free to share information gleaned through the online reports with other government agencies.
- Will these reports actually be useful to FDA?
We are trying to see the bright side for FDA, but on balance we think the answer to this question is “no.”
The most likely candidates to use the easy, anonymous, online tool are competitors. This may be an attractive alternative to a trade complaint, with the added benefit that FDA is obligated to follow-up on the allegations. Some companies may simply seek to disrupt a competitor’s business by initiating an FDA investigation. The overall quality and reliability of information FDA receives from competitors probably will be low.
While it is possible that employee whistleblowers will also use this tool, those with significant and well-documented allegations have the potentially much more lucrative option of reporting regulatory misconduct though a qui tam False Claims Act suit. Reporting through this new tool in advance of filing such a suit could have implications for the whistleblower’s ability to recover as a qui tam relator.
It also is highly unlikely that FDA will be able to handle the number of reports that come in through the online reporting tool. As with medical device adverse event reports, the Agency will be forced to prioritize a very few reports, only to then be taken to task for failing to identify or act on serious violations reported to the Agency. See, e.g., GAO Letter Report, Medical Device Reporting: Improvements Needed in FDA’s System for Monitoring Problems with Approved Devices, GAO/HEHS-97-21 (Jan. 29, 1997) (here); GAO Highlights, Shortcomings in FDA’s Premarket Review, Postmarket Surveillance, and Inspections of Device Manufacturing Establishments, GAO-09-370T (June 18, 2009) (here).
- If this type of report isn’t really new, why does the new online reporting tool matter to industry?
Despite its unassuming appearance, in our view the new reporting tool could present significant additional risks to industry.
First of all, allegations of regulatory misconduct, even if baseless, can disrupt a business as the Agency takes steps to investigate those allegations by conducting inspections, demanding a response from the company, etc. Whereas previously CDRH was under no affirmative obligation to respond to a complainant who, for example, submitted an unreliable or inadequately documented complaint to the Agency, CDRH now has committed to “follow-up communication” and a tracking system. This will allow submitters to demand a response, and will likely necessitate more, and more burdensome, investigative steps by CDRH.
Furthermore, these reports of allegations will be consolidated in a single repository, ripe for requests from the public or other government agencies. Although the reporting tool’s homepage states that records will not be released pursuant to FOIA until an investigation is complete, other government agencies – State Attorneys General, and U.S. Attorneys’ Offices, for example – may request pertinent documents from FDA even during the pendency of an investigation. Relators’ counsel in qui tam cases may also request to see records of an ongoing investigation.
Finally, the fact that allegations are not made public until after an investigation is closed does not necessarily protect companies from bad press tied to baseless accusations. For instance, FDA may close an investigation upon concluding that the allegation does not warrant expenditure of CDRH resources, but without reaching an actual conclusion. The reported allegation would then potentially be subject to disclosure under FOIA, and the company forced to defend itself against that allegation in the court of public opinion.
- What can companies do about it?
There is no guaranteed way to avoid becoming the subject of an allegation of regulatory misconduct, whether submitted through this new online tool or otherwise. That said, device companies can significantly reduce their risk by having in place a system for internal reporting and a mechanism for fully and efficiently addressing internal reports submitted by employees. Companies should also be sure to respond quickly and completely to any request by CDRH for a response to allegations submitted through the new portal.
- What do we call it?
Well, we certainly can’t call it “Reporting Allegations of Regulatory Misconduct” – too unwieldy. We welcome your suggestions, but in the meantime – riffing on CDER’s “Bad Ads” – we will be calling it CDRH’s “Bad Acts” Program.