View
217
Download
0
Category
Tags:
Preview:
Citation preview
RULES OF THE ROAD: SUCCESSFULLY NAVIGATING THE
GUIDEPOSTS ON THE SOCIAL MEDIA HIGHWAY
KENNETH N. RASHBAUM, ESQ.
RASHBAUM ASSOCIATES, LLC
AGENDA: NAVIGATING ROAD OBSTACLES WITH SOCIAL MEDIA
GPS
REGULATORY NETWORK: FDA, FTC, CMS (HIPAA)
PRIVACY AND SECURITY LAWS (DOMESTIC AND GLOBAL)
OVERCOMING FEAR AND MISUNDERSTANDING
SOCIAL MEDIA GPS: DIALOGUE WITH COMPLIANCE AND LEGAL; INTERDISCIPLINARY DRAFTING OF PRACTICABLE POLICIES AND PROCEDURES; TRAINING AND COMPLIANCE MONITORING
SIGNS AND DIVIDING LINES
FDA PART 15 HEARINGS AND ANTICIPATE D GUIDANCE(WILL IT EVER COME?)
FTC GUIDELINES
U.S. PRIVACY LAWS: HIPAA, FEDERAL SUBSTANCE ABUSE PROTECTIONS, STATE PRIVACY LAWS
PRIVACY LAWS OUTSIDE THE U.S.: PERSONAL INFORMATION EXPORT RESTRICTIONS (EX: GOOGLE CONVICTION IN ITALY) AND PROHIBITIONS ON EMPLOYEE TECHNOLOGY USE MONITORING
HAZARD SIGNS: COMPLIANCE, RISK AND LEGAL
FEAR AND MISUNDERSTANDING:
SOCIAL MEDIA IS EVERYWHERE. THEREFORE, RISK IS EVERYWHERE!!!
WE CANNOT CONTROL IT, SO IT MUST BE STOPPED!
BUSINESS UNITS MAY HAVE SOMETHING TO SAY AOBUT THAT, THOUGH
HOW BRIDGE THE GAP TO CREATE ALLIES?
OLD PARADIGM: FEAR
“BEWARE OF HEALTH BOOKS. YOU MAY DIE OF A MISPRINT.” MARK TWAIN
“THE FUTURE IS JUST ONE DAMN THING AFTER ANOTHER.” WALTER O’MALLEY
“WE ARE DIFFERENT, SO HIGHLY REGULATED WE JUST CAN’T ENGAGE IN SOCIAL MEDIA.” ANONYMOUS PHARMACEUTICAL EXECUTIVE
NEW PARADIGM: RESPONSIBLY EMBRACING THE MEDIUM
“PRECISELY BECAUSE OF THE ‘SPECIAL DIFFERENCE’ (AND) THE (INDUSTRY’S) RESPONSIBILITY OF ADVANCING THE PUBLIC HEALTH AGENDA, THESE COMPANIES MUST ENGAGE ACTIVELY AND CREATIVELY IN SOCIAL MEDIA.” PETER J. PITTS, DIRECTOR, GLOBAL HEALTH, PORTER NOVELLI
UNDERSTANDING THROUGH DIALOGUE
WORKING KNOWLEDGE OF THE REGULATORY AND LEGAL FRAMEWORK FACILITATES THE CONVERSATION
ROAD SIGNS NEED NOT BE ROAD BLOCKS
DISCUSS HOW TO INCORPORATE GUIDEPOSTS INTO MORE EFFECTIVE POLICIES AND PROCEDURES FOR SOCIAL MEDIA UTILIZATION
FDA PART 15 HEARINGS
FIVE QUESTIONS CONSIDERED:
1. ACCOUNTABILITY FOR ONLINE COMMUNICATIONS?
2. HOW CAN THESE COMPANIES FULFILL REGULATORY REQUIREMENTS (FAIR BALANCE, POST-MARKETING SUBMISSIONS, SAFETY, ETC.) IN SPACE-LIMITING MEDIA?
3. WHAT PARAMETERS SHOULD APPLY TO POSTING OF CORRECTIVE INFORMATION?
FDA PART 15 HEARINGS
4. WHEN IS THE USE OF LINKS APPROPRIATE (I.E., HOW MANY PEOPLE CLICK ON THE LINKS, WHICH MAY CONTAIN HIGHLY PERTINENT INFORMATION?
EX: SAFETY INFORMATION, SIDE EFFECTS. ATTORNEYS AND ACCOUNTANTS FACE SIMILAR ISSUES IN THEIR DISCLAIMER REQUIREMENTS
FDA PART 15 HEARINGS
5. QUESTIONS ON INTERNET AS A VEHICLE FOR ADVERSE EVENT REPORTING
MONITORING SITES CAN UNEARTH ADVERSE EVENTS, TRIGGERING REPORTING OBLIGATIONS. CAN/SHOULD COMPANIES REFRAIN FROM MONITORING FOR FEAR OF FINDING ADVERSE EVENTS?
HOW SIGNIFICANT IS THIS ISSUE: TO WHAT EXTENT WOULD PATIENTS “REPORT” ON SOCIAL MEDIA SITES?
IDENTIFIABLE PATIENT AND REPORTER REQUIRED. WHAT OF ANONYMOUS OR PSEUDONYM POSTINGS?
FDA PART 15 HEARINGS: MANY PRESENTATIONS, LITTLE
INSIGHT
AE, SPACE-LIMITING MEDIA, MECHANISMS FOR CORRECTION OF INFORMATION DISCUSSED BUT NO REAL INDICATION OF WHAT, HOW OR WHEN FDA WILL ISSUE GUIDANCE
FDA LIMITATIONS: STATUTORY AUTHORITY LIMITED PURSUANT TO FOOD, DRUG AND COSMETIC ACT (FTC MAY HAVE GREATER JURISDICTION); FIRST AMENDMENT ISSUES
FTC GUIDELINES
FEDERAL JURISDICTION OVER “ADVERTISING”
LIABILITY FOR FALSE STATEMENTS ABOUT PRODUCT
GUIDELINES REQUIRE DISCLOSURE OF AFFILIATION, I.E., EMPLOYMENT OR OTHER RELATIONSHIP WITH COMPANY
FTC GUIDELINES
TWITTER AND OTHER SPACE-LIMITING MEDIA AND DISCLOSURES:
“IF YOU CAN’T MAKE THE DISCLOSURES YOU CAN’T MAKE THE AD.” RICHARD CLELAND, ASSOCIATE DIRECTOR, ADVERTISING DIVISION
ARE LINKS SUFFICIENT? WITH WHAT INCIDENCE dO PEOPLE CLICK LINKS? (ATTORNEYS AND ACCOUNTANTS FACE SIMILAR ISSUES WITH THEIR REQUIRED DISCLAIMERS)
HIPAA AND HITECH
FEDERAL PRIVACY “FLOOR:” STATES CAN ENACT STRICTER PRIVACY PROTECTIONS (I.E., MASSACHUSETTS; CALIFORNIA; NEW YORK ON HIV/AIDS AND REPRODUCTIVE HEALTH)
INFORMATION IDENTIFIABLE TO A PATIENT BY ONE OR MORE OF 18 IDENTIFIERS CANNOT BE DISCLOSED WITHOUT PATIENT CONSENT
HIPAA PENALTIES AND ENFORCEMENT SIGNIFICANTLY INCREASED UNDER HITECH (PART OF ARRA “STIMULUS”)
NOT ALL PHARMACEUTICALS ARE COVERED BY HIPAA
HIPAA AND HITECH
CONSTRAINTS ON “MARKETING ACTIVITIES” IN HIPAA ENHANCED UNDER HITECH: NO REMUNERATION FOR PHI WITHOUT EXECUTED AUTHORIZATION
CONSIDER PRIVACY AWARENESS OF WORK FORCE MEMBERS WHO USE SOCIAL MEDIA
ADDITIONAL REQUIREMENTS: PORTABLE MEDIA SAFEGUARDS; ACCESS CONTROLS TO MEDIA WITH PHI; ENCRYPTION OF PHI AT REST AND IN TRANSMISSION
PENDING LEGISLATION: BOUCHER(D)-STEARNS (R) BILL
EXTENSIVE PRIVACY COVERAGE:
PRIVACY NOTICE AND OPPORTUNITY TO OPT-OUT OF COLLECTION OR USE OF COVERED INFORMATION
MUST OBTAIN OPT-IN BEFORE SHARING COVERED INFORMATION WITH UNAFFILIATED PARTIES
PREPARE AND IMPLEMENT PHYSICAL, ADMINISTRATIVE AND TECHNICAL SAFEGUARDS ON COVERED INFORMATION
ENFORCEMENT AUTHORITY GIVEN TO FTC
PRIVACY MINEFIELD FOR MULTINATIONALS
EUROPEAN UNION PRIVACY DIRECTIVES AND ENABLING LEGISLATION: “PERSONAL INFORMATION” CANNOT BE TRANSMITTED BEYOND EEA WITHOUT DATA SUBJECT’S CONSENT
“PERSONAL INFORMATION” IS BROADLY DEFINED
EASY TO GET CAUGHT IN PRIVACY ENFORCEMENT NET:
RECENT CONVICTION OF GOOGLE FOR YOU TUBE VIDEO UPLOADED FROM ITALY
MULTINATIONAL PRIVACY MINEFIELD
IN MANY COUNTRIES, SUCH AS GERMANY, EMPLOYEE CONSENT IS CONSIDERED INVOLUNTARY
MOST MONITORING OF EMPLOYEE TECHNOLOGY USE IS A CRIMINAL OFFENSE IN CERTAIN EUROPEAN UNION MEMBER STATES
MONITORING SOCIAL MEDIA POLICY COMPLIANCE BECOMES VERY DIFFICULT
SOLUTION: EFFECTIVE, PRACTICABLE SOCIAL MEDIA POLICIES AND PROCEDURES AND TRAINING
ACQUIRING SOCIAL MEDIA GPS
GAP ANALYSIS OF EXISTING POLICIES AND PROCEDURES
INTERDISCIPLINARY WORK GROUP TO REVISE PROTOCOLS OR PREPARE NEW ONES
FACILITATED INTERNALLY OR BY OUTSIDE COUNSEL OR CONSULTANTS
MAKE THE BUSINESS CASE FOR SOCIAL MEDIA
BRING IN: BUSINESS OWNERS, RISK, COMPLIANCE/PRIVACY, LEGAL, IT
SOCIAL MEDIA GPS: POLICIES AND PROCEDURES
INCLUDE PROCEDURES REQUIRED BY REGULATIONS
FTC: IDENTIFY YOUR AFFILIATION
HIPAA: NO DISCLOSURES OF INFORMATION LEADING TO IDENTIFICATION OF PATIENTS; PHI SAFEGUARDS
APPENDICES FOR STATE RULES AND/OR FOREIGN PROVISIONS
ANTICIPATE TRENDS AND REGULATORY CHANGES (SUCH AS POTENTIAL FDA GUIDANCE AND HIPAA GUIDANCE DOCUMENTS FROM CMS)
POLICIES AND PROCEDURES
SHORT, PLAIN ENGLISH AND INCORPORATE GRC PRINCIPLES (GOVERNANCE, RISK AND COMPLIANCE)
MOST POLICIES INCORPORATE PROCEDURES, AND RARELY EXCEED FIVE PAGES
REFER TO CONTINUING OBLIGATION TO COMPLY WITH EXISTING INFORMATION POLICIES AND PROCEDURES (SUCH AS PROTECTING CONFIDENTIALITY)
CONSIDER INCLUSION OF STATEMENT OF ETHICS ( I.E., CORRECTION POLICY, ACCURATE AND FACTUAL POSTINGS, MAINTAINING COMPANY CREDIBILITY)
POLICIES AND PROCEDURES
TECHNOLOGY CHANGING QUICKLY; LAW AND REGULATORY AGENCIES ARE RUNNING TO CATCH UP
REVISIT POLICIES OFTEN AND UPDATE AS NEEDED
PROVIDE FOR FLEXIBILITY IN THE POLICIES: CONTENT, ACCESS (WHO CAN CONTRIBUTE), MEDIA CHOICES, NON-COMPANY MEDIA USAGE, ETC.
TRAINING
THREE MODES: CLASSROOM, ON-LINE, COMBINATION
SCALABLE BY JOB TITLE AND FUNCTION
ALL DISCIPLINES INVOLVED MUST ATTEND
DOCUMENT the TRAINING: NECESSARY IF PROBLEMS ARISE LATER, TO SHOW REASONABLE STEPS IN COMPLIANCE
DEPLOY REMINDER POP-UPS PERIODICALLY, AND HOLD REMINDER SESSIONS
COMPLIANCE MONITORING
REVIEW CORPORATE POLICY ON MONITORING OF INTERNET USAGE
PERIODIC COMPLIANCE AUDITS
OBTAIN COUNSEL ON FEDERAL AND STATE LAWS
OUTSIDE U.S., OBTAIN LOCAL COUNSEL; CONSIDER AUDITS BY INTERVIEW
CONCLUSION: ARRIVE SAFELY
INCLUSIVENESS AND FLEXIBILITY
DIALOGUE
INTERDISCIPLINARY PROTOCOL DRAFTING
DRAFT TO THE USE NOT THE TECHNOLOGY
TRAIN
MONITOR COMPLIANCE
QUESTIONS?
KENNETH N. RASHBAUM, ESQ.
RASHBAUM ASSOCIATES, LLC, 212-421-2823
KRASHBAUM@RASHBAUMASSOCIATES.COM
WWW.RASHBAUMASSOCIATES.COM
Recommended