Aggregate Spend/Sunshine Act: Change is Inevitable….are you ready?

The Comment Period for the Physician Payments Sunshine Act closed last week.  Now everyone is waiting to see how it will play out and what will be included in the final legislation.  We, at Business & Decision Life Sciences are no exception.

In addition to the “nuts and bolts” of the changes i.e. what payments are now to be accumulated, payments made to which parties, how reporting will change, etc., I think it is relevant to consider the impact of change on the organization and the people who are required to incorporate the changes into their routines.  I think sometimes, the focus on the technical elements of change overshadows consideration of the impact of the changes on the people.  If the impact of how the change impacts the people is not considered, success of the change can be limited. 

Change experts often refer to the need to assess where the organization is in terms of readiness to make changes.  I found a great tool that assesses change readiness in the form of a brief questionnaire called The Change Readiness Audit (found in The Change Management Pocket Guide which can be purchased from the authors at http://www.changeguidesllc.com/). It can be used formally as a questionnaire completed by employees or informally as a discussion tool at the management level (don’t forget that input from employees can be very different than management’s perceptions!).

This Change Readiness Audit includes questions that cover a range of sub-areas including:

·         The Vision or Business Case for the change

·         Engagement of resources

·         Leadership involvement and commitment

·         How effective will the implementation of the change be

·         Sustainability of the change

As with many tools, this one can be tailored to fit a particular situation.  Regardless of how it is tailored, once completed, the assessment can help to pinpoint areas that need attention in preparation for the anticipated change, including, but not limited to, those related to the Sunshine Act.

Risk-Based Validation - How Are We Doing?

Yesterday, I posted a poll on LinkedIn asking the question

"How is Life Sciences industry embracing risk-based computer systems validation? Do we have the balance between risk assessment and risk mitigation right? Are we just rushing to reduce costs...?" 

People's responses are starting to come in and we're already starting to get some interesting comments on the question. If you're interesting in the poll and want to take part you can find it here (once you've answered the question you'll be able to see how everybody else has been voting).

Since I asked the question I guess it's only reasonable that I try and answer it and provide my own opinion. There is of course no single answer and even within a single Regulated Company there are different individuals and departments taking different approaches to risk-based validation. In many cases you have the business, and IT tried to reduce costs against a background of life sciences companies struggling to maintain profitability. At the other extreme you have the quality unit who are used to doing things the old-fashioned way and like to see every 'i' dotted and 't' crossed.

Hopefully, somewhere in the middle, you'll find some pragmatic validation practitioners genuinely trying to do their best to take a risk-based approach to validation and apply the appropriate resources to the highest areas of risk to patient safety, product quality and data integrity.

However, this is often thwarted by two obstacles:

1. The pragmatic practitioners in the middle are seldom the people with control of the budgets or with the power to effect real change. This often means that they'll pull from pole to pole at the behest of the business owners, the IT group and the quality unit who have different perceptions of how things should be done. In many cases these practical practitioners of the validation art are not recognised as true subject matter experts and they guidance, advice - and even wisdom - is ignored, often for the sake of point scoring and political expediency in large organisations.

2. Where practical and experienced practitioners are not available (often in small to medium sized organisations but also in organisations in emerging economies where computerised systems validation is a relatively new discipline) there is a genuine lack of understanding of how to take a practical approach to risk-based validation. in these cases and inability to invest in training and education is an obstacle to adopting risk-based validation.

I think therefore the what we will see is an industry which continues to adopt risk-based validation at a relatively slow pace. While some companies are using risk-based validation as an excuse to do less (and in some cases, too little) I think the majority of companies want to do the right thing but are hampered because of their own organisational structures or lack of experience, training and education.


From my experience as a consultant, and with my experience working with the small number of companies who are doing a good job with risk-based validation I genuinely do believe that taking a risk-based approach to validation has advantages both in terms of cost effectiveness but also in mitigating risk to patients. Regrettably, it's one of those things that most regulated companies will have to see for themselves before they believe, and they were set for themselves until they have gained the necessary experience.


As an industry I believe that we need to do a better job in publishing case studies demonstrating the effectiveness of risk-based validation, that we need to recognise the value of our internal and external subject matter expertsand he must be prepared to invest in training and education.