Preparing for ISO IDMP — Not as Black as It’s Painted (When You Know How to Do It)
For pharma and biotech companies, the quality of data has always been crucial not only in terms of the security of their operations, but above all for the safety of health and life of patients. To increase both the transparency and security of data processing and exchange, the European Medicines Agency has been implementing ISO standards for the identification of medicinal products. For the entire industry, this means obligation to adapt new standards and the very first step in the process is to verify the quality of data in all internal IT systems.
The pharmaceutical industry is one of the most controlled in terms of legal regulations and procedures. The latest global and European Union regulations further reinforce this trend. The reason is obvious. When it comes to our health, standardization and consistency are crucial.
One of the key issues is the transparency and consistency of data used by all market players in the industry, including regulators, manufacturers, suppliers, and distributors. Under current regulations, individual pharmaceutical companies use different nomenclatures and various ways of recording medicinal products, doses, administration routes or measurement units. On the other hand, there is a strong demand for standardization to ensure that information on the ingredients of a medicine, for example, is understood and provided in the same way, regardless of manufacturers, distributors, their locations, languages or brands. And that’s where ISO IDMP comes in.
Identification of Medicinal Products (IDMP) is a set of five ISO norms developed in response to world-wide demand for internationally harmonized specifications for medical products. The five standards provide data elements and structures to uniquely identify and exchange information on (Figure 1):
- substances (active and inactive, along with all their characteristics such as manufacturing information, purity, isotope, etc.) — ISO 11238,
- pharmaceutical dose forms (e.g. cutaneous patch, ear spray or eye drops), units of presentation (e.g. ampule, drop or puff), routes of administration (e.g. oral, nasal, cutaneous), and packaging (e.g. blister, box or prefilled syringe) — ISO 11239,
- units of measurement (it specifies rules for the usage of units of measurement, establishes reference code system for units and provides structures and rules for mapping between different unit vocabularies and language translations) — ISO 11240,
- regulated pharmaceutical product information (this allows the unique identification of a pharmaceutical product in its generic form consisting of its parts; it brings together all the information that makes up a pharmaceutical product — parts and interrelations — without regulatory information, i.e. medicinal product name or marketing authorisation type) — ISO 11616,
- regulated medicinal product information (such as medicinal product name, marketing authorisation number, date of product renewal) — ISO 11615.
Figure 1 — Scope of the ISO IDMP standards.
ISO IDMP standards establish definitions and concepts describing data elements and their structural relationships that support the full description of any medicinal product worldwide in a structured and unique manner. That way — once the standards are fully implemented globally — all medicinal products will be described in the same way using identical controlled vocabularies by all stakeholders in the industry.
Specifically, these norms cover the following aspects to describe a medicinal product for human use:
- medicinal product name,
- ingredient substances,
- pharmaceutical product (route of administration, strength),
- marketing authorisation,
- clinical particulars,
It must be pointed out that ISO IDMP is not just about the drug registration process. The standards covers the entire medicinal product lifecycle from the laboratory onwards, including products in development, investigational products, products under evaluation and authorised products.
In general, the main objective of this standardization is to improve the safety of patients taking medication worldwide, although the European Union is the first major region to fully adopt the standards. Here, the process of implementing ISO IDMP is carried out by the European Medicines Agency (EMA) in cooperation with national competent authorities in all member states of the European Economic Area.
“So far, when a life sciences company wanted to register a new drug, e.g. nose drops, it created a name for the product, prepared appropriate documentation, and applied to the regulator for marketing authorisation” — explains Mr. Krzysztof Wiśniewski, pharmaceutical industry expert at Striped Giraffe. “After the ISO IDMP implementation, the name of the drug with all its components, such as percentages, milligrams, and so on, must be divided into numerous standardized fields. At the moment, IDMP defines about 300 characteristics of a medicinal product, so the information on a given drug must be precisely divided and placed into appropriate fields. Only applications formatted this way will be allowed to be registered in EMA.”
The European Medicines Agency (EMA) has been implementing IDMP standards in a phased program based on the four domains of master data used in pharmaceutical regulatory processes. It is called SPOR master data and includes:
- Substances — harmonised data and definitions to uniquely identify the ingredients and materials that constitute medicinal product,
- Products — harmonised data and definitions to uniquely identify medicinal product based on regulated information (e.g. marketing authorisation, packaging and medicinal information),
- Organizations — data that comprises of organization name and location address data for organizations such as marketing authorisation holders, sponsors, regulatory authorities, manufacturers,
- Referentials — lists of terms (controlled vocabularies) used to describe attributes of products, e.g. lists of dosage forms, units of measurement, routes of administration.
To facilitate the entire task, EMA decided to deliver publicly available services that would centralize the management of pharmaceutical and regulatory data. Thus, four projects have been established to develop and implement management services for each of the domains of SPOR master data. They are collectively known as SPOR data services and include (Figure 2):
- Substance Management Services (SMS),
- Product Management Services (PMS),
- Organizations Management Services (OMS),
- Referentials Management Services (RMS).
Figure 2 — Four EMA SPOR data management services.
With SPOR services, EMA will fully adopt all IDMP data standards through a sequenced approach. Currently, two out of four services are implemented by the Agency — the Organizations Management Services (OMS) and Referentials Management Services (RMS). They both enable organization and referential data to be entered once and reused many times in other business processes and related regulatory procedures. Furthermore, their successful implementation has laid the foundations for the subsequent delivery of PMS and SMS.
After all SPOR data services are launched and IDMP standards are fully implemented, all pharmaceutical companies will be required to submit data on medicines to EMA strictly in accordance with the formats and terminologies provided by SPOR master data repositories.
Benefits of SPOR services
Potential gains of adopting IDMP standards can be significant. According to EMA, implementing SPOR data management services will offer a number of key benefits for the regulation of medicines, including the following:
- increased data quality and simplification of data management practices since data will be reviewed, assessed and approved as part of the new data operating model;
- more efficient regulatory action and decision-making, thanks to improved data integrity and reliability;
- regulatory requirements can be met more effectively by reducing data silos and improving interoperability across EU systems;
- operational savings and efficiencies can be achieved, as pharmaceutical companies need to supply regulatory data only once which will be re-used across different procedures and regulators.
These operational benefits should have a positive impact on public health and safety in many ways. Firstly, pharmaceutical companies will be able to react faster in case of authority requests. Secondly, patient safety will be increased due to better medicinal products traceability. And finally, the quality of services delivered by Health Service Providers will be improved.
When fully implemented, ISO IDMP should simplify the information exchange and sharing between all stakeholders in the industry, including national and European authorities, clinical trial sponsors and marketing authorisation holders. In addition, the adoption of these standards will enable a consistent basis for data reuse by all market players.
“The industry will fully realize the benefits of SPOR data and standardization only after all phases of SPOR are delivered and data is used in various business processes within the enterprise” — says Mr. Wiśniewski.
IDMP implementation challenges
One of the main challenges in meeting IDMP requirements is that within a single pharma company, data can be stored in numerous information technology systems managed by various departments and teams responsible for different domains such as research, clinical trials, safety, regulatory affairs, supplies or manufacturing.
“Thus, companies must first identify where the data relating to IDMP is generated and stored within their organizations, and then determine the best strategy and tools for its aggregation” — Mr. Wiśniewski says. “To collect and combine all the necessary data from various and often disconnected sources, a company needs to develop consistent interfaces that utilizes the same vocabularies and data definitions.”
The next step is to address quality issues. “My practical experience shows that data quality varies from system to system” — claims Krzysztof Wiśniewski who has been coordinating several data quality projects developed by Striped Giraffe for pharma companies. “When different sources of information are involved, there are always data quality issues such as inconsistency, duplications or inaccuracy.” These should be addressed with a comprehensive data quality project that provides a specified process and tools for improving the condition of data.
In a nutshell, to cleanse the data, a company must implement the solution for identifying errors and inconsistencies using sets of predefined data quality rules and the appropriate logic that allows to run data quality checks.
If the data quality project is aimed at preparing company data sources to be fully compliant with ISO IDMP, all records must be cleansed and standardized according to the IDMP target data model. “What’s more, many specific data fields must comply with relevant terms from a controlled vocabulary delivered by SPOR RMS” — adds Mr Wiśniewski.
Referentials Management Services (RMS) provide all the necessary lists of terms — called controlled vocabularies — that industry stakeholders is obliged to use and comply with. Every European pharmaceutical company must retrieve these lists via the SPOR API, and then compare them with the corresponding information in their IT systems. Mr. Wiśniewski explains that “once the differences are found, the data in the company sources should be adjusted accordingly.”
Some of controlled vocabularies are updated on a frequent basis. So, another significant challenge is to ensure that source data is validated and standardized toward the current version of a controlled vocabulary. Therefore, all controlled vocabularies must be managed and governed whenever they are modified or updated.
The above mentioned are only a few of the challenges that the European pharmaceutical industry has to face to comply with ISO IDMP requirements. “While small companies with few products to market in Europe may adopt a manual approach to compliance, for those who hold marketing authorizations for a medium to large number of medicinal products, this is a formidable challenge in organizational and technological terms. The more sophisticated, the bigger and more international the company is” — Mr. Wiśniewski explains. “Therefore, it is crucial for giant corporations to choose a competent IT service provider who already has proven experience in designing, developing and implementing IDMP-related solutions. When having such a partner, the devil is not as black as it is painted,” he adds.
On the way to full IDMP compliance
When done properly by a team of experienced experts, an IDMP project can be completed relatively smoothly and quickly without enormous effort and expense. An example of such a successful project is the Data Quality Management System for IDMP developed and implemented by a team of industry experts from Striped Giraffe for one of our European clients.
The customer is a leading science and technology company that operates across healthcare, life science and performance materials. The company employs around 52 000 staff members and maintains its presence in 66 countries.
“For our customer, being a leader in the pharmaceutical industry means also staying ahead of the competitors when it comes to adapting to the latest legal requirements and standards both globally and in the European market” — says Mr.Wiśniewski.
Following this approach, the company is now one of the few pharmaceutical organizations to keep up with the European Medicines Agency in terms of timely implementation of ISO IDMP standards. In this respect, the company has been assisted and supported by an experienced partner — Striped Giraffe.
Figure 3 — Scheme of operation of the Data Quality Management System for IDMP (implemented by Striped Giraffe for one of the customers).
In our customer company, the data and information related to compliance and regulatory affairs are stored in numerous different systems — the two most important of them are the Regulatory Information Management System (RIMS) and Entity Management and Participation History Information System. The latter is a central repository for the following data:
- legal entities and participations of the whole group,
- group financial master data,
- regulatory data,
- reporting master data and hierarchies.
For the purposes of this article, this system will be called the customer’s Central Repository.
“Firstly, we developed all the necessary interfaces to retrieve data on organizations and referentials from relevant services provided by EMA, as well as from our customer’s internal systems” — explains Mr. Wiśniewski. “Secondly, we delivered the data quality solution that, to put it simply, compares information extracted from RIMS and Central Repository against SPOR master data, and additionally performs data quality checks involving all the data from the sources mentioned.”
The solution automatically checks if there is new or updated data in EMA SPOR services. If so, the system retrieves it immediately and again initiates the data comparison process. That way, any of the company employees doesn’t have to manually check whether there are any changes within EMA SPOR repositories that should be implemented in internal data sources.
If any discrepancies are detected as a result of the data verification process, the relevant records are automatically consolidated. For example, if there are three separate instances of the same supplier, each of them with a different postal address, they will be joined and corrected automatically. If the system is unable to improve the data itself for some reason, a manual (human) task is prepared. It means that an authorised user receives a relevant notification and is asked to review the troublesome data to decide how to correct it.
Figure 4 — Data Quality Management System for IDMP — solution architecture.
There are some other interesting features of the new solution that are worth mentioning. “One of them is a possibility to define data quality exceptions” — says Mr. Wiśniewski. “Manual exception management is done by defining Human Tasks that allow data analysts to review, correct or approve exceptions in the middle of an automated process.”
“Speaking of automation, all self-executed processes are designed as workflows that can be easily created or changed using a nice graphical interface with drag-and-drop features” — Mr. Wiśniewski continues. “And finally, the solution supports KPIs analysis and the preparation of summaries for reporting purposes.”
Figure 5 — Data Quality Management System for IDMP — matching algorithms.
IDMP data quality management process in a nutshell (Figure 5):
- All relevant organization data is extracted from RIMS.
- A cross-reference table is created, where all organization data from RIMS and the matched organization data from Central Repository and OMS is stored. In addition, the table contains a match status as well as a data quality status and related status dates.
- Join between RIMS and the cross-reference table is used to identify which organizations from RIMS are already present in the cross-reference table and which are new, as well as to compare the organization information from RIMS against the cross-reference table to identify data modifications.
- All valid customer’s organizations are extracted from Central Repository.
- To be able to match RIMS with Central Repository and OMS, the organization data is transformed and standardized.
- If a RIMS organization is not yet present in the cross-reference table, the system is processing data with the organization matched with Central Repository.
- To identify changes in RIMS and/or Central Repository, compared to the previous run of the process, a comparison of all address details is performed.
- If differences are found, a re-matching of the organizations is performed.
- If no differences are found, the data quality checks are performed.
- Specified organization data fields are compared between RIMS and Central Repository, including organization names, city, postal code, address string, and ID.
- The business user can review or postpone match exceptions.
Data Quality Tools
To develop the solution for our pharma customer, several Informatica tools were used, i.e. Informatica Power Center (that’s responsible for retrieving data from EMA SPOR services), Informatica Data Quality, Informatica Developer Tool, and Informatica Analyst.
An example of mapping that has 2 exception transformations responsible for preparing data for Human Tasks.
“In projects aimed at implementing IDMP standards, selecting the appropriate tools is certainly an important factor, but the most crucial is the knowledge and experience in developing such solutions, regardless of the technology owned or planned to acquire” — claims Mr. Wiśniewski. “At Striped Giraffe we can ensure the success of your IDMP project using any software, be it Informatica, Microsoft or any other.”
A sample workflow containing 2 steps with Human Tasks responsible for creating assignments for business users.