• Manoj Swaminathan

Understanding Safety Data Exchange Agreements


It is not feasible for pharmaceutical companies to have subsidiaries, affiliates, vendors, or even employees in every country they operate or hold licenses. One that it may not be cost-effective, or the local requirements (regulations/ business policies) may make it difficult to manage them. At times, it may be necessary to have business arrangements even in the countries where the company has established operations.


All these situations may necessitate the need for legal contract or agreements between the entities, specifying the Pharmacovigilance obligations. At the end of the day, the marketing authorization holder is accountable/ responsible for fulfilling all the Pharmacovigilance obligations.


Safety Data Exchange Agreements (SDEA) are legal contracts meant for ensuring prompt exchange of safety data with the business partner, that will ensure fulfilment of legal obligations by the marketing authorization holder (MAH).



GVP Module VI states the following:

“Where the marketing authorisation holder has set up contractual arrangements with a person or an organisation, explicit procedures and detailed agreements should exist between the marketing authorisation holder and the person/organisation to ensure that the marketing authorisation holder can comply with the submission of valid ICSRs within the appropriate time frames. These procedures should, in particular, specify the processes for the exchange of safety information, including the timelines and responsibilities for the regulatory submission of valid ICSRs. “

An SDEA may be executed between a MAH and:

  • Service Provider

  • Affiliate/ Subsidiary, or even across business functions

  • Batch Release Site

  • Distributor

  • Exploitant (France)

  • Local QPPV

  • Co-Licensor

  • Innovator/RLD Owner (common in Para IV applications in the US)

  • M&A Partner (acquirer or acquiree)

In rare situations, the MAH may act as a distributor and commercialize a product that pertains to its partner, which is now the MAH.


Day Zero

The Day Zero for MAH is strictly when the business partner receives information about the four minimum criteria pertaining to a case report.


Constituents of an SDEA

  • Timelines and mechanism for Exchanging safety data

  • Products and Territory

  • Language (and/or translation)

  • Responsibility matrix, including Case handling, follow-up,Medical information, Signal Management, Safety Database ownership, Inspections, local QPPV, local literature search, Aggregate Reports, and coordination with a local regulatory agency

  • Safety-related recalls (global)

  • Reconciliation processes

  • Data Privacy & BCP

  • Validity and Revision timelines

  • Termination


SDEA and PSMF

A strong correlation exists between the SDEA and the Pharmacovigilance System Master File. One needs to ensure that the following aspects are adequately covered in the PSMF.

  • Sources of Safety Data

  • Local Responsible Person for Pharmacovigilance

  • Risk Assessment and Audits


Governance Measures

The MAH needs to have adequate governance measures to periodically assess that the business partner is honouring the terms and clauses mentioned in the SDEA.

This may be undertaken by means of:


  • Risk Assessments, or

  • Audits

  • Meetings

  • Teleconferences, etc

Some companies even consider pre-qualification audits, or risk assessments before awarding the contract to the business partner. On-site audits may be difficult in cases of political unrest, or other calamities. In such cases, remote audits can be evaluated.


An SDEA may be executed between two or more parties.

  • Bipartite SDEA: This is the commonest arrangement, where an SDEA is executed between two partners.

  • Tripartite SDEA: When there are three parties involved in a business arrangement. E.g., When a company (MAH) wants to outsource pharmacovigilance operations in France, and there is an Exploitant involved. A tripartite agreement may even be required when a distributor is incapable of fulfilling Pharmacovigilance obligations, where a local service provider may need to get involved.

  • Quadrapartite SDEA: This is a rare scenario where four parties are involved in executing an SDEA. E.g., when there is a MAH, distributor, service provider and a local QPPV.

Role of the Legal Department

The legal department should necessarily be involved in

  • Drafting the template. The concept of 'one standard template' is hypothetical in the real sense, as there is no 'one size fits all' concept, and every business partner would suggest some changes before the agreement gets finalized.

  • Review of SDEA (especially when it is the partner's template or there are amendments suggested by the partner)

Who can Sign-off the SDEA?

The Pharmacovigilance head/ designee can sign off an SDEA only if he/she has been authorized by means of a board resolution. If not, then the execution can be performed by any other authorized designee. In such cases, the designee may exercise caution and get the agreement vetted by the legal, before sign off.



Inspection Purview

A contractual agreement is one of the important aspects, that is evaluated during a Pharmacovigilance inspection. The inspectors are interested in understanding the following aspects:

1. Do Agreements exist?

2. Are these valid?

3. Are all relevant points (and products) included?

4. Are contact details current?

5. Are governance procedures adequate?

6. Are Reconciliation Processes well defined and implemented?


For more information, please refer the following link.


Challenging Scenarios

Not infrequently, would one face the following scenarios in the day-to-day Pharmacovigilance operations

  • Sales data shows a particular country, but there is no contractual agreement available for that country

  • Tender Supplies, where the other party (can even be a regulatory agency) is not willing to execute an agreement

  • Supplies to Global bodies, or NGOs, where the territories are not defined, and the product can be supplied to any country

  • Marketing team inadvertently misses communicating to the Pharmacovigilance department regarding a new business partner/ arrangement

  • The discrepancy in reconciliation between Annex B and Annex G of PSMF


SDEA Automation

In recent times, many IT companies and service providers have started working on Intelligent Automation of the SDEA processes. This really makes sense, as large Pharmaceutical companies may deal with numerous SDEA partners (9000+), making it difficult to execute successfully.


At the end of the day, the marketing authorization holder is accountable/ responsible for fulfilling all the Pharmacovigilance obligations. However, drug safety personnel need to have a business-friendly mindset, and there needs to be a perfect balance between patient safety and company priorities. Let us not forget that the regulatory agencies can even inspect business partners of the Marketing Authorization Holder.

52 views