It’s January–CMS has finally published proposed regulations further clarifying the Physician Payment Sunshine Act provisions under the Patient Protection and Affordable Care Act (PPACA). Final regulations will arrive some- time in 2012. And mandatory reporting is still likely to commence in March 2013. You have two options: continue to wait, or put your data-capture standards and data-collection procedures in place now. Preparing now for PPACA compliance will put you ahead come March 2013…and it puts you on the road to improving marketing performance today.


Some large, global pharmaceutical companies have begun to voluntarily disclose their transactions with healthcare providers. Many others, however, have been waiting for final implementing regulations from the Centers for Medicare & Medicaid Services (CMS) before they begin capturing the transactional data needed for the aggregate spend disclosures required by the Physician Payments Sunshine Act (Section 6002 of the Patient Protection and Affordable Care Act, or PPACA). Although companies will not have to report these transactions until March 2013, it is still recommended that their data-collection procedures and systems be in place now. For many organizations, this undertaking will demand extensive time and financial resources.

Compliance must be achieved by 2013, and the recently published CMS proposed regulations provide adequate direction on what data needs to be captured and tracked. The future final regulations probably will not significantly change how organizations do this. The law and the proposed regulations are already very specific on the types of data that need to be captured and reported—including the nature and purpose of spend and recipient types. For example, the proposed regulations define “physician” to include doctors of medicine and osteopathy, dentists, podiatrists, optometrists and licensed chiropractors. The proposed regulations also illuminate: use of the NPI number; company executives’ attestations to the completeness and accuracy of the data; definitions of manufacturer and group purchasing organizations (GPO); transfers of value/payments, physician ownership /investment interests; exclusions; report submission/format/ review; annual submission and delayed publication of research payments; penalties; and data retention. While we don’t expect the final regulations to differ much from the proposals, marketers should be ready to capture and report on any and all payment or transfer-of-value transactions with any healthcare provider or organization. If the eventual final regulations are more lenient, marketers can filter out any data they do not need to report.

Healthcare organizations can no longer afford to take a “sit and wait” approach. They must be proactive and aggressive now, so they only have to make minor adjustments later. While the compliance organizations’ needs drive the effort, product and brand managers can contribute by taking the right steps to streamline data sources and develop rigorous data reporting procedures with external business partners and vendors. By doing so, they will also be setting the groundwork for improved company performance in the future.


Many organizations have still not prepared for compliance. They have many reasons: One group is sitting on the sidelines because they haven’t budgeted enough money to build the compliance infrastructure. They’re waiting for final CMS regulations before they start. This is not the most effective approach: Compliance is not merely about disclosure; it is also about capturing the source of spend, accurately and promptly. Smaller, emerging companies tend to be least prepared—not because they do not wish to comply with the law, but because they think they can wait and tackle the issue after final regulations appear. Another group includes enterprises that aren’t sure whether the law even applies to them. For example, distributors of medical devices need to disclose transfer-of-value payments for original manufacturer products that they re-label. Some organizations are completely unaware of the law, because they have neither a significant compliance operation nor a proactive culture. Others believe (wrongly) that they don’t have to do anything until 2013.

Companies that have not yet taken the steps face financial penalties for missing federal and state disclosure deadlines. Making compliance investments now will not just avoid penalties—it will also head off potentially deeper impacts on the company’s reputation. No one can afford to have internal and external stakeholders, including the media, perceive them as violating the law. It will be critical for this data to be accurate from point of capture to point of disclosure.


A number of factors may inhibit the organization from reaching compliance by the 2013 deadline. One obstacle is underreporting the data that will be examined at the time of public disclosure. Another is failing to include enough detail at the point of capture—by, for example, relying on enterprise resource planning (ERP) systems without required modifications. ERP systems generally collect only basic information, like customer names and transaction dates. Unmodified systems often lack sufficient detail on the nature and purpose of the expenditure and omit further details on recipients. Perhaps the greatest challenge is managing the change process within a company and retraining the culture to become compliance-focused. This includes retraining and reeducating employees to understand and help implement both federal and state requirements.

All of these prospective stumbling blocks become more significant in larger, more complex companies with multiple business units and sales forces. With multiple IT systems in place at many organizations, the problem becomes even more challenging.


Organizations can view aggregate spend investments in three key areas. They will need to modify procedures and processes to ensure that they capture the appropriate level of data and institute proper approval work- flows prior to the spend being incurred. Target areas include IT sources systems, which may be modified internally or in partnership with an outsourced services provider. Marketers must also adjust how this data is exported into a format that can be easily consumed by the disclosure system, for review by internal auditors and regulatory authorities. Finally, the disclosure system itself must be continually updated as state and federal regulations change. Our recent survey on trends in aggregate spend and disclosure reporting compliance shows that healthcare companies are spending anywhere from tens of thousands to tens of millions of dollars on these efforts, depending on where they are in the process. [1] Costs are significantly higher for internally implemented and managed systems; the biggest expenses are data-capture gap-assessments and the corrective technology to close these gaps.

Some companies will inevitably over-engineer the process (because they have so much spend data to record and disclose), while others won’t think the process through and won’t do enough to meet the minimum requirements. The very first step before allocating any investment resources is to do an inventory and gap analysis: Know which areas in your company will require what categories of data to meet disclosure laws and satisfy internal compliance and business analyses. This may be difficult: Different divisions and business units may use different processes and systems to collect spend data, and some mandated data may not be captured at all. Further, the level of data governance (including controls for spending on categories like gifts, donations, honoraria and consulting fees) needs to be evaluated. When you can see where the spend is coming from, and the level of controls, you can develop a roadmap for creating investment priorities and assigning owner- ship within the organization. The roadmap can address what to do next to improve the quality of data capture in parallel with changes in existing disclosure systems—so that what goes into the system contributes to the accuracy of the disclosure.

Proposed Sunshine Rules


In mid-December, CMS finally issued proposed regulations clarifying Sunshine Act provisions under the PPACA. Key points:

  • Manufacturers have until February 17, 2012 to provide CMS with comments on the proposed rules.
  • Data collection is no longer required to begin on January 1, 2012; timing has been delayed until after publication of the final rule. CMS is also considering a 90-day preparation period following the final rule.
  • Depending on the timing of the final rule, CMS is indicating that manufacturers and GPOs will be required to submit a partial year on March 31, 2013.
  • Companies under Corporate Integrity Agreements may still be required to report payments to HCPs/HCOs according to existing timelines.
  • State reports will still need to be filed in full in 2012.


The goal is the same for all healthcare organizations—to have accurate disclosure reporting and compliance processes. However, unlike large organizations, smaller biologics or device manufacturers may have smaller resources to devote to aggregate-spend compliance. Many of these organizations are not using ERP systems and will still be recording these transactions using manual spreadsheets. Smaller companies, therefore, need to weigh the relative risks of building large automated systems from scratch versus taking a phased approach. They need to ask themselves whether they have everything they need for accurate disclosure. Have they captured all of the data areas relating to aggregate spend and at the level of appropriate detail? This will guide them on the right approach to take.

For larger, more complex companies with multiple business units, the biggest issue we have seen is not having a centralized listing of their customers, i.e., a true customer master with unique identifiers covering all of their business areas. While smaller companies typically operate from a single customer list, big-company business units use different healthcare-provider reference databases. Many bigger companies don’t have atrue customer master data management strategy that links all units to the same data hub. An effective aggregate-spend solution should be able to accommodate all segments of the healthcare market and offer a centralized customer data access point. It should be able to address all levels of data capture, from manual to advanced ERP system entry, and seamlessly integrate disparate data sources.


Brand and product managers should also work with their third- party vendors to make sure that their contracts spell out the type, level and format of data they will need to capture to meet disclosure requirements. Vendors need to clearly understand that they are acting on the brand manufacturer’s behalf and that their spend-transaction data also need to be reported in accordance with the law. Company senior executives and product managers must clearly tell their staffs why third parties need to be educated about this process, and why this type of data needs to be reported.

For the first time, product and brand managers will gain deep, new insights into how much money is spent by brand across the organization. Through the compliance process, they will be able to gain an increased level of internal transparency. For instance, they will see much more clearly how effectively each brand leverages its marketing to healthcare practitioners and KOLs, and they can recognize and control transactions that are ineffective. Aggregate-spend compliance will enforce a new corporate-wide environment of scrutiny of all sources of expenditure: This is a trend product managers should embrace— as an opportunity to make more educated decisions about every transaction value investment they make.

Compliance will significantly change product and brand managers’ decision-making processes. It will also, ultimately, make that decision-making better, via partnerships with senior management and the compliance division to implement limits and controls around sales and marketing financial transactions. Further, with new insights into this data, brand marketers will be able to create budgets and focus spending on tactics and campaigns that save their organizations money while yielding more fruitful results.





1. Cegedim (2011). Trends in Aggregate Spend and Disclosure Reporting Compliance: Results from an Industry Survey March 2011


  • Bill Buzzeo

    Bill Buzzeo is an authority on regulatory requirements facing today's pharmaceutical industry, specifically those involving the Prescription Drug Marketing Act (PDMA); international, federal, and state transparency and reporting requirements; and the Controlled Substances Act (CSA).


You May Also Like

Industry Briefs

Klick Health Wins Supernova Award Winning in the category of Technology Optimization and Innovation, ...