Multinational pharmaceutical and medical device companies conducting clinical trials in China have been facing new challenges in the year since the Regulation on Human Genetic Resources (the Regulation) came into effect on July 1, 2019. One of these challenges arises from a recent interpretation by the Human Genetic Resources Administration of China (HGRAC) requiring notification filing prior to electronic data capture (EDC) transmission of clinical trial data to foreign parties, including any transmission to the US FDA or similar foreign regulatory agencies, even if the transmission is for adverse event reporting purposes. This interpretation created significant challenges and legal risks. Moreover, since late 2019, HGRAC has conducted two nationwide campaigns to aggressively enforce the Regulation. It is therefore critical for companies to fully understand this new requirement and take appropriate measures to mitigate these risks.
1. Broad Definition
The Regulation contains expansive statutory language which is broadly interpreted by HGRAC. For example, Article 2 of the Regulation defines the term "human genetic resources (HGR)" to include both (a) materials, such as patient laboratory testing samples (e.g., blood, saliva, urine, or tissue); and (b) the data and information generated from laboratory tests or imaging. As a result, HGRAC has interpreted this to mean that virtually all clinical trials conducted by multinational companies in China will involve HGR and are subject to the Regulation.
Article 7 of the Regulation prohibits foreign parties from collecting and preserving HGR in China, and further prohibits them from supplying HGR outside China. Only Chinese parties are permitted to engage in collection, preservation or supply of HGR. Violation of these prohibitions could result in civil monetary penalties, criminal fines and imprisonment.
3. Application and Notification Requirements
Articles 21 and 22 of the Regulation allow foreign parties to receive and use HGR in scientific research, including clinical trials, but restrict such activities to international collaboration with Chinese entities. Multinational companies must therefore collaborate with Chinese hospitals and testing laboratories when conducting clinical trials in China.
Both foreign and Chinese parties are required to apply for and obtain pre-approval prior to engaging in international collaboration. However, if the parties are conducting clinical trials in China for the purpose of obtaining drug or medical device marketing authorization in China, application and pre-approval are not required, but the parties must still submit a notification and receive a formal acceptance of the notification.
4. New Notification Filing Requirement
HGRAC has taken an aggressive position, interpreting the Regulation to mean that notification filing and formal acceptance of the notification must be obtained before transmission of any clinical trial data through EDC systems to any foreign parties. HGRAC applies this requirement to include transmission to the US FDA or similar foreign regulatory agencies for marketing application or adverse event reporting purposes.
This new requirement comes from HGRAC's interpretation of Article 28, which states: "When providing HGR data to or opening HGR data for use by foreign entities or individuals, notification filing, including a copy of the HGR data, must be made to HGRAC." Article 28 and the other articles of the Regulation are, however, silent on what constitutes "providing HGR data to or opening HGR data for use by foreign entities or individuals."
HGRAC's interpretation appears to be too broad. It can be argued that Article 28 should not apply to data transmission among the various parties conducting a clinical trial or the relevant regulatory agencies, because the parties would have already filed applications or notifications and received approval or acceptance covering the clinical trial as an international collaboration project. Nonetheless, thus far, many companies have started to significantly change their clinical trial operations in order to comply with this new requirement.
Navigating the Challenges
HGRAC's new requirement is nearly impossible to comply with under the current clinical operations: on the one hand, data collection will not occur before clinical trial personnel enter the data into EDC systems; and on the other hand, as soon as data is entered into EDC systems, transmission to other parties in the clinical trial, including foreign parties, will automatically occur simultaneously in real time. Under current EDC systems there will be no data to include in a notification filing with HGRAC prior to EDC data entry, and no easy way to stop simultaneous data transmission when data is entered. To address this challenge, multinational companies should carefully consider the following options, and take appropriate actions.
1. Exemption as Collaborating Parties
Clause 3 of Article 28 provides that HGR data generated from an approved international collaboration can be used by the collaborating parties. The Regulation contains no further clarification, but could be construed to exempt collaborating parties from the notification filing requirement under certain circumstances. Done correctly, companies may be able to prospectively or retrospectively take actions to bring the various parties, including the parent company and overseas service providers, into the scope of the "collaborating parties" under Article 28, avoiding the notification requirement.
2. Modification to EDC Systems
Some companies have also considered making modifications to their EDC systems to prevent simultaneous transmission to foreign parties when data is entered. These modifications have proven to be difficult to achieve due to the real time nature of EDC systems and the current practices of EDC service providers.
3. Notification Filing
Other companies have made notification filings with HGRAC, and included either a copy of the actual data, or a representative data set. When making such notification filings, companies should carefully coordinate with key internal stakeholders, as well as external service providers, to ensure that related issues pertaining to patient privacy, data security, and intellectual property protection are addressed.
In sum, these new requirements imposed by HGRAC have created significant challenges, and companies should proactively work to mitigate the legal and regulatory risks. If you have any questions, please do not hesitate to contact us.
Originally published by Arnold & Porter Kaye Scholer, July 2020
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.