Guest Column | March 13, 2024

A Structured Approach To Regulatory Information Management Vendor Selection

By Romuald Braun, managing partner, MAIN5

Law Matrix-GettyImages-597674500

As the EU IDMP grace period gives way to a hard mandate for data standards compliance, and as digital transformation ambitions expand beyond the regulatory remit to encompass quality, safety, and clinical processes, it’s more important than ever that companies do their research when approaching RIM vendor selection and contracting. An overly generic request for proposal (RFP) or a “safe” shortlist made up of what everyone else seems to be using are risky starting points. It’s tempting to default to the leading brand, but a lack of rigor in the requirements definition and vendor selection process could result in considerable risk and additional cost.

Deploying a formal, optimized system or platform for regulatory information management is a given now for all life sciences companies, irrespective of their size and focus. Regulators expect this and, as data rather than static documents evolves to become the default means of submitting, exchanging, and maintaining regulated product and process information, it follows that the systems for managing and keeping track of everything must be sophisticated and reliable.

In the 2020s, a strong, modern RIM platform should equip a company to:

  • fulfill all of the differing and continuously evolving health authority requirements internationally;
  • effortlessly and reliably track the status of products, their licenses, and current marketing authorization applications;
  • maintain a single, authoritative version of regulated product/process/license truth that is accessible centrally and locally by the people who need it; and
  • support future ambitions for process transformation, for instance, beyond the scope of regulatory affairs — potentially encompassing adjacent functions such as quality, safety, and clinical operations — through integrated system capabilities and readily exchangeable data.

Although individual events such as a company merger or acquisition, or EU IDMP compliance, may trigger the decision to invest in a new RIM capability, it’s important not to progress this decision without considering the broader associated opportunity — e.g., to address internal data control challenges, transform internal visibility and decision-making, and ultimately reimagine processes so that they are more efficient and support the business strategy more directly.

All of these considerations should feed into the RIM selection process, which requires that all of the various business (as well as technical) stakeholders are consulted early on for feedback about their requirements and current process pain points. Thought should be given not only to what the company and its functional teams want and need to be able to do but also to scenarios they wish to avoid in future. These might include incurring delays/business interruptions and new costs as new features and capabilities have to be added to the system later, issues with system or data incompatibility if the company later tries to improve the connection and information flow with other departments or part of the global organization, and issues arising from a change to the software vendor’s circumstances.

A Structured Approach To Vendor Selection

A structured, holistic approach to vendor selection is the best way to ensure that nothing is left to chance in the choice of a new system — from its long-term strategic fit, and lasting deliverability for all target users, to the fulfillment of procurement requirements around cost/value for money, sustainability, and so on.

Taking a structured approach (e.g., applying an agreed vendor selection methodology) will make it possible to score each option/each long-listed vendor across the full range of criteria. As a minimum, these will include:

  • the ability to deliver user-specified requirements and priorities;
  • the broader perspective, taking into account the company’s strategic/wider digital transformation road map and how the current project will need to fit into that (both now and in the future); and
  • any technical/IT considerations, such as the ability to meet system architecture specifications. These might involve compatibility and the ability to exchange data seamlessly with adjacent systems, cloud readiness, and any special user access or security considerations.

While no single solution will tick every box, following this formalized vendor selection approach will ensure that each RIM proposition and supplier is considered from every angle. This means that any trade-offs (e.g., in specific user features that may be sacrificed for a more holistic platform serving multiple departments) can be duly considered, communicated properly, and agreed pragmatically — an essential pillar of effective change management.

Starting with a standardized approach (to establishing user requirements, for instance) is a great way to get teams thinking about what is most important. That could be across a series of common or desired use cases. In a regulatory context, these might include variations management in marketing authorization, IDMP-specific processes, and investigation of new drugs in key target markets.

Thinking through each scenario will help focus teams on what they need from a new system – before they make their choice. It is in the vendor’s interest for target users to understand the system’s potential in their own setting and routine context. Requesting and securing this will enable a more confident and better-informed decision.

Foster Active User Involvement In Platform Choice

A good pain-saving tip is to let business-savvy technical enthusiasts within the company play around with capabilities to see what they can do, something that is easily provided for today via the cloud. This active user involvement is much more illuminating than watching a preset vendor demo and will drive home an understanding of what’s really important when specifying and choosing a new platform.

Investing the time in a proper needs assessment is a powerful way to get everyone on board and manage expectations, which in turn will cement user acceptance and ease change management. The risk otherwise is being saddled with a solution that doesn’t fit the bill and which no one uses (a failed rollout) or which incurs a six- or seven-figure cost and a lengthy additional timescale to put right.

Using a formal methodology in vendor scoring and selection can help in the negotiation and contracting process, too, by drawing attention to what is essential versus less important. It’s also a means of ensuring that additional considerations (e.g., data preparation/migration, issue resolution, and potential future data transition requirements) are factored into the contract and pricing.

Remember that data-related work is rarely a one-time event, so it will be important to specify, scope, and assign ongoing processes — and relative accountability — around data (data governance).

Indeed, the success of any project requires that internal teams also allocate sufficient time and resources to its effective delivery. A good contract should protect the interest of both parties.

Look For A Cultural Fit

Every company has its own culture, set of beliefs, and way of working, and a good match will help ensure a harmonious relationship that makes it easy to work with the vendor. Being precise about requirements and getting internal teams involved from the selection stage will result in the optimum outcomes.

About The Author:

Romuald Braun is a managing partner at MAIN5, where he has served for the last two years. Previously VP of Strategy for Life Sciences at Amplexor (now part of ArisGlobal), he has spent more than 30 years in roles related to compliance, document management, and content management in the life sciences industry. Those roles have spanned both the client side and the provision of consulting and in project delivery, in Europe and the U.S. He can be reached at