The entire EphMRA Code of Conduct is available online below. You can download a copy or make an enquiry using the buttons to the right, or search the entire code using the search bar underneath.
The Code of Conduct provides comprehensive and up-to-date key ethical and legal guidance to support EphMRA members when they carry out multi-country, primary and secondary healthcare market research.
This includes ad hoc and syndicated work upon pharmaceutical products, biologics, medical devices and diagnostics (available with or without prescription).
Within the Code the umbrella term 'products' refers to drugs, biologics, devices and diagnostics unless specified otherwise eg medicinal products refer only to drugs and biologics.
It is an industry-sponsored code that aims to define and safeguard the rights of MR subjects, protecting data integrity alongside the rights of MR subjects.
All market research MUST comply with international and national law.
Whilst incorporating the impact of relevant legislation, neither the Code of Conduct nor EphMRA will be a source of legal advice. The information within EphMRA’s Code of Conduct is not intended and should not be construed as or substituted for legal advice. It is provided as a reference for best practice. If legal advice is needed it is should be sought independently.
There are twelve guiding principles that underpin the Code of Conduct. These principles are the foundation stones upon which the specific guidelines are built. They are as follows:
I. MR subjects MUST be able to provide voluntary, informed consent to data collection and use, based upon a clear understanding of the purpose of the data collection and the use(s) to which the data will be put.
II. The rights of MR subjects MUST be observed, including rights to confidentiality, anonymity and the right to withdraw at any stage.
III. Market research MUST be kept separate from any form of promotion or selling, it MUST NOT be a vehicle for disguised promotion.
IV. MR subjects MUST be treated fairly and reasonably, with care and courtesy.
V. MR subjects MUST be protected for the duration of the study – not harmed, exposed, disadvantaged or made to feel uncomfortable in any way. Confidence in market research MUST NOT be abused.
VI. Data collection MUST be adequate, relevant and not excessive. Researchers MUST be transparent about the personal data they plan to collect, the reason(s) it is being collected and who it will be shared with.
VII. Data MUST be processed fairly and lawfully, and only used for the specific and lawful purposes for which it was obtained. Personal data must be accurate and up to date. It must be processed in accordance with the rights of individuals within national data protection and privacy legislation.
VIII. There MUST be no unauthorised or unlawful processing, loss, destruction or damage to personal data.
IX. Data can only be transferred, to a third party or overseas, when adequately protected.
X. Personal data MUST NOT be kept beyond the time required to fulfil the immediate purposes of the study.
XI. Researchers MUST behave ethically; they MUST NOT undermine or damage the reputation of healthcare market research. They MUST NOT disparage or appear to disparage competing companies or products.
XII. Researchers MUST conduct market research accurately, transparently, objectively and of appropriate quality.
Market research, whatever it is called and whatever approach is used, is defined by the following key characteristics:
Based upon the definition of market research contained in the ICC/ESOMAR International Code 2007
Market research is defined by the objective(s) and the approach, not by the title of the work or those involved in it. Consequently the EphMRA Code of Conduct includes areas such as digital listening (the use of social media content for market research), the use of observational/ethnographic approaches and work carried out online via mobile devices.
Advisory boards may or may not qualify as market research depending how they are run. An advisory board is generally a group that provides non-binding strategic advice to the management of an organisation eg providing expert advice on new drugs and opportunities. If the advisory board is recruited and operated as market research - meeting the definition above - then it is market research. However Ad' Boards do not offer anonymity, may not be systematic in their approach or supported by a basis in the applied social or behavioural sciences and may not be entirely non-promotional.
Secondary Data Use
If the secondary data includes personal data, its intended use MUST be compatible with the purpose for which the data was originally collected. The intended use must not be specifically excluded within the privacy notice provided at the time of the original data collection.
Market research does not require Clinical Research Ethics Committee or Independent Review Board approval.
Market research (as defined above) relating to market or consumer behaviour of the sort that pharmaceutical companies routinely commission, whether involving healthcare professionals, patients, carers or members of the public does not require Clinical Research Ethics Committee or Independent Review Board approval (Institutional Review Board in the USA).
Key regulators have made it clear what distinguishes ‘research’ that requires ethics approval i.e. clinical/medical research from ‘research’ that does not i.e. market research.
EFPIA require non-interventional research studies to meet specific criteria that are not required of market research:
For further details upon the characteristics of non-interventional studies see Article 15, Non-Interventional Studies of Marketed Medicines within EFPIA’s Code on the Promotion of Prescription-only Medicines to, and Interactions with, Healthcare Professionals.
UK NHS Guidelines
The UK National Health Service Health Research Authority (NHS HRA) provides a decision support tool to help determine whether a study should be classified as 'research' or not:
* Generalisable is defined as the extent to which the findings of a clinical study can be reliably extrapolated from the subjects who participated in the study to a broader patient population and a broader range of clinical settings.
In addition, the NHS HRA provide a leaflet ‘Defining research’ that is designed to help you decide if a project is research, which normally requires review by a Research Ethics Committee (REC), or whether it is some other activity such as audit, service evaluation or public health surveillance.
Indeed in the UK, Governance arrangements for research ethics committees A harmonised edition published by the Department of Health, May 2011 states that:
"2.3.14 Healthcare market research may be undertaken by professional market researchers on behalf of pharmaceutical or medical device companies. Where such research is conducted by professional market researchers in accordance with the Legal and Ethical Guidelines issued by the British Healthcare Business Intelligence Association (BHBIA), it does not require REC review except where otherwise required by law".
In addition, EphMRA provides a detailed overview of the differences between market research (MR), non-interventional studies (NIS) and patient support programmes (PSP) – see table in Section 3.8. Key differentiating characteristics between MR and NIS are:
|Commercial focus/purpose (market behaviour and opportunities) – internal focus||Y||N|
|Clinical or medical focus/purpose (safety, efficacy or pharmacokinetics) – external focus||N||Y|
|Epidemiological methods must be used to design the study and analyse the data||N||Y|
|Must generate scientifically significant evidence||N||Y|
|Managed by company’s scientific/medical service (rather than commercial)||N||Y|
Confusion between market research and clinical/medical research can arise because they sometimes address the same audience, may use a similar tool – a questionnaire, and can ask similar questions. In particular, non-interventional studies (or post-marketing authorisation studies as they may also be called) are confused with market research.
Non-interventional research studies involves the collection of "additional data post-authorisation, as it is necessary from a public-health perspective to complement the available data with additional data about the safety and, in certain cases, the efficacy of authorised medicinal products. Such post-authorisation measures (PAMs) may be aimed at collecting data to enable the assessment of the safety or efficacy of medicinal products in the post-approval setting.”
Non-interventional research is carried out for a clinical purpose i.e. to assess safety, efficacy or tolerability, its ultimate purposes are to advance science, the treatment of disease and improve patient outcomes. In contrast, market research is carried out for a commercial purpose i.e. to investigate market behaviour and opportunities to inform business decision making. Clinical endpoints are not needed for market research.
Even market research that involves the collection of anonymised patient data detailing conditions, symptoms and treatments this does not mean it is non-interventional research. Market research using anonymised patient record data is analysed in aggregated form to generate information upon market patterns.
The distinction between market research and non-interventional research applies whether the market research involves prospective or retrospective patient data.
The following table distinguishes between the characteristics of market research, patient support programmes and non-interventional studies.
Difference Between Market Research, Patient Support Programmes and Non-interventional Studies:
|Information gathering tool||Y||N||Y|
|Patient or carer service||N||Y||N|
|Participants remain anonymous||Y||N||Y or N|
|Direct Patient benefit||N||Y||N|
|Directly impacts clinical care||N||Y||N|
|Pooled processing of information generated||Y||N||Y|
|Participants are generally financially incentivised||Y||N||N|
|Impacts patient directly and immediately||N||Y||N|
|Generally generates scientifically significant information||N||N||Y|
|Requires clinical research ethics committee approval||N||N||Y|
|Can be prospective or retrospective||Y||N||Y|
|Always involves marketed product||N||Y||Y|
|Managed by company's scientific service (rather than commercial)||N||Y or N||Y|
|Generally includes patient prescribed a company's medicinal product in the usual manner||N||Y||Y|
|Epidemiological methods must be used to design the study and analyse data||N||N||Y|
MR Market Research
PSP Patient Support Programme
NIS Non-interventional Study
It is not market research when data are collected for any other purpose that that described (see 3.1). In general non-research exercises have the following characteristics:
These definitions are based upon the UK’s Market Research Society’s Regulations for Using Research Techniques for Non-Research Purposes Nov 2010
Database building is a non-research purpose. Data Protection legislation prohibits information given within a market research exercise being used to build a database unless consent for this was given at recruitment.
When researchers are fulfilling their role as researchers they MUST NOT conduct other non-research activities without the prior informed consent of MR subjects. In Germany the MR industry guidelines state that market research may not be combined with non-research activities. Market research should be clearly separated and distinguished from any other activity.
Market research MUST NOT be used to obtain confidential information about competing products and companies from MR subjects who are bound by confidentiality agreements with those companies.
In terms of the EphMRA Code of Conduct the client is the commissioning party and the agency executes the study on their behalf. Generally but not necessarily the client is a manufacturer of pharmaceuticals, devices or diagnostics and the agency is a market research specialist. It is recognised that for some studies there may be more than one ‘client’ (e.g. different offices may be involved) and more than one ‘agency’ involved (e.g. a co-ordinating global agencies and local fieldwork suppliers). In which case for the purposes of the EphMRA Code the following definitions apply:
The following key points should be noted:
National and international data protection and privacy requirements MUST be adhered to.
Personal data or personally identifiable information (PII) as it is sometimes known includes postal codes, cell phone numbers and email addresses as well as full names and postal addresses. Personal data may be a single piece of information or a series of pieces of information including other information or data sets available to the holder, which together would allow identification of an individual or infer their identity.
An IP address might constitute personal data in combination with other identifiable data but there is no international consensus about the status of IP addresses (which can generally identify a unique computer, but may or may not identify a unique user). If national law/regulations classifies IP addresses as personal data and it is not possible to differentiate between those IP addresses which are linked to an individual and those that are not, all the information collected should be treated as if it were personal data. In Germany an IP address is considered by law to be personally identifiable information. In the Netherlands this is the case if an IP address can be traced back to a unique user.
In the United States the definition of personal data may depend upon the nature and/or subject matter of the information, the way it is collected, other information that may be collected and combined with it, and the use and disclosure of the information by the collector.
Personal data covered by the EU Data Protection Directive includes data "be it alphabetical, numerical, graphical, photographical or acoustic. It includes information kept on paper, as well as information stored in a computer memory by means of binary code, or on a videotape, for instance. In particular, sound and image data qualify as personal data from this point of view, insofar as they may represent information on an individual." (Article 29 DP working party opinion on the concept of personal data of 20 June 2007) Personal data includes video-streams (relayed live or delayed and non-anoymised recordings. Whether an audio recording is considered personal data may depend on whether the surnames of the individuals are recorded or whether the voice alone could lead to the identification of the individual.
Once all identifiers linking data to a MR subject have been removed then it is no longer personal data (it has been anonymised) and is not covered by the EU Data Protection Directive. Researchers may use a unique identifier (e.g. a serial number) to identify a MR subject (a process referred to a pseudonymisation) but the file linking personal data to the unique identifier MUST be stored entirely separately from the anonymised MR subject data.
The processing of "personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and the processing of data concerning health or sex life" is forbidden unless one or more of the exceptions specified in the Directive have been met. The most important of these exceptions, in the case of market research is where the MR subject has given his/her explicit consent to the processing of such data. Explicit consent refers to a MR subject’s specific and unambiguous agreement based upon adequate information (see Section 8, Informed Consent).
The ‘processing’ of personal data includes the collection, recording, organisation, storage, alteration, retrieval, use, disclosure, dissemination, alignment or combination, blocking, erasure or destruction, of personal data.
Researchers must limit the collection and/or processing of personal data to the minimum required to meet the needs of the market research.
Researchers are responsible for the safe handling, processing, storage and disposal of market research and personal contact data.
Adequate precautions MUST be taken to protect personal data, any sensitive data and confidential information against unauthorised access. This would include using the appropriate technologies to protect data stored on web sites or servers when the data is transferred e.g. reliable encryption systems, firewall and users identification and password access.
In addition to the EU Data Protection and US HIPAA (Health Insurance Portability and Accountability Act) requirements that personal data be appropriately protected, in the USA certain states have legislation requiring specific security safeguards (e.g. Massachusetts) for any organisation in the state or holding data of a state resident, and various regulators (including the Federal Trade Commission and, recently, the Federal Communications Commission), impose broad overall security safeguards subject to enforcement within their jurisdiction.
It is good practice for researchers to keep copies of e-mails and other documents received from MR subjects agreeing to, or restricting, the use of or access to their personal information. This is a legal requirement in some countries, amongst others, all European Union member states.
Personal data is protected by the provisions of the Data Protection Directive even when taken out of the country where the MR subject lives.
If personal data is to be transferred from one country to another, the data protection requirements of both countries MUST be met. The transfer of personal data to non-EEA countries is forbidden unless there is adequate privacy protection.
There are various ways in which to comply with the EU Directive in non-EU countries depending upon the circumstances, these include Model Clauses and Binding Corporate Rules (BCR) and in the USA, the EU - US Privacy Shield framework. For further information on these see below and EphMRA members can access further detail upon the EU-US Privacy Shield framework within the Ethics Country News section on the EphMRA web site.:
In Japan (in accordance to Articles 16 and 23 of The Act on the Protection of Personal Information), personal data cannot be processed or passed to a third party unless the individual has given prior consent. Consent must be given for specific purposes and processing or transfer must be for these purposes alone.
In Mexico the data protection authority differentiates between transmission and transfer of personal data. Transmission is defined as the passing on of personal data for a restricted range of uses and the transmitting party continues to be responsible for the personal data. Transfers of personal data allow a broad range of processing/uses. In both cases, the individuals consent is required.
In Russia (in accordance with Federal Law of the Russian Federation #266-FZ on personal data, article 12, Trans-border transfer of personal data), the MR subject must be made aware if their personal data is to be transferred to a foreign customer and give a written consent to this.
MR subjects MUST be provided with a privacy notice which tells them clearly what their rights are. It must include information such as what personal data is collected, how it is used, how it will be managed and the conditions under which it will be shared, as well as how to get more information or make a compliant. The privacy notice must be made available by the individual/organisation collecting the personal data and must be honoured by all parties that process the personal data (whether or not they are the originator of the privacy notice).
The key requirement of the Data Localisation law states:
Data operators processing data of Russian citizens, whether collected online or offline, are obliged to record, systematize, accumulate, store, update, change and retrieve such data in databases located within the territory of the Russian Federation.
All processing operations affecting the actual records held (collection, updating /amending and deletion of the personal data record) must be carried out on a master/primary database held in Russia. A copy of that database can be transferred and secondary processing (e.g. backup, data analysis, secondary storage and access) can take place using the copy that has been transferred to another country. The copy can also be anonymised, deleted or destroyed. So companies and agencies will have to store and maintain personal data directly collected from individuals resident in Russia in a primary database held on servers hosted in Russia. Cross border transfers (carried out in compliance with Russian data protection law) are still permitted, but the master database containing personal data must still be stored and maintained in Russia.
For more detail, please see http://www.ephmra.org/Country-News
In the USA, that part of HIPAA known as the HIPAA Privacy Rule, is a federal regulation which gives the individual rights over their health information (i.e. name, address, health status and other information that can be linked to an individual) and sets limits upon how this information can be used or disclosed by "covered entities” (primarily health care providers and health insurers). This regulation also now applies directly to "business associates,” which are service providers to these covered entities.
Unless a use or disclosure is permitted by the HIPAA Privacy Rule, it can only be made subject to an individual’s authorization. There is no restriction upon the use or disclosure of this "protected health information” if it has been de-identified in accordance with the standards set by the Privacy Rule (see 19.3). The US Marketing Research Association’s Best Practice Guidelines on HIPAA state that
"As a general matter, survey research entities are NOT covered entities under HIPAA, but may be business associates. The HIPAA Privacy Rule applies when a business associate collects, uses or maintains personal health information for a covered entity.”
Members MUST ensure that MR subjects give their informed consent before information is collected from them.
"Cooperation is voluntary and MUST be based on adequate, and not misleading, information about the general purpose and nature of the project when their agreement to participate is being obtained and all such statements shall be honoured."
ESOMAR state that consent must be:
Only personal data that is necessary to the research process MUST be collected.
In Germany informed consent should be refreshed at regular intervals (e.g. 6 monthly intervals) if long term or longitudinal research is being undertaken.
Information detailing an individual’s physical or mental health is classified as ‘sensitive personal data’ under the Data Protection Directive and requires explicit consent for its use.
Specific consent is not required for the use of anonymised and non-attributable responses.
Informed consent guarantees MR subjects the right not to participate and the right to withdraw from the interview at any time. This right MUST be made very clear to children.
It MUST be clear to MR subjects that all personal data collected during a market research project will be treated confidentially and are purely for the purposes of market research unless averse event reporting is required and separate consent for transfer of personal data for this purpose has been given.
MR subjects' anonymity MUST be strictly preserved. It is important to note that withholding a MR subject’s name is not necessarily sufficient to protect their anonymity especially when MR subjects belong to small high profile universes. For further information see the ICO’s ‘Anonymisation: managing data protection risk code of practice’ http://www.ico.org.uk/for_organisations/data_protection/topic_guides/anonymisation
Researchers MUST ensure that information identifying the MR subject (e.g. recruitment questionnaires, attendance lists) is not passed to the client without the MR subject’s explicit consent. Requesting consent to pass on MR subject's personal data to the client (and consequently passing on personal data) is always forbidden in Germany.
Agencies must not identify the client or any confidential client data without the client's consent except if there is a legal obligation to do so.
The MR subject's right to confidentiality can be waived by the MR subject if specific consent has been sought and granted providing MR subjects have been made aware of:
In Germany MR industry guidelines prohibit asking MR subjects to waive their anonymity/confidentiality.
In Germany MR industry guidelines state that personal data MUST be separated from interview data immediately by the research agency, after this the only link allowed between the two is a common code number. The address data – name, postal address, telephone number, email address – MUST be destroyed at the earliest possible time i.e. once quality control checks have been completed. Personal data cannot under any circumstances be passed to a client, there are no exceptions or waivers allowed.
ADM Key Problems in the Data Protection Laws and Professional Laws for Scientific Survey Research Aug 2009 http://www.adm-ev.de/fileadmin/user_upload/PDFS/Kernprobleme_E.pdf
Physicians have a duty of confidentiality towards their patients. Information about a patient may be obtained for market research from patient records without patient authorisation only if these data are fully anonymised and in the USA meet the de-identified criteria within HIPAA (see 19.3 or www.hhs.gov/ocr/privacy/index.html Aug 2009) or as permitted by the HIPAA Privacy Rule provisions related to research or a "limited data set” or if the patient has given explicit authorisation.
Researchers MUST inform clients if any of the work to be carried out for them is to be combined or syndicated with work for other clients (any other clients do not need to be named and MUST not be named without their permission).
In Spain, Farmaindustria member companies MUST provide prior notification to the Farmaindustria Code of Practice’s Surveillance Unit (CPSU) when carrying out, financing or sponsoring market research studies. This is NOT mandatory if:
Communication should be addressed to the Farmaindustria Code of Practice Surveillance Unit (CPSU) and sent at least ten working days before the study is due to start. The pharmaceutical company is responsible for reporting the study.
Prior approval from the CPSU is required if the market research could involve any of the following:
However the CPSU recommends that all market research studies carried out in Spain should be reported on a voluntary basis (not just those that it is compulsory to report). For full details please see: http://www.farmaindustria.es/Farma_Public_ING/Codigo/codeofsanitaryprofessionals/index.htm
In Spain market research studies MUST be approved before being carried out by the pharmaceutical company scientific service or by the compliance officer in Spain, this is required by the Spanish Code of Good Practices for the Promotion of Medicines and Interaction with Healthcare Professionals.
In Korea KRPIA member companies must report details of surveys quarterly on the form provided by the KRPIA and market research agencies MUST not disclose the identity of participating HCPs to the client company and selection of HCPs MUST be conducted independently by the agency.
Clients should be informed if any part of the study is to be sub-contracted outside of the agency. If requested the identity of the sub-contractor should be provided. In Canada, this is mandatory for MRIA members. If a sub-contractor is employed at short notice after the study has started the client should be informed as soon as practical.
The size of the sample should be appropriate to meet the market research objectives. If the sample size is unnecessarily large, the market research may be considered a promotional vehicle.
Researchers should manage and monitor the frequency with which potential MR subjects participate in market research and try to avoid over-researching individuals.
Lists that are drawn from sources readily available within the public domain do not generally require the consent of the individuals listed to have their personal details held (all of the data MUST be drawn from the public domain).
So if for instance a list of healthcare professionals (HCPs) was drawn up from health centre websites that listed the HCPs working there, this would not require the HCPs prior consent, and if these details are passed to another contractually linked party.
If a list containing personal data that is not in the public domain e.g. a list of detailed physicians was passed to an agency to allow them to draw a sample from it, as long as the agency is contractually linked to the client company and the physicians had given consent for their details to be used for market research then this does not require the consent of the listed individuals.
If however local law/regulations demand that the explicit consent of those on the list is required before their personal details are passed on as in Italy, this MUST be complied with. In Italy, data that is used that is not publicly available should be ‘certifiable’ – those that hold the data MUST have the consent of the individual and evidence of how they obtained the data. It is also strongly recommended by EphMRA that the responsibilities of list suppliers are made explicit and agreed to in writing within some form of project agreement, such as the contract.
If the list contains information not in the public domain, those listed MUST give consent for their personal data to be held and told why their personal data is being held.
The client company MUST NOT be informed of the identity of market research participants, i.e. who on the list was interviewed.
MR subjects that have chosen to opt-out of, or not be contacted for, market research must be excluded.
When lists of named individuals are used for sample selection, the source of the list should be revealed to potential MR subjects. The source of the list MUST be revealed to potential MR subject(s) at an appropriate point in the interview, if it is requested. In Germany MR industry guidelines state that MR subjects MUST be told the client company’s identity if the client company supplied their name. This can be given at the end of the interview rather than the beginning, but it MUST be given. In Finland, a researcher MUST NOT disclose the identity of the sponsor (unless legally required to do so) to any third party without the consent of the sponsor.
If list details are missing or incorrect, the supplier of the list may be told this but corrected details cannot be passed back to the list supplier to update their databases without specific consent. However it is allowable to pass back the personal details of those who have:
Personal data can be added to the database only if the MR subject is told of this intention at the time of data collection except in Germany. MR subjects MUST also be told why and for what purposes the data will be used, and that under no circumstances will it be released or used for any non-research purpose.
The MR subject has the right to request the deletion of any or all of their personal data from the database at any time.
Client databases MUST be returned to the client or destroyed at the end of the project. MR subject requests to have their personal data removed from a list or database must be respected.
Screening questions MUST only be used pre-screen potential MR subjects for participation in the research, they MUST NOT be used to collect additional data.
Physicians may act as intermediaries to recruit patients by inviting patients to take part or passing on questionnaires on behalf of the agency, they MUST however:
–Ensure that patients understand that their participation is voluntary
–Not disclose the patient’s identity to the agency until the patient has consented to this.
Reimbursement should not be dependent on the number of patients successfully recruited. Agencies should beware of placing pressure upon patients and try to minimise this e.g. by issuing a written rather than a face to face invitation.
If the patients reply directly to the agency, which is preferable, the doctor should not be told which patients are going to/have participated.
In Germany and Brazil, physicians are only allowed to pass on and return completed questionnaires if there are no means by which to identify the patients detailed (e.g. name or address).
In the Netherlands, MOA affiliated researchers MUST make sure that an invitation to a patient to participate in market research that is given via a HCP must be in writing (mail or email).
When asking people to supply other people's names for the purposes of developing a list from which to draw a sample (a technique commonly referred to as 'snowballing' and used to identify opinion leaders) to meet the obligation to be transparent, the person being recruited MUST be told how their name was obtained. This means for example that when trying to recruit an opinion leader the recruiter MUST tell the doctor that they were suggested by another physician but there is no need to name the source of the nomination.
At recruitment MR subjects MUST be told:
If the potential MR subject/MR subject requests the name of the sponsoring client it is not necessary to provide this information unless the sponsoring client company provided the list from which the potential MR subject/MR subject’s name/contact details have been drawn. The requirements for naming the client when observation and recording are taking place are detailed at 11.4.
In Germany, the FSA Code recommends to members that employer permission (Dienstherrengenehmigung DHG) is sought and granted for healthcare professionals to participate in market research. There is no over-arching legal requirement for a DHG, however if you have to include healthcare professionals and/or federal civil servants e.g. payers (Bundesbeamte) within the market research sample and are committed to adhering to the FSA Codex, you have to check that a DHG is in place. You may do this by including suitable questions within the recruitment screener and ensuring potential MR subjects only participate if they have their employers’ permission. The DKG have also stated that employer permission is required unless participation in market research is a one-off or rare and the incentive does not exceed 100 euros. German market research associations have no such requirements.
For more detail, please see http://www.ephmra.org/Country-News
In Italy, the Transparency Act (art. 53 165/2001) requires that:
Data collected at recruitment MUST NOT be used for any purpose other than the purpose for which consent was granted. Seeking consent for other uses retrospectively is not allowed
In Germany, Italy, Norway and Sweden, the ADM/BVM, ASSIRM, and LIF respectively, recommend that market research appointments with healthcare professionals (HCPs) should be made outside working hours and that those HCPs that are employees are not interviewed on their employer’s premises. However the preferences of the HCPs can be taken into account. In Italy this refers to HCPs when employed by the national health service (SSN) only.
Guideline for Studies in Public Health Service for Purposes of Market and Social Research Guideline on Interviewing Physicians for Market and Social Research Purposes www.adm-ev.de/richtlinien Aug 2009
ASSIRM, Directive on the interviews with medical staff for purposes of market research and social
EFPIA members and members of EFPIA-affiliated associations MUST document an agreement between agency or client company and the healthcare professional MR subject in advance of fieldwork (i.e. at recruitment) for all market research carried out face to face. Longitudinal studies and panels MUST also be covered by a written agreement irrespective of methodology. Single stage market research studies conducted online, by telephone or by post that involve only minimal remuneration do not require a written agreement in advance of fieldwork. EFPIA member associations provide guidance on the meaning of minimal. This ruling is based upon Article 14 of the European Federation of Pharmaceutical Industries and Associations (EFPIA) Code on the Promotion of Prescription-Only Medicines to, and Interactions with, Healthcare Professionals.
When written agreements are required, the following information MUST be given and agreed:
In Denmark, nurses must be treated as non-HCPs.
In Germany the FSA requires that if the incentive is not ‘marginal’ (which is defined as over 50 euros) written contracts are required for all forms of market research with HCPs.
In the UK the BHBIA states that to conform to Clause 20 of the ABPI’s Code of Practise 2014, all study types irrespective of methodology require a written agreement; although different mechanisms to capture the agreement may be needed for different methodologies.
For full details see the BHBIA Guidelines.
Disclosure Code requirements apply to EFPIA and EFPIA affiliated association members and all those that have agreed to adhere to EFPIA or national associations’ code of practice. The Disclosure Code applies to prescription only medicines and only to over the counter medicines if they are dispensed on prescription.
Consequently pharmaceutical companies will need to disclose payments made to healthcare professionals (HCPs) for a range of activities including participation in market research (MR) when (and only when) the pharmaceutical company is aware of the identity of the HCP. These payments are referred to in the Disclosure Code as Transfers of Value (ToV).
For the full EFPIA Disclosure Code go to http://transparency.efpia.eu/the-efpia-code-2
When disclosure is required
4.25.1 For market research disclosure is required when pharmaceutical companies are aware of the identities of those participating in MR it has commissioned and ToVs i.e. MR-related payments (incentives and expenses) have been made to HCPs. In these cases the payments made to individual named HCP MR subjects MUST be disclosed, whether they’ve paid them directly or indirectly via an agency. This information will be made publicly available.
4.25.2 National data protection legislation may require the HCP’s consent for their data to be used in this way. If this consent is not given, MR payments MUST still be disclosed but on an aggregate basis. So if HCP MR subjects do not consent to their personal data being used for disclosure they may still participate in the MR.
When disclosure is not required
4.25.3 If the HCP’s identity is not known to the pharmaceutical company disclosure is not required.
EFPIA have stated that if a HCP’s identity becomes known to the company only as a result of an adverse event where reporter contact details are provided, disclosure is not required.
Similarly if during viewing of non-anonymised fieldwork, a MR subject is recognised (and identified) by client company personnel, disclosure may not be required.
4.25.4 If a sample is to be drawn from a list of HCPs supplied by the pharmaceutical company, the identity of those actually interviewed will not be known and so disclosure is not required. However if all those on the list are to be interviewed, then the company will be aware of the identity of the HCPs involved in the MR and disclosure will be required.
Reporting format and Information to be disclosed
4.25.5 EFPIA have provided a ‘Model of a Standardised Template’ – the suggested reporting format for disclosure data: http://transparency.efpia.eu/EFPIA%20DISCLOSURE%20CODE%20Schedule%202%20Template%20-%2013%20Template.pdf EFPIA country associations may provide their own template based upon the EFPIA one.
4.25.6 The following types of data MUST be recorded for a full calendar year on the appropriate template and disclosed:
Country of disclosure
4.25.7 Disclosures MUST comply with the national (EFPIA member) code of the country where the HCP receiving payment has their principal practice. The address of the HCP’s principal practice should be used as the reference when determining in which country the data should be disclosed.
4.25.8 EFPIA have advised that public disclosure can be via either:
I. the relevant Member Company’s website or
II. a central platform provided by a government, regulatory or professional body or an EFPIA member/country association
Individual country/member associations decide upon the route.
Disclosed data will be publicly accessible in the country where the HCP has their practice.
4.25.9 Pharmaceutical companies MUST complete and post the disclosure data on their company website or forward it to a central platform – as required in their country.
4.25.10 Disclosures MUST be made in the first six months after the end of the calendar year in which the MR payment was made.
Consent and record keeping required
4.25.11 HCPs whose identity will be known to the commissioning pharmaceutical company MUST be advised that disclosure will take place and asked for their consent to pass on their personal data and payment information for this purpose. This must take place as soon as practical, generally at recruitment. As with any request for consent for the use of personal data, the following must be made clear:
MR agencies MUST keep records of the required disclosure information to pass to the pharmaceutical company.
Pharmaceutical companies MUST keep records of the required disclosure information, collate it, then complete and upload the appropriate data collection template.
Pharmaceutical companies may need to review their disclosure policy and procedures for MR payments with their legal and/or compliance departments.
In Denmark legislation stipulates that any non-double-blinded (i.e. the identity of the commissioning client company in not known to the HCP MR subject and the identity of the HCP is not known to the commissioning client company) and the contact between a HCP and a pharmaceutical company or manufacturer of medical devices must be declared to the Danish Health authorities as consultancy. The registration of contact must be made by both the HCPs and the end-client (Pharmaceutical Company or Medical Device Manufacturer).
In France Loi Bertrand imposes a general disclosure obligation on companies manufacturing or commercialising health products or services. It applies to market research carried out with healthcare professionals that takes place in France, whether commissioned from inside or outside France and requires that agreements between market research agencies and healthcare professionals are publically reported.
It is the responsibility of the commissioning client company to report that they have an agreement with a named market research agency, its date and the purpose of the agreement (i.e. market research).
It is the responsibility of the market research agency (or if used, their sub-contractors) to report:
1. That an agreement with individual named HCPs exists (including a number of key details such as title, speciality, qualifications, RPPS or equivalent number, professional address)
2. The purpose of the agreement e.g. market research
3. The law states that when a benefit valued over 10 euros (including VAT) is to be given it has to be reported by named individual. Market research incentives are considered ‘benefits’ (based on the Conseil d’Etat decision 1ère / 6ème SSR, 24/02/2015, 369074). So incentives exceeding 10 euro (including taxes where applicable) have to be reported by named physician. All market research studies involving healthcare professionals that take place in France have to be declared irrespective of whether a benefit or an incentive (or neither) is offered.
4. It should be noted that:
- The agreed market research incentive should not be disclosed
- The sponsoring company (and product) should not be named
- HCP MR subjects MUST be informed of the processing of their personal data
- This applies whether or not the client company is aware of MR subject identity.
EphMRA suggests that the agency with whom the healthcare professional has the agreement will be the reporting agency.
Reports should be made to the central public website https://www.entreprises-transparence.sante.gouv.fr/flow/login.xhtml;jsessionid=ECCC896876F382F19E1EB0AF367B227A.sunshine-entreprise
Reporting for January to June data should be done by 1 Aug and for July to Dec data by 1 Feb.
In France Loi Anti Cadeaux/Loi DMOS (Diverses Mesures d\'Ordre Social) requires that the relevant national association/board e.g. the CNOM (physicians) or the CNOI (nurses) etc., is informed of agreements between companies/agencies and healthcare professionals including market research studies, one month before they begin. A reporting template does exist and is available on the ASOCs website. It is possible for organisations to apply for annual approval from CNOM in advance of carrying out market research with physicians, rather than on a project by project basis.
The terms and conditions of the annual process and the access arrangements are detailed in the July 2016 article ‘New and Simplified CNOM Approval System’ which is available within the Country News, France section of EphMRA’s website http://www.ephmra.org/Country-News
Further information upon Loi Bertrand and Loi Anti-Cadeaux may be found within the Country News, France section of EphMRA’s website http://www.ephmra.org/Country-News
Informed consent requires that if it is necessary to contact a MR subject again to ask further questions (other than for quality control purposes), consent for re-contact MUST be sought at the time of the recruitment interview or during the interview; even if only simple clarification is needed. When children are researched consent for re-contact should be sought from the responsible adult and the child separately.
MR subjects agreeing to re-contact MUST be fully informed of the purpose of re-contact and who will make it. Re-contact questions should reflect the possible reasons for the re-contact, such as for a second stage of the study, to ask a question missed or further explore a particular issue. The question "May we contact you for future research?” is not sufficient to allow re-contact, this type of standard question is really panel building question as it asks about any other projects occurring at an unspecified future time.
In Germany, if personal data is stored for re-contact for which informed consent has been given, the personal data MUST be stored separately from any additional data about the individuals. The merging of data for the specific selection of MR subjects is done by means of a code number.
Transferring personal data outside the European Economic Area (EEA)
You must not transfer personal data outside the EEA unless there are adequate data protection measures in place. The EU Commission provides a list of countries or territories providing adequate protection for data subjects in connection with the processing of their personal data, see the European Commission’s data protection website at: http://ec.europa.eu/justice_home/fsj/privacy/thridcountries/index_en.htm
If you have to transfer personal data to counties outside the EEA or that are not listed as having adequate protection you may consider other means of guaranteeing the personal data you transfer is adequately protected by:
When transferring data outside of the EEA you must comply with all data protection principles. Fair and lawful processing will in most cases require you to inform individuals about transfers of their transfers of their personal data to third parties overseas.
An 'incentive' is any benefit given to a MR subject to encourage participation in a market research study and should be:
MR subjects must be clearly informed:
Panel members should be made aware of the approximate level of commitment and/or length of time required before the incentive will be paid.
In Denmark, ENLI member companies are required to pay incentives to healthcare professionals in cash (cheques, bankers drafts and bank transfers are acceptable). In addition, nurses must be treated as non-HCPs, so incentives should be similar to patients rather than physicians.
In Greece, SfEE member companies should not pay incentives:
In Korea KRPIA members MUST report market research survey incentives quarterly. Food, drink and "compensatory gifts" up to a value of KRW 100,000 per HCP may be provided. In addition, if the surveys takes 30 minutes or more to answer "compensatory payment" of up to KRW 100,000 per HCP may be provided.
In the Netherlands CGR (Stichting Code Geneesmiddel Reclame) guidelines state that incentives should be based upon the hourly tariffs set by the NZa (Nederlandse Zorg authoriteit, the Dutch Healthcare Authority) and that the distinction between the incentive and expenses is clear.
In Poland and Russia, if the sum total of incentives paid to a MR subject exceeds a specific level (250 PLN in Poland and 4000 RUR in Russia) within a year, the tax authorities should be advised.
In Spain, payment of incentives MUST be in cash (cheques and bankers drafts are acceptable). Exceptionally, and with the prior authorisation of the CPSU some payments in kind may be made. For further country specific details of incentives regulations, recommendations and preferences please see EphMRA’s Overview of Incentives http://www.ephmra.org/Ethics
In Sweden LIF guidelines state that the maximum incentive should be 2.5% of the current KPI.
Incentives are not allowed in the following situations:
With regard to free prize draws, i.e. a draw where prizes are allocated by chance, with no payment to enter, MR subjects MUST NOT be required to do anything (other than participate in the market research) to be eligible for entry to a free prize draw. ‘Free’ includes any method of communication (post, telephone or other) at a standard rate. The MRS Regulations for Administering Incentives and Free Prize Draws February 2012 provide further details of the rules in the UK.
National laws governing free prize draws vary widely in Europe, so care must be taken to ensure the prize draw is carried out in compliance with local law, including registering the draw with the relevant authority and arranging for the draw to be administered by public notary or other official as required by local law.
In Mexico, the Secretary of Governance is responsible for authorising prize draws. There are specific requirements including registration for prize draws open to the public. Legal counsel should be obtained in order to determine if a prize draw or raffle within a specific survey population should be considered a public or private / closed event.
'Rules Governing Sweepstakes’ in the USA are provided by CASRO and available to members on the CASRO website www.casro.org. CASRO specifically state that "this is an evolving body of law” and that "it is not possible to construct a set of rules and practices that we can guarantee will comply with every applicable law. Anyone running sweepstakes, especially online, should have their counsel carefully monitor state and federal legislation and court decisions in this area.”
The personal data of MR subjects eligible for incentives are confidential, so cannot be passed to clients without consent, this consent MUST NOT be linked to receipt of an incentive.
In Germany and in Italy tax laws make it necessary to store the private address data of MR subjects receiving incentives for the length of time required by tax law. The same is true in Poland for incentives above a specific level. In the Netherlands tax laws make it necessary to store the confirmation of receipt of incentives, for the length of time required by law. Personal data MUST be stored in a way that ensures the date of the interview is identifiable but prevents personal data being linked to response data.
The following information should be provided to MR subjects at the start of fieldwork, even though much of this information will have been communicated at recruitment:
EphMRA does not recommend the use of sales representatives as market research interviewers.
Researchers should take reasonable steps to ensure that:
Market research materials should not:
When a topic is considered sensitive, MR subjects MUST be told explicitly the subject and content of the discussion. Sensitive topics include those that are judged to be sensitive to most people or a specific group of people because of the nature of the subject or those that may be sensitive to a particular individual, because of that individual’s past history.
When sensitive topics are to be discussed, the MR subject MUST be made fully aware of:
In cases where the subject under discussion is gender specific or of a sensitive or potentially embarrassing nature, MR subjects should be interviewed by interviewers of the same sex, or given the choice to be so.
If collecting information on sex, gender or age may prove sensitive, the following guidance may be helpful, the UK MRS’s:
Stimulus material includes any material shown during the course of fieldwork e.g. product profiles, branding concepts, packaging materials.
Stimulus material should be fit for purpose. Pharmaceutical industry codes of practice generally require that information claims and comparisons be accurate, balanced, fair, objective, and unambiguous, be an up-to-date evaluation of all the evidence and they should not mislead either directly or by implication, by distortion, exaggeration or undue emphasis – the same is expected of stimulus material.
Within any market research care should be taken to ensure that MR subjects understand when they are providing feedback on draft materials, hypothetical scenarios, assumptions, a product in development or as yet unlicensed.
In the Netherlands, MOA affiliated researchers MUST NOT use stimulus with healthcare professionals that includes brand names or indications for unlicensed products. The use of samples of prescription only medicines is also prohibited in market research.
In Finland, the PIF Code of Conduct states market research MUST not focus upon a medicinal product which has not obtained marketing authorisation.
Where required (country requirement or company policy) stimulus materials to be used within market research should be approved by the client company's medical department prior to use (irrespective of format or finish).
All stimulus materials should be collected at the end of the interview.
Additional ABPI guidelines for stimulus material content and format for the UK are detailed within the BHBIA’s Legal & Ethical Guidelines http://www.bhbia.org.uk/guidelines/legalandethicalguidelines.aspx.
The unnecessary or repeated use of brand names should be avoided unless assessing reaction to the name, or use of the product by name is an essential research objective - particular care should be taken if the names of unlicensed products are to be used.
The use of brand names when researching hospital products (‘H’ drugs) with patients in Italy although not explicitly forbidden would be considered unethical. The Spanish Code of Good Practices for the Promotion of Medicines and Interaction with Healthcare Professionals requires that there is no link between the product tested and a company, so product testing should be blinded.
Companies should generally refer to their medical and regulatory departments for guidance on market research surveys that involve testing products.
It is strongly recommended that placebos are used during market research surveys whenever practical.
Guidance for testing products via market research varies depending on the category a medication falls into:
If subjects are taking non-prescription drugs (i.e. over the counter - OTC) during market research surveys, it is recommended that an appropriate healthcare professional is present.
For market research involving medical devices (i.e. there is no active product involved), if the device is not CE marked, is an implantable device, is to be used outside the approved license or could potentially cause a patient harm (e.g. use of a needle is involved), the commissioning client company’s medical department MUST approve the market research approach, confirm whether the Guidelines on Medical Devices (MEDDEV 2.7/4) need to be followed and whether an appropriate healthcare practitioner should be present.
When the client entrusts products to an agency researcher’s care, the client commits them self to providing products compliant with laws in force and to give all the necessary information on these products, providing in particular correct information on the directions for use, the ingredients/components list and the transport and storage conditions. Moreover, the client MUST take the necessary measures to provide the researcher with any constraints relating to the security of the products.
Clients are fully responsible for all damage or injury caused by materials or products they have provided to researchers for research purposes unless the researcher failed to follow the care instructions provided by the client - when the materials were in the agency's possession (or the agency breached any other legal obligations).
As with stimulus material, all products should be collected at the end of the interview.
Adverse Event reporting requirements associated with medical devices should be agreed with the Marketing Authorisation Holder before commencing any market research survey.
Personal data includes sound and image data e.g. non-anonymised audio recordings and video footage of an individual from which it would be possible to identify the individual.
MR subjects MUST be made aware at the time of recruitment if their input is to be recorded or observed (even if it is only for analysis purposes by the agency) and why it is proposed.
At the start of fieldwork MR subjects MUST be informed if their personal data is to be passed on to the commissioning client company.
If recordings (to be viewed live or later) of non-anonymised fieldwork are to be made available to the commissioning client company, this is a transfer of personal data, consequently in order to meet the requirements of informed consent, MR subjects should be told:
If MR subjects agree the company name can be withheld until the end of fieldwork to avoid bias or the threat of disguised promotion. However if MR subjects do not want their non-anonymised input to be viewed this MUST be respected
In most countries the data protection/privacy regulator will require the name of the recipient company to be revealed to the MR subject.
When live observation takes place (i.e. there is no transfer of personal data to the commissioning client company) the client identity does not need to be revealed and should not be revealed without the company’s permission. In Germany MR guidelines require that the client’s identity must be revealed if requested.
In Germany live viewing of non-anonymised fieldwork via one-way mirror or sitting in at the agency’s premises (or a sub-contracted specialist facility) is allowed as long as measures are taken to ensure MR subjects are not known and cannot become known to observers. Non-anonymised video footage may not be transferred to the client company to prevent identification of the MR subjects.
In the UK BHBIA guidance states that if fieldwork is viewed:
Recorded data (audio or video that could identify individual MR subjects) given to clients without MR subject consent MUST be anonymised.
MR subjects’ written consent for audio or video recording should be obtained at the beginning of the interview before recording commences, oral consent is satisfactory in Germany. Where multiple purposes exist or are possible, explicit consent for each purpose should be obtained. Combining non-research purposes with market research is prohibited by MR guidelines in Germany, adverse event reporting within the context of a market research project is considered a market research activity.
If a MR subject withdraws from the research at any stage e.g. during a group discussion, their contribution MUST be withdrawn from the final analysis and reporting, if they request this.
If the recipient(s) of the non-anonymised recorded data changes after MR subjects have given consent for its release, all MR subjects MUST be re-contacted (assuming consent or re-contact has been give) and consent given for further release, giving details of the people to whom the data will now be shown.
To ensure that unauthorised viewers cannot access recorded material EphMRA recommends that the commissioning agency/client ensures that:
Recordings should not be archived for no longer than is required to fulfil the purposes of the study. In Germany, MR industry guidelines stat that end clients must destroy copies of non-anonymised recordings after 3 months.
Recordings should not be archived for no longer than is required to fulfil the purposes of the study. In Germany, MR industry guidelines state that end clients must destroy copies of non-anonymised recordings after 3 months.
If it is possible that the MR subject could be identified by the audio-recording alone they should not be passed to client companies unless the MR subject has given their informed consent, although requesting consent is prohibited by MR industry guidelines in Germany.
The agency MUST ensure that the country or organisations in those countries to which any personal data are transferred by them or their sub-contractors have adequate data protection measures in place, particularly outside the EEA.
When client observers are introduced, they do not need to be introduced by name. It is sufficient to tell MR subjects the nature of their roles within their company and in general terms their reasons for observing. Clients or their sub-contractors MUST NOT be passed off as members of the research agency.
Observers should be informed of their responsibilities towards MR subjects and agree to:
These conditions should apply whether observers are watching a recording or video stream in remote locations or are viewing at the research location.
In Canada, MRIA members must make sure that any observer of fieldwork or recipient of a fieldwork recording is aware of the requirements of the MRIA Code and the need to abide by these.
Based upon the Guideline on good pharmacovigilance practices (GVP), Module VI – Management and reporting of adverse reactions to medicinal products, European Medicines Agency 22 June 2012 EMA/873138/2011
EphMRA’s Adverse Event Reporting Guidelines detail the scope of market researchers’ adverse event reporting responsibilities and the requirements of the process.
Details of suspected adverse reactions that meet the qualifying and minimum reporting criteria should be forwarded by the contracted market research agency and their sub-contractors to the nominated contact within the market authorisation holder that commissioned the market research. This information is assessed by the pharmacovigilance department and if appropriate it will be reported to the regulators as an individual case safety report and/or within a periodic safety update report.
EphMRA’s Adverse Event Reporting Guidelines are based upon legal requirements:
Within the European Union, MAHs are legally obliged to report suspected adverse reactions and those adverse events that they consider to be signals. Market research (MR) studies commissioned by pharmaceutical companies (MAHs) but carried out on their behalf on a sub-contract basis by independent MR agencies are subject to the EMAs adverse reaction and event reporting guidelines detailed in module VI and module VII. However if an organisation is conducting an MR programme independently, without being commissioned, financed or influenced by a MAH, the requirements provided in EU pharmacovigilance legislation do not apply. It is the MAH’s responsibility to set up contracts with the market research supplier detailing how they would like adverse event reporting to be implemented during the course of the study and the training required.
The term ‘adverse event’ is used as an umbrella term within this section and refers to adverse events, potential adverse reactions, product complaints and specific reporting situations such as drug interactions.
EphMRA members should understand and adhere to the EphMRA Adverse Event Reporting (AER) Guidelines and ensure others involved in market research (MR) abide by the guidelines too – such as suppliers and sub contractors as well as colleagues in marketing, sales and national/local market researchers.
The AER Guidelines apply irrespective of which functional area or organisation/department within the marketing authorisation holder (MAH)/pharmaceutical company initiated the work i.e. whether the work is commissioned by the department responsible for market research, marketing or another function.
All MR subjects whether healthcare professionals or not should be informed at recruitment of the requirement for MAHs to report adverse events that arise during MR.
EFPIA disclosure requirements and the US Sunshine Act do not generally require agencies to identify to client companies the names of the healthcare professionals who report adverse events.
Glossary & Terminology
AE : Adverse Event
AER : Adverse Event Reporting
AR : Adverse Reaction
EU : European Union
HCP : Healthcare Professional
ICSR : Individual Case Safety Report
MAH : Marketing Authorisation Holder
MR : Market Research
PSUR : Periodic Safety Update Report
PV : Pharmacovigilence
"All applicable legal requirements detailed in this Module are usually identifiable by the modal verb "shall”. Guidance for the implementation of legal requirements is provided using the modal verb "should”.”
The European Medicines Agency categorises adverse event reports as solicited or unsolicited depending upon their source. With regard to market research sources solicited reports include AEs from MR studies except when social media/digital listening is used, AEs arising from digital listening are classified by the EMA as unsolicited reports.
Adverse events may be collected within Individual Case Safety Reports or as Signals within Periodic Safety Update Reports collated by the marketing authorisation holders’ pharmacovigilance department and forwarded to the regulators.
Solicited reports are "derived from organised data collection systems, which include clinical trials, non-interventional studies, registries, post-approval named patient use programmes, other patient support and disease management programmes, surveys of patients or healthcare providers, compassionate use or named patient use, or information gathering on efficacy or patient compliance." The European Medicines Agency (EMA) state that "safety reports originating from market research (MR) programmes should be considered as solicited reports. A MR programme refers to the systematic collection, recording and analysis by a marketing authorisation holder of data and findings about its medicinal products, relevant for marketing and business development".
Unsolicited reports include spontaneous reports, literature reports, other sources e.g. lay press and those from the internet or digital media. The EMA states that:
Consequently AEs arising from the use of social media to gather market research information i.e. digital listening will be unsolicited reports whilst those cited during any other form of online market research, face to face, telephone or postal market research will be solicited reports. This does not make any difference to market research activities.
Individual Case Safety Report (ICSR) refer "to the format and content for the reporting of one or several suspected adverse reactions in relation to a medicinal product that occur in a single patient at a specific point of time. A valid ICSR should include at least one identifiable reporter, one single identifiable patient, at least one suspect adverse reaction and at least one suspect medicinal product.”
Signals are "information arising from one or multiple sources, including observations and experiments, which suggests a new potentially causal association, or a new aspect of a known association between an intervention and an event or set of related events, either adverse or beneficial, that is judged to be of sufficient likelihood to justify verificatory action.”
ICSRs are forwarded directly to regulators and ICSRs and signals are incorporated into periodic safety update reports these are the "format and content for providing an evaluation of the risk-benefit balance of a medicinal product for submission by the marketing authorisation holder at defined time points during the post-authorisation phase.”
Source: Module VI – Management and reporting of adverse reactions to medicinal products, European Medicines Agency 22 June 2012 EMA/873138/2011
Researchers must when requested by clients allow independent checks on the quality of data collection.
Personal data e.g. contact details should only be stored for future use if consent has been given.
Personal data MUST be destroyed as soon as the purpose of the study is redundant.
In Russia, Personal data should not be stored for longer than it is needed for processing unless the personal data retention period is established by a federal law or a contract.
The researcher/agency should store research records for an appropriate length of time - there are no absolute guidelines on how long this should be. This period will vary according to the nature of the data, the type of project and the need for future research or follow up analysis. Personal data (such as recruitment questionnaires) can be destroyed before non-personal data (such as tabulations).
The data disposal method should be appropriate to the sensitivity and confidentiality of the data.
If video streaming has been used to allow remote viewing of fieldwork it is possible that the video transmission system used delivered a copy of the recording to the receiving computer. If this was the case the researcher MUST take steps to ensure that any copy of the video stream saved on the observer’s computer is deleted.
ESOMAR Guide on Passive Data Collection, Observation and Recording
Researchers should take reasonable steps to ensure that:
Combining data is permissible as long as personal data is not released to the client company when data is combined and combining the data does not enable the client to identify the MR subject.
The client should not publish any of the results of the survey without the approval of the agency unless otherwise agreed in advance.
In Spain, market research studies not published in renowned scientific/medical publications (i.e. NEJM, Lancet, etc.), cannot be used as references for prescription medicines promotional materials.
In Turkey, the AIFD Code of Good Promotional Practice and Good Communication 2015 5.2, states that the use of IMS grid sales data in promotion does not conform to the Code.
Researchers should check any client-prepared materials prior to publication to ensure that the research results are not misleading.
Full details of the source should be referenced, and material included must not breach copyright.
In the USA, CASRO and MRA members are obliged to disclose the:
CASRO Code of Standards and Ethics for Survey Research,
In the Netherlands MOA affiliated researchers commit themselves to sending out a research framework, when sending out press releases intended to publish research findings. The request is made to both the external media, and to the internal press services, to add the framework at the bottom of the article.
If research is misreported by a client, the researcher should as soon as possible:
The name of the agency for which the interviewer is working (whether employed or sub-contracted) should be given verbally and it is good practice for the interviewer to give his/her name to the MR subject.
To gain the trust of MR subjects without having the benefit of face-to-face contact, the interviewer should give the name of the agency that he/she represents and MUST give their own or an agreed contact name.
Do not call lists specific to market research must be respected.
Researchers should take special care when contacting MR subjects via mobile phones (whether by voice, text or email), with regard to MR subject safety and privacy:
When calling mobile phones researchers should recognise that even where legislation restricts unsolicited calls for commercial purposes but not market research, it is important to consult and apply any existing research-specific do-not-contact lists for mobile and fixed line phones.
ESOMAR advises against the use of unsolicited text messages to recruit market research study MR subjects and provides a ‘Summary of regulations covering unsolicited contacts (business to consumer)’ May 2013, this is available on the ESOMAR website.
If using a mobile phone means the MR subject incurs a cost this should be reimbursed, researchers should ensure that participating in market research does not disadvantage MR subjects financially.
MR subject concent is required for the use of an app and MR subjects MUST be made aware of its purpose, the type of data it collects and its impact on functioning or performance such as degradation of battery life. See also 17.7 and for further details see ESOMAR’s Guideline for Conducting Mobile Market Research.
It is suggested that legal advice is sought if an app uses a location device or tracks activities without user engagement (e.g. passive listening) to ensure that data protection and privacy rights are not contravened.
Regulations in force in Canada could potentially establish legal liability for researchers contacting potential MR subjects via a mobile device. In general, researchers must not make unsolicited email approaches to potential participants unless individuals have a reasonable expectation that they may be contacted for market research due to a pre-existing relationship with an organisation.
In Germany and the UK the use of predictive/auto-diallers is restricted. In the USA they are permitted only if the MR subject has given prior explicit consent. When they are used, "abandoned or silent calls”, (i.e. there is no live interviewer) immediately available, are not allowed. https://www.mrs.org.uk/pdf/2012-02-23%20Regulations%20for%20Predictive%20Diallers.pdf
In Germany telephone interviews that are in any way directly linked with telephone marketing are prohibited. For further details upon telephone interviewing in Germany see Guidelines on Telephone Surveys published by the German market research organisations.
In the Netherlands the ‘Onderzoekfilter’ is set up specifically for registering ‘do-not-call’ requests regarding market research. Research agencies affiliated to the MOA, the FEB and the VSO, the associations of the market and policy research, MUST check the available phone numbers at the ‘Onderzoekfilter’ before starting any unannounced telephone surveys.
In the USA the CASRO Code of Standards and Ethics requires research organisations to verify that individuals contacted for research by email or text message have a reasonable expectation that they will receive email or text message contact for research (and provide further detail upon what constitutes ‘reasonable expectation’).
In the USA the Federal Government has recognised the distinct separation between survey research and telemarketing. The restrictions included in the 1995 Telemarketing and Consumer Fraud and Abuse Prevention Act, the 1991 Telephone Consumer Protection Act, and the 2003 National Do Not Call Registry apply to telemarketing and NOT to market research calls. Under the laws, calls made for sales-related purposes MUST comply with the ‘do-not-call’ request of the person called. Telephone calls for survey research purposes are not bound by these provisions, although companies should be careful in drawing this line and should be aware of ongoing debate and concern about survey activities by some regulators and legislators. However, CASRO members maintain internal do-not-call lists of those individuals who have specifically requested not to be contacted by that company for participation in survey research.
FCC Regulations (October 2013), permit market reserach calls made to mobile phones using an auto-dialler only with the "prior express consent" of the intented recipient to receive such calls.
In the USA there is a federal prohibition on calling:
–A doctor’s office or a healthcare facility where the called party is charged for the call or in such a way that 2 or more telephone lines of a multi-line business are engaged simultaneously.
–Cell/mobile phones with an auto-dialler (any equipment capable of dialling a telephone number prior to a live operator being available to exclusively handle the call).
In addition, operators of automated dialling equipment need to remove any number classified as a public safety answering point (PSAP), in line with the Telephone Consumer Protection Act (TCPA).
Observational or ethnographic research are defined as any research form which relies significantly upon the observation of human behaviour as one of its data sources, whether MR subjects are openly observed (participant observation) or covertly or indirectly observed (non-participant).
Images of people on film and audio recordings of them would be considered as personal data under Data Protection legislation.
When conducting ethnographic market research, researchers are advised to:
There are a number of constraints upon how covert observational data may be collected and used:
Online or internet research refers to research in which a MR subject or researcher is involved in any of the following:
Mobile market research (sometimes referred to as eResearch) involves the collection of information by mobile device (mobile phones, tablets and other similar mobile computing devices) for market research purposes.
These guidelines apply to market research carried out on mobile phones or devices and to browser based or downloaded applications, passive and active data collection.
An online ‘access panel’ is defined as a sample of potential MR subjects willing to receive invitations to participate (if selected) in future online interviews. Further guidance for research suppliers setting up and managing online panels are available from ESOMAR at www.esomar.org/index.php/26-questions.html. These cover panel recruitment, project management, monitoring, maintenance and data protection issues.
A MR subject’s email address or other personal identifiers (e.g. screen or user name or device identifier) is personal data where it refers to an individual and therefore needs to be protected in the same way as other identifiers. A person's digital image is personally identifiable data. Geo-location data may be considered personal data too.
In the UK market research emails are not defined as commercial communications within the 2011 Amended Privacy and Electronic Communications Regulations. Consequently clients can forward customer email addresses to agencies (for recruitment purposes), unless the client has included market research in their standard data protection opt out policy.
Informed consent and a means to provide it are required. Written consent is preferable but use of an on-screen check box is generally acceptable for data protection purposes.
MR subject consent is required for the installation and use of software such as an app and MR subjects MUST be made aware of its purpose, the type of data it collects and its impact on functioning or performance such as degradation of battery life. For further details see ESOMAR's Guideline for Conducting Mobile Market Research.
If a repeat or follow-up survey is intended, a statement concerning Data Protection MUST be displayed on the MR subjects’ screen by the end of the first interview (although this is not compulsory in Spain), while obtaining their consent for the necessary storage of their address data. MR subjects should also be given the opportunity to print out this statement. The MR subjects MUST be able to refuse further participation in the survey via a suitable option and to refuse further contact by email in connection with the survey.
When emails are sent in batches, MR subjects’ email addresses MUST be kept confidential, so for instance blind copying should be used.
MR subjects should be alerted to any costs they may incur e.g. online charges and recompensed for these.
MR subjects should be told of the researcher’s identity and given contact details. They should also be given the opportunity to find out more about the research agency carrying out the study, by giving them the name of the organisation together with an address, a corresponding hyperlink is recommended. When working overtly in social media sites, researchers should also provide contact details.
Researchers MUST use adequate technologies to protect personal and sensitive data when collected, transmitted or stored on websites or servers.
Clients should be made aware of the potential risks of using confidential information in online or mobile surveys (e.g. within product profiles). Agencies should be required to implement strict security procedures. Confidential information even if protected by non-disclosure agreements is easily/printed/stored/forwarded and practically impossible to remove from circulation.
MR subjects should be told the length of time the questionnaire is likely to take to complete under normal circumstances (e.g. assuming connection is maintained and standard connection speed).
Where lists (including client-supplied lists) are used for sample selection, the source of the list MUST be disclosed. Where these are derived from website registration databases, researchers MUST check that registration was voluntary and that the data are current.
Researchers should avoid intruding unnecessarily on the privacy of MR subjects. ESOMAR advises that unsolicited e-mail approaches to potential MR subjects should not be made even in countries where this is permitted by law unless individuals have a reasonable expectation that they may be contacted for research.
ESOMAR provides a ‘Summary of regulations covering unsolicited contacts (business to consumer)’ May 2013, http://www.esomar.org/uploads/professional_standards/guidelines/ESOMAR-Codes&Guidelines-Legislative-issues-unsolicited-contacts.pdf
When receiving email lists agencies should verify that individuals listed have a reasonable expectation they will be contacted for market research purposes.
In Mexico, unsolicited email must not be sent unless a previous relationship exists, and the recipient is aware and agrees to that use in the sender's privacy disclaimer.
In the Netherlands article 11.7 of the Telecommunications Act (Telecommunicatie wet) requires prior consent from individuals to be contacted via their email addresses for commercial (charitable or idealistic) purposes. When an e-mail address is used for sending invitations for research, or for sending a survey, this is considered not to be commercial (charitable or idealistic) purposes, but purely for research, information gathering, and therefore prior consent is not required. If, however, under the pretense of market research the intention is to sell something, this exception does not apply.
In the USA the Federal CAN SPAM Act and CASRO's mandatory Code of Standards requires prior consent from individuals to be contacted via their email address. CASRO's Code requires research organisations to verify that individual's contacted for research by email or text message have a reasonable expectation that they will receive email or text message contact for research (and provide further detail upon what constitutes 'reasonable expectation').
Studies should provide either the client’s identity or an opportunity to ask for it if there is no interviewer to make the request of spontaneously, at an appropriate point within the study - the client’s identity should be given if sampling from a customer database (i.e. the client supplied a list of potential MR subjects).
In Germany, the ADM Standards for Quality Assurance for Online Surveys state that participants within online surveys MUST be actively selected (i.e. they MUST opt-in) as opposed to passive self-selection. ADM Standards for Quality Assurance for Online Surveys 2007
Measures should be in place to validate the identity of MR subjects (to avoid surrogate MR subjects) and to check the quality of responses (e.g. to identify cursory or random response patterns).
The AMSRS (Australia), the MRS (UK) and CASRO (USA) also provide the following guidelines, drawn from the Draft Mobile Research Guidelines August 2013:
Researchers MUST NOT:
MR subjects MUST always be told at the first opportunity when software is being used to collect information about them, they MUST also be told:
Explicit consent for downloading software to be used for market research purpose should be sought and a means provided to address questions.
ESOMAR provides example disclosure statements within its Guidelines for Online Research 2011 which details a series of 15 'Unacceptable Practices' that researchers must forbid or prevent.
In Germany websites that use analytics tools MUST give users the chance to opt out.
For the USA CASRO provides detailed guidelines with regard to the use of active agent technology within its Code of Standards and Ethics.
Panel members MUST be made aware that they are members of a panel and should be reminded of this at regular intervals. Access panels are a sample database of potential MR subjects who declare that they are willing to receive invitations to participate in future online interviews. At recruitment potential panel members MUST be told that their personal may be stored for further market research.
ESOMAR provides a series of guidelines on internet access panels, covering panel recruitment, management, monitoring, maintenance and privacy/data protection, and a battery of 26 Questions to help research buyers. More details can be found within these guidelines and the question battery can be found at ESOMAR Guideline for Online Research Aug 2011.
ESOMAR are also developing joint guidelines with the GRBN for Online Sample Quality which provide guidance on the operational requirements for providing online samples for market, research. https://www.esomar.org/uploads/public/knowledge-and-standards/codes-and-guidelines/ESOMAR-GRBN-draft-Online-Sample-Quality-Guideline-April-2014.pdf
Social media is defined by ESOMAR as internet based platforms and technologies that permit users’ interaction and/or facilitate the creation and exchange of user generated content.
Widely used examples include:
You must have legal grounds for accessing content on social media, these are likely to be either consent or legitimate interests. When conducting social media market research, researchers are bound by the terms and conditions attached to access of the online services. Many service providers include intellectual property rights clauses that prohibit copying of material without consent. Researchers should ensure that they abide by the terms and conditions attached to use of site content. However if consent for listening/scraping is not given, researchers can read and précis the content.
Care should be taken to ensure that anonymous quotations are indeed anonymous and cannot be traced back to reveal their original source.
No attempt should be made to identify contributors. ESOMAR states that this MUST be a contractual obligation if the data is passed on to the client or another researcher. If a contributor’s comments are to be made public (i.e. cannot be covered by contractual obligations) and the contributor is identifiable, their consent should be sought or the comment disguised or ‘masked’ appropriately.
Quotations containing personally identifiable information (PII) can only be provided to the client if the contributor has given their consent for this and it has been made clear that they will not be subject to promotion as a result of this. In Germany, MR subject identity must remain anonymous and MR subjects cannot be asked to waive their right to confidentiality.
In ‘private’ SM spaces (ones in which users would expect their comments to be private), researchers should seek and gain the consent of contributors to listen in/scrape comments and comments given to clients MUST be masked unless the contributor gives consent for their comments to be passed on verbatim. This assumes the terms and conditions have not given explicit site owner and site user consent for listening in/scraping.
In Germany it should be remembered that local market research guidelines prohibit asking MR subject/contributor consent to pass their personal data to the client company.
Consent from the site/service owners and contributors/users MUST be given.
Researchers MUST declare their presence, they MUST NOT represent themselves as anything other than market researchers.
Contributors should be told the identity of the research organisation, purpose of the market research, what sort of data will be collected, how their comments will be used and who will have access to it.
Contributors should be provided with contact information for the researcher or research agency.
Online space created specifically for MR such as MROCs should fulfill the following criteria:
Adverse event reporting requirements are the same when market researchers use social media as a source of market research data as any other market research medium such as face to face interviews. Marketing authorisation holders and their agents have an obligation to collect and follow-up on the adverse events and product complaints associated with their products. This applies to public and private sites, passive and active approaches and to company sponsored and non-company sponsored websites.
If a company chooses to listen-in to or ‘scrape’ from non-company sponsored sites, whether public or private (with consent) it is recommended that the listened to pages should be monitored for adverse events for the period of the listening-in activity only. There is no obligation for researchers to monitor non-company sponsored sites routinely for adverse events if they are not being used for a market research purpose.
When researching existing or future potential medical treatments with patients, care should be taken not to:
Interpretation of national legislation on data protection and patient anonymity in Finland and Sweden appears to suggest that direct use of patient records for market research is prohibited, even if the data is anonymised, unless written consent from the patient has been secured. It is acceptable for physicians to complete patient record forms from memory although great care must be taken to ensure that the patient cannot be identified directly or indirectly. EphMRA strongly advises that the sponsoring pharmaceutical company's legal department seek local advice on the matter.
In Greece, the SfEE’s Code of Ethics states (within the English translation) that:
Simulated consultations between a patient and a healthcare professional (known or unknown to each other) are a legitimate research approach however they should be conducted with great care because they may lead to misunderstanding with the patient. It is important that participating patients are fully aware of the nature of the research and that the consultation is a simulation and not a substitute for a normal consultation.
There is no restriction upon the use of protected health information if it has been de-identified. There are two ways to de-identify data. The first method is to remove all identifiers such as:
(B) All geographic data , including street address, city, county, part or all of the postal code
(C) Elements of dates (except year) directly related to an individual, including birth date, admission date, discharge date, date of death; and identifying ages e.g. those over 89;
(D) Telephone numbers;
(E) Fax numbers;
(F) Electronic mail addresses;
(G) Social security numbers;
(H) Medical record numbers;
(I) Health plan numbers;
(J) Account numbers;
(K) Certificate/license numbers;
(L) Vehicle identifiers and serial numbers, including license plate numbers;
(M) Device identifiers and serial numbers;
(N) Web Universal Resource Locators (URLs);
(O) Internet Protocol (IP) address numbers;
(P) Biometric identifiers, including finger and voice prints;
(Q) Full face photographic images and any comparable images; and
(R) Any other unique identifying number, characteristic, or code
The second option is to have a qualified statistician determine that the risk is very small that the information could be used to identify the individual.
Vulnerable MR subjects are those who for whatever reason could be more susceptible than normal to physical or mental stress induced by the research process. Patients may well prove to be vulnerable MR subjects because of their age, physical or mental health. A vulnerable MR subject could be someone who is HIV positive or has cancer, a psychiatric illness or is physically handicapped.
If the MR subjects are considered vulnerable, then the following questions should be considered:
When a potentially sensitive issue has been discussed with a vulnerable MR subject members may provide information or relevant helpline information.
In the UK the Mental Capacity Act passed in April 2005 enforced in 2007 provides codes of conduct on how vulnerable adults who lack the capacity to consent for themselves should be consented into research. The Act allows for another adult such as a next of kin or legal representative to consent on their behalf, the patient’s doctor cannot give this consent alone. However there is an onus on the researcher to withdraw the MR subject from the study if they show any sign of being unhappy or distressed by being included in the study.
When conducting research with children or young adults, ESOMAR advises that in the absence of a national definition, a ‘child’ is a minor 12 years old or less and a ‘young person’ is 13 to 17 years of age. In Canada, a child is to be defined as under the age of 14, a young person as aged 14-17. In Mexico, all those under 18 are considered children. The UK MRS Code of Conduct defines a child as a person under the age of 16 and 'young people' refers to those aged 16 and 17 years. In the USA the Children's Online Privacy protection Act (COPPA) requires verifiable parental or the legal guardian's consent for interviewing children below the age of 13 years.
Consent from the responsible adult i.e. an adult responsible for the child's safety and welfare at the time of the research, is required to ask the child whether they will participate. Consent of a parent or responsible adult MUST be obtained before interviewing a child under 15 in the following circumstances:
In Germany, children under 11 MUST have consent (oral) to participate from their legal representative. With children aged 11-13, the agency may establish if the child has the necessary cognitive faculty and not seek consent but if they are under 14 years, the interview should not be conducted without the knowledge of an adult present in the home. In addition, consent is always needed if personal data relating to adults will be asked of the children at recruitment or during the interview.
In Mexico, written consent from the responsible adult must be obtained for all market research with MR subjects under 18 years of age.
In the UK in certain circumstances the adult consent may be waived but only with permission from the MRS’s Standards Board.
Explicit consent from the child MUST also be given; the child MUST have their own opportunity to agree or decline to participate. When online research is carried out, a notice to children informing them of the requirement for consent MUST be shown at the point where personal information is requested.
Personal information relating to other people MUST NOT be collected from children unless it is to be used to gain consent from a parent/responsible adult. Where consent is being sought, it may be preferable for some classification questions to be asked of the parent/responsible adult, rather than the child/young person.
Details of the person giving consent (name and role) should be recorded.
The responsible adult MUST be made aware of any observation or recording.
EphMRA recommends that online research is not conducted with children under the age of 14.
For online research with children MR subjects should be asked to give their age before any other personal information is requested. If the age given is under 15, the child MUST be excluded from giving further personal information until the appropriate consent from the responsible adult has been obtained and verified.
A notice to the parent/responsible adult should be placed on the website or sent via email asking for their consent for the child to participate in online market research. ESOMAR provide guidelines upon the recommended content of such a notice. See ESOMAR Online Research Guidelines 2011.
Consider the necessity for the presence of a parent/guardian during fieldwork. It is recommended that when interviewing a child in their own home, a parent/responsible adult is present, not necessarily in the room but in the house. If a child or the responsible adult asks for an adult to be present, this request should be respected.
The researcher should ensure that the responsible adult has full details of the research venue, name of moderator, finishing time, etc.
No study can ask a child to do something illegal for their age.
Language on questionnaires should be suitable for the age group.
Refreshments provided should be suitable for the age group and care should be taken to avoid any products that are known to cause allergic reactions.
The researcher should take responsibility for safely handing over the child/young person after an interview or ensuring that arrangements for them to get home safely are in place.
In Canada, MRIA affiliated researchers must take into account the degree of maturity of the child or young person involved when considering what subjects may or may not be safely dealt with in an interview.
Where incentives are used they should be suitable and acceptable for the age of the child/young person and fitting for the task required.
If a child is going to be asked to test a product or device, the responsible person should be allowed to see this and (if they wish) to try it themselves.
If children/young people are to be asked to take part in any form of product or device testing, researchers should take special care to ensure that the products/devices are safe to handle or consume and that the child/young person does not suffer from any relevant allergy. EphMRA recommends that active medicines are not used in market research with children.
Criminal record checks for interviewers may be necessary in some circumstances but it is not necessary for all researchers..
www.mrs.org.uk/standards/downloads/revised/active/children_young_people_mar06.pdf Aug 2009
When recruiting MR subjects that have a pre-existing relationship with the company e.g. clinical investigators, opinion leaders or advisory board members, it is acceptable for the initial invitation to participate in the market research to come from the client company. However their decision to participate or not, MUST remain confidential ie the client company MUST NOT know who did or did not participate.
A senior member of the marketing or clinical department may provide the following information in writing – an outline of the:
In some countries the professional associations or employers (for/of salaried healthcare professionals) may need to give approval for their members/employees to take part in market research studies.
Given the potentially sensitive nature of discussions with payers and influencers, care should be taken to ensure that their professional role is respected and they are not pressured to impart inappropriate information.
Please note the guidelines provided within Section 5, K7 Sensitive Topics.
Ad hoc market research - Is designed and paid for by just one company, the research is exclusive to the commissioning company, who own the resulting data.
Agency - any individual, organisation or department, which is responsible for, or acts as, a supplier on all or part of a market research project.
Anonymisation - he process of removing, obscuring, aggregating or altering identifiers to prevent the likely identification using reasonable means of the individuals to whom the data originally related.
Anonymity has two interpretations:
Carer – Professionals or unpaid relatives/friends who provide care for those who because of illness or disability require support, this care may be medical and non-medical.
Client - Any individual or organisation that commissions (including requests or subscribing) all or part of a market research project.
Confidential Research - Research projects for the purposes of market research that do not disclose personal details at an identifiable level.
Consent - The freely given and informed agreement by a person to take part in the market research and the processing of his/her personal data
Consultant - Any individual or organisation that provides research services. Consultants can also be a sub-contractor in the research relationship.
Data Controller - A person who alone, jointly or in common with others determines the purposes for which and the manner in which any personal data are processed and is responsible for ensuring that the provisions of Data Protection legislation are complied with.
Data Processor - Any person (other than an employee of the Data Controller) who processes data on behalf of the Data Controller.
Data subject – any individual whose personal data is used for market research.
Digital listening is the process of extracting data from social media data for analysis. This can be automated or done manually.
Harm – includes tangible or intangible, material or moral, or societal harm and so could include financial cost, excessive intrusion, damage to reputation.
Healthcare professional (HCP) - any licensed member of the medical, dental, pharmacy or nursing profession or any other person who, in the course of the professional activities, may administer, prescribe, purchase, recommend or supply a medicine. Non-HCP could include a patient, sufferer, carer, family member or member of the public.
Identity - The identity of a MR subject includes, as well as his/her name and/or address any other information which offers a reasonable chance that he/she can be identified by any of the recipients of the information.
Interview - Any form of contact with a MR subject to collect information for market research purposes.
Interviewer - The person who collects data from MR subjects for market research purposes.
Masking is a technique whereby the original social media data such as comments, photos or videos is altered to a point that it cannot be traced back or attributed to the original user (e.g. using a search engine).
MR subject – an individual or organisation that is approached for interview or from which information is collected for the purposes of a market research project, whether they are aware of it or not. This term individuals and organisations who that are involved actively or passively and replaces the use of the term respondent and participant.
MROC (Market Research Online Community) describes an online community created specifically for the purposes of market, social and opinion research. Others include DORC (Dedicated Online Research Community).
Passive social media monitoring - is the extraction of data from social media for analysis, there is no interaction with the contributor. It is also known as digital listening or scraping.
Primary market research - Generates original data collected to solve the problem in hand, data is collected directly from MR subjects. Primary data is derived from new and original research designed to address a specific purpose.
Public Domain - Information, which is published and generally accessible or available to the public, content that is not owned or controlled by anyone, intellectual property being not protected under patent or copyright, in market research context it refers to information that is freely available, without restriction.
Public Place - One to which the public has free access and where an individual reasonably could expect to be observed and/or overheard by other people (e.g., in a shop or on the street).
Record - Defined as any brief, proposal, questionnaire, MR subject identification, check list, record sheet, audio or audio-visual recording or film, tabulation or computer print-out, EDP disc or other storage medium, formula, diagram, report, etc. in respect of any marketing research project, whether in whole or in part. It covers records produced by the client as well as by the researcher.
Recruiter - The person who identifies and invites MR subjects to take part in a market research project.
Researcher - An individual or organisation carrying out, or acting as a consultant on, a market research project, including those working in client organisations.
Secondary market research - Involves collecting and using data that already exists. This data is then re-used and re-analysed, so it is data already gathered for one use that is then utilised for another purpose.
Sensitive Data - Defined as personal information covering the racial or ethnic origin of the MR subject; their political opinions; religious beliefs of a similar nature; whether he/she is a member of a trade union; their physical or mental health or condition; sex life; the commission or alleged commission by him/her of an offence or any proceedings for an offence committed and the outcome.
Scraping is the process of extracting data from social media data for analysis. This can be automated or done manually.
Social media data refers to the information (photos, comments, etc.) that users generate or share while engaged in or with social media. It often includes personally identifiable data.
Stimulus material - Material shown or referred to or read out to a MR subject during fieldwork
Sub-Contractor - Any individual or organisation that undertakes a part of a research project (such as the fieldwork).
Syndicated market research - is shared - both the findings and the costs - by a number of clients, however the data is owned by the market research agency.
Transparency - Ensuring individuals have a very clear and unambiguous understanding of the purpose(s) for collecting the data and how it will be used.
Walled garden is an online service which requires users to register or apply for membership before being permitted to participate. A walled garden can only be accessed after the user has obtained a login and/or password, even if entry is automatic.
For more terms and definitions see EphMRA’s Lexicon - A pocket guide to pharmaceutical marketing and market research terms and definitions at www.ephmra.org
Breaches of the Code of Conduct and complaints will be investigated in the first instance by EphMRA’s Ethics Group, and if necessary concerns/complaints upheld by EphMRA may then be referred to the appropriate regulatory body, following which disciplinary measures may be taken by these organisations.
If the Data Protection Directive is breached, action can be taken by the appropriate body in the relevant country e.g. the Information Commissioner’s Office in the UK.
Legislation Supporting the Code of Conduct
The Pro Formas provided are templates but may need to be adjusted to take local/national requirements into account.
Pro Forma 1 - Recruitment Agreement - 2017 version
Pro Forma 2 - Receipt of Incentive - 2017 version
Pro Forma 3 - Permission allowing Client Access to recordings for MR Fieldwork - 2017 version
Pro Forma 4 - Agreement to safeguard Confidentiality of Recordings of MR Fieldwork - 2017 version
Pro Forma 5 - Observer Agreement - 2017 version
All 5 proformas can be found here in one word or pdf file. Please download.