ICH E2D(R1) Guideline: Post-Approval Safety Data Definitions and Standards

What does the new guideline say?

The ICH E2D(R1) revision introduces updated definitions and standards for the Management and Reporting of Individual Case Safety Reports (ICSRs). The core focus is updating how Marketing Authorization Holders (MAHs) manage and report post-marketing safety data, especially data originating from digital sources and structured programs.

When does it enter into force?

The key compliance date is March 18, 2026. Although it has already been adopted by the CHMP (Committee for Medicinal Products for Human Use), companies must perform an impact assessment and align with these standards by this date, even if the Good Pharmacovigilance Practices (GVP) modules have not yet been formally updated.

Are social media platforms affected?

Yes, explicitly. The regulation introduces new obligations for "digital platforms under company responsibility." This includes:

• Company-managed websites
• Mobile applications
• Social media channels managed by the company

New Obligation: There is a requirement for active screening - with a justified frequency - to identify and report potential Adverse Drug Reactions (ADRs). It is no longer acceptable to merely remain reactive; companies must proactively monitor activities on their digital channels.

What needs to be prepared?

The regulation mandates a shift from "reactive" case management to "proactive governance". The primary areas you must prepare include:

• ODCS Identification: Clearly classify all Organized Data Collection Systems (ODCS). This includes Patient Support Programs (PSPs), Market Research Programs (MRPs), and patient registries.
• Data Structuring: Safety data must be properly organized and classified (e.g., clearly distinguishing between solicited and spontaneous cases).
• Vendor Oversight: If external vendors manage your social media or patient programs, you must implement very clear safety clauses in your contracts and demonstrate concrete supervisory oversight.
• Robustness Documentation: During an inspection, authorities will not just evaluate individual cases but the maturity of your governance model. You must document how each program is configured and who is responsible for safety at each step.

Immediate Actions Summary

1. Impact Assessment: Analyze exactly how many programs (PSPs, MRPs) and digital channels the company currently operates.
2. Remediation Plan: Update Standard Operating Procedures (SOPs) to incorporate social media monitoring.
3. Contract Audit: Review all agreements with marketing agencies or patient program vendors.
4. Inspection Readiness: Ensure you can clearly demonstrate and control the entire data flow from the digital platform or program directly to your safety database.

In conclusion, the new regulation forces companies to be significantly more rigorous with the security of data generated in any digital environment the company controls or sponsors.

To learn more about how Vigintake automates this continuous surveillance, visit our Intake Management platform page.