Case Summary
A contactable complainant, who described him/herself as a nurse, raised concerns about the promotion of Toujeo (insulin glargine) in that towards the end of 2020, a Sanofi representative had emailed him/her Toujeo Coach invitations for webinars later in the year. The complainant had not given the representative or Sanofi permission to use him/her email. The complainant stated that the representative apologised but explained that he/she was under pressure, as permission to email and emails sent were being tracked by Sanofi and low performers made redundant. The complainant explained that that was why he/she had not named the representative but considered this a breach of General Data Protection Regulation (GDPR)
The detailed response from Sanofi is given below.
The Panel noted that a complainant had the burden of proving his/her complaint on the balance of probabilities. All complaints were judged on the evidence provided by the parties. The complainant had not named the representative and had requested that the matter be looked into anonymously. The Panel could not ask the complainant for further details and, overall, it considered that there was insufficient information to allow Sanofi to clearly identify the particular circumstances or for it to know whether the complainant had given permission to be contacted by email.
The Panel noted Sanofi’s submission about the arrangements for ensuring that representatives had permission to email health professionals. The company had restructured its diabetes sales force in September/October 2020 with the intention of retaining the highest performing, ‘fit for the future’ people. As part of that exercise, the company had retrospectively assessed each representative’s customers’ provision of consent for receipt of direct marketing/promotional materials by email and his/her customers’ participation in virtual meetings. Whilst this might increase the pressure on the representative to email health professionals, the Panel noted that the assessment was retrospective and so it queried whether it could have had any influence on representative behaviour. It was possible that the representative was concerned that such an exercise might happen in the future. In any event, it appeared that the restructuring exercise was completed by mid October 2020, by which time all those impacted by the reorganisation had been advised of their own outcome; Sanofi assumed that the complainant had referred to emails sent by representatives to UK health professionals in November 2020.
The Panel noted that representatives were briefed only to email Toujeo prescribers who had given their consent to receive direct promotional emails. The Panel noted that as of March 2020, there were no activity metrics for input measures such as expected or actual customer contacts. Based on the evidence before it, the Panel did not consider that Sanofi’s briefings advocated any course of action which would be likely to lead to a breach of the Code in relation to invitations to the meetings at issue.
There was no information before the Panel that Sanofi had breached GDPR as alleged.
A judgement had to be made on the available evidence bearing in mind the extreme dissatisfaction usually necessary on the part of an individual before he/she was moved to submit a complaint. The Panel did not consider that the complainant, who bore the burden of proof, had established his/her case on the balance of probabilities in relation to the emails which he/she stated had been received from the representative. The Panel therefore ruled no breaches of the Code.
CASE AUTH/3471/2/21 NO BREACH OF THE CODE
COMPLAINANT v SANOFI
Conduct of a representative
A contactable complainant, who described him/herself as a nurse, raised concerns about the promotion of Toujeo (insulin glargine) in that towards the end of 2020, a Sanofi representative had emailed him/her Toujeo Coach invitations for webinars later in the year. The complainant had not given the representative or Sanofi permission to use him/her email. The complainant stated that the representative apologised but explained that he/she was under pressure, as permission to email and emails sent were being tracked by Sanofi and low performers made redundant. The complainant explained that that was why he/she had not named the representative but considered this a breach of General Data Protection Regulation (GDPR)
The detailed response from Sanofi is given below.
The Panel noted that a complainant had the burden of proving his/her complaint on the balance of probabilities. All complaints were judged on the evidence provided by the parties. The complainant had not named the representative and had requested that the matter be looked into anonymously. The Panel could not ask the complainant for further details and, overall, it considered that there was insufficient information to allow Sanofi to clearly identify the particular circumstances or for it to know whether the complainant had given permission to be contacted by email.
The Panel noted Sanofi’s submission about the arrangements for ensuring that representatives had permission to email health professionals. The company had restructured its diabetes sales force in September/October 2020 with the intention of retaining the highest performing, ‘fit for the future’ people. As part of that exercise, the company had retrospectively assessed each representative’s customers’ provision of consent for receipt of direct marketing/promotional materials by email and his/her customers’ participation in virtual meetings. Whilst this might increase the pressure on the representative to email health professionals, the Panel noted that the assessment was retrospective and so it queried whether it could have had any influence on representative behaviour. It was possible that the representative was concerned that such an exercise might happen in the future. In any event, it appeared that the restructuring exercise was completed by mid October 2020, by which time all those impacted by the reorganisation had been advised of their own outcome; Sanofi assumed that the complainant had referred to emails sent by representatives to UK health professionals in November 2020.
The Panel noted that representatives were briefed only to email Toujeo prescribers who had given their consent to receive direct promotional emails. The Panel noted that as of March 2020, there were no activity metrics for input measures such as expected or actual customer contacts. Based on the evidence before it, the Panel did not consider that Sanofi’s briefings advocated any course of action which would be likely to lead to a breach of the Code in relation to invitations to the meetings at issue.
There was no information before the Panel that Sanofi had breached GDPR as alleged.
A judgement had to be made on the available evidence bearing in mind the extreme dissatisfaction usually necessary on the part of an individual before he/she was moved to submit a complaint. The Panel did not consider that the complainant, who bore the burden of proof, had established his/her case on the balance of probabilities in relation to the emails which he/she stated had been received from the representative. The Panel therefore ruled no breaches of the Code.
A contactable complainant, who described him/herself as a nurse, raised concerns about the promotion of Toujeo (insulin glargine) by a Sanofi representative. Toujeo was indicated for treatment of diabetes mellitus in adults, adolescents and children from the age of 6 years.
COMPLAINT
The complainant stated that towards the end of 2020 he/she had found some Toujeo Coach invitations in his/her email inbox, for webinars late in the year; the emails had been sent by the local Sanofi representative. The complainant stated that he/she was concerned as he/she had not given the representative or the company permission to contact him/her by email. The complainant stated that he/she telephoned the representative who apologised but explained that he/she was under pressure to do so, as permission to email and emails sent were being tracked by Sanofi. The representative went on to explain that this was affecting his/her annual performance and that recently, colleagues had been ranked on that basis and low performers were made redundant. Obviously during the current economic climate, the representative felt pressurised to send the emails. The complainant explained that that was why he/she had not named the representative but considered this breach of General Data Protection Regulation (GDPR) should be investigated as he/she presumed it was not just him/her who had received unsolicited emails. The complainant requested that the Authority looked into the matter anonymously.
When writing to Sanofi, the Authority asked it to consider the requirements of Clauses 1.11, 9.1, 9.9, and 15.2 of the Code.
RESPONSE
Sanofi noted that the complainant had not provided specific details of the emails or webinars at issue. Given the anonymity of the complainant, Sanofi had not been able to check or confirm the details. For the purposes of this response, Sanofi had assumed that the complainant had referred to emails that were sent by Sanofi representatives to a selection of UK health professionals in November 2020 inviting them to attend a Sanofi UK-led webinar held on 19 and 26 November 2020 entitled ‘Additional Support for your Toujeo Patients (Insulin glargine 300 U/ml); Toujeo Coach Q&A Webinar’.
Sanofi submitted that the content for those webinars and the email invitation were developed by the Sanofi head office marketing team. The diabetes representatives were provided with the certified email invitation (ref MAT-GB-2004596 v1.0) and an associated, certified briefing document (ref MAT-GB-2004594 v1.0) (copies provided). The latter instructed on the appropriate audience for the webinars and how to use the template email provided to invite health professionals. The briefing document was explicit that the email was only to be sent to health professionals who had given their consent to receive direct marketing by email from Sanofi and in that regard the company referred to a section of the briefing document headed ‘Compulsory criteria’. On the final page, there was a concluding, boxed section marked ‘Key points to note’ which reiterated that requirement within one of its concluding bullet points:
• You should only invite UK health professionals (or other relevant decision makers) who have given their consent to receive direct promotional marketing emails from Sanofi and are prescribers of Toujeo. Please ensure all compulsory criteria are met.
The Sanofi customer relationship management (CRM) system detailed whether a specific customer had consented to receive direct marketing by email – those consents covered the sending of unsolicited direct marketing, including promotional information, in accordance with the requirements of Clause 9.9 of the Code and the Privacy and Electronic Communications (EC Directive) Regulations 2003. Representatives could readily access the system to check the consent status for their customers and would be aware of the requirement to do so.
Sanofi considered that the briefing document was clear that the email invitation was only to be sent to health professionals who had provided the relevant consents. As the complainant was anonymous Sanofi could not check or confirm the consent-related data it held for him/her.
Sanofi stated that it had undertaken extensive training with its sales force on the consent requirements for emailing direct marketing/promotional materials, including how to check whether customer consent was in place. Representatives in receipt of the Toujeo Coach webinar briefing, which stated that the email was only to be sent to health professionals who had provided consent, would have known that this meant they needed to check the consent status in the CRM system before sending an email to an individual customer.
With regard to the complainant’s comments that the representative was pressurised to send the email invitations and that poor performers were made redundant, Sanofi noted that its diabetes franchise introduced activity metrics at the start of 2020 but due to changes in the external environment related to Covid-19 those ceased to apply from March 2020. The diabetes sales teams were advised to ensure they were available to support their customers where needed, but there were no metrics in place from March 2020 onwards for input measures such as expected or actual customer contacts.
Sanofi further explained that its end of year appraisal for the diabetes representatives was divided into two elements – ‘the what’ which encompassed outputs from their actions and ‘the how’ which assessed their demonstrated behaviours, such as transversal working across the company, their ability/agility to react to change and how they developed themselves and others. Recognising the challenges posed by the current external environment, it was decided not to appraise staff differentially on ‘the what’ for 2020 as there had been limited opportunity for individual representatives to influence their outputs, as a result of limited direct customer activity over the year. All staff were therefore automatically assigned a grading which reflected that they had ‘met’ their objectives for that element. There were no annual appraisal measures relating to the number of emails sent, the number of health professionals invited/attending meetings or contacts with health professionals. For ‘the how’ element staff were assessed, as for a normal year, on their displayed behaviours over 2020. For the latter there were no activity metrics.
Sanofi submitted that there were no metrics nor any incentivisation attached to representatives inviting health professionals to the Toujeo Coach webinars. The head office organiser requested an indication of the number of invitations sent by the representatives to health professionals to gauge the level of interest and to anticipate the potential number of attendees for each event. Similarly, there was no performance tracking of the number of attendees generated by individual representatives, no setting of a target number of invitees to be achieved, nor any evidence of a direction or pressuring to achieve a target number of responses.
Sanofi explained that a staff reorganisation in September/October 2020 included the diabetes team; the intention was to retain the highest performing, ‘fit for the future’ people, recognising the accelerated transition Sanofi had seen over 2020 away from the pharmaceutical industry’s traditional ways of face-to-face working. The diabetes team selection criteria covered ‘past performance’ (a scoring based on previous annual appraisals) and the employee’s ‘fit for the future’ capabilities. The latter element included individuals’ ability to work with their customers in a virtual environment; the measures for which included a retrospective assessment of both their customers’ provision of consent for receipt of direct marketing/promotional materials by email (contributing a maximum of 12.5% to the selection score) and their customers’ participation in virtual meetings (contributing a maximum of 12.5% to the score).
Sanofi explained that selection criteria were agreed with senior management, human resources and by the company’s employee forum. The employee forum was made up of employee representatives from across the business who were engaged to represent the views of their colleagues, engage with its business leaders in discussing proposed changes and to assist the organisation in disseminating key information. In the case of a formal consultation process such as last year’s reorganisation, that forum would be key in representing the views of colleagues and the forum members reviewed, provided comment, and agreed the selection proposals and criteria ahead of use. The forum was also one of the routes by which any employee could pose questions, get information, and raise concerns. This could be done anonymously if required. All diabetes staff members impacted by the reorganisation were advised of their own outcome in mid-October 2020 and many of those displaced from their current roles were successful in obtaining a new role in another part of the organisation.
Overall, Sanofi stated that it was confident that its briefing document for the Toujeo Coach webinars was clear on the consent requirements associated with emailing the webinar invitation. Sanofi submitted it was also confident that the representatives had been appropriately trained on the consent requirements associated with emailing direct marketing/promotional materials, were aware of the requirement to access the consent status of their customers in the CRM system and knew how to do so. Sanofi had also not identified any links between annual performance appraisals and activity monitoring and the sending of emails of the type at issue. Whilst Sanofi was saddened that the complainant was moved to raise this complaint, it was presented with limited evidence with which to investigate whether the representative in question acted outside the briefing documents and training provided. Sanofi stated that its investigations had not identified any evidence to support the alleged breaches of Clauses 1.11, 9.1, 9.9 and 15.2.
Furthermore, in respect of the allegation of a breach of Clause 1.11, Sanofi noted that the Panel supervised the Code, which focussed on the promotion of medicines and related activities. It was not the competent authority for the purposes of laws and regulations applicable to the obtaining of consent for direct marketing emails and Sanofi respectfully suggested that the Panel might not properly make adverse findings in relation to those matters.
PANEL RULING
The Panel noted that the Constitution and Procedure stated that the complainant had the burden of proving his/her complaint on the balance of probabilities. All complaints were judged on the evidence provided by the parties. The complainant had not provided the name of the representative and had requested that the PMCPA look into the matter anonymously. In that regard, the Panel could not ask the complainant for further details and, overall, it considered that there was insufficient information to allow Sanofi to clearly identify the particular circumstances or for it to know whether the complainant had given permission to be contacted by email. Sanofi had assumed that the complainant had referred to emails sent by representatives to a selection of UK health professionals in November 2020 inviting them to attend a Sanofi UK-led webinar held on 19 and 26 November 2020.
The Panel noted Sanofi’s submission about the arrangements for ensuring that representatives had permission to email health professionals. The Panel also noted that the company had restructured its diabetes sales force in September/October 2020 with the intention of retaining the highest performing, ‘fit for the future’ people, given the recognition that the pharmaceutical industry was moving away from the traditional face-to-face ways of working. As part of that exercise, the company had used a retrospective assessment of both a representative’s customers’ provision of consent for receipt of direct marketing/promotional materials by email, and his/her customers’ participation in virtual meetings, which together contributed a maximum of 25% to the selection score. Whilst this might increase the pressure on the representative to email health professionals, the Panel noted that the assessment was retrospective and so it queried whether it could have had any influence on representative behaviour. It was possible that the representative was concerned that such an exercise might happen in the future. In any event, it appeared that the restructuring exercise was completed by mid October 2020, by which time all those impacted by the reorganisation had been advised of their own outcome; Sanofi assumed that the complainant had referred to emails sent by representatives to UK health professionals in November 2020.
The Panel noted that the briefing for the emails instructed the representatives only to email health professionals who had given their consent to receive direct promotional marketing emails and were prescribers of Toujeo. The Panel noted that as of March 2020, there were no activity metrics for input measures such as expected or actual customer contacts. Based on the evidence before it, the Panel did not consider that Sanofi’s briefings advocated any course of action which would be likely to lead to a breach of the Code in relation to invitations to the meetings at issue.
There was no information before the Panel that Sanofi had breached GDPR as alleged.
A judgement had to be made on the available evidence bearing in mind the extreme dissatisfaction usually necessary on the part of an individual before he/she was moved to actually submit a complaint. The Panel noted that the complainant bore the burden of proof and did not consider that he/she had established his/her case on the balance of probabilities in relation to the emails the complainant stated that he/she had received from the representative. The Panel therefore ruled no breach of Clauses 1.11, 9.1, 9.9, and 15.2 of the Code.
Complaint received 5 February 2021
Case completed 9 August 2021
