FDA Document Leaks Revisited (Originally published October 1996)
FDA Document Leaks Revisited
James G. Dickinson
After seven months of inaction by FDA's Office of Internal Affairs (OIA), the FBI has taken over investigation of the most serious breach of security at FDA since the generic drug scandal. At the center of the case is last November's leak of proprietary product approval documents belonging to laser manufacturer Visx (Santa Clara, CA) to its competitor Summit Technology (Waltham, MA). Now, it will fall to the bureau to identify and locate the as-yet unknown FDA employee who leaked the documents.
This development, along with questions troubling to anyone who has entrusted secrets to FDA, was revealed at a July 31 hearing of the House Commerce oversight and investigations subcommittee, chaired by Joe Barton (R–TX). "If we can't maintain the confidentiality of documents at the FDA, then we should abolish the FDA," Barton commented.
Both Summit and FDA respectfully declined to appear at the hearing, citing their sensitivity to the ongoing investigation. But the only two witnesses who did appear—Visx CEO Mark Logan and former FDA device reviewer Mark Stern, who reviewed the Visx premarket approval (PMA) application—provided more than enough food for thought. Their testimony provoked both Barton and subcommittee minority leader Ron Klink (D–PA) to vow that the subcommittee will track the scandal to its end, regardless of the outcome of the November elections. Issues that particularly concerned the congressmen included the following:
*Why would Summit CEO David Muller, who has said he received the leaked documents in an envelope at his home last November 24, throw away the envelope? Barton expressed disbelief that anyone receiving such documents would do so.
Disregarding previous insinuations, subcommittee members accepted the assumption that Stern was not the person who leaked the documents to Summit, since his sympathies, if any, lay with Visx. Barton said he regarded Emma Knight, the lead reviewer of Summit's PMA application, now reassigned to FDA's biologics center, as a "major suspect." Knight was no longer handling the Visx application at the time she was purportedly faxed the Visx "approvable" letter that was found among the documents leaked to Muller.
Stern testified that while working on Visx's PMA application, he inferred that his assignment as an inexperienced reviewer was intended to slow down that application's progress while the Summit application was getting speedier treatment from Knight, a far more experienced reviewer. He was not permitted to see any of the Summit application's documents. (One possible explanation for this constraint may have been FDA Center for Devices and Radiological Health (CDRH) management's suspicion of Stern. Testimony was given that Visx CEO Logan had been heard to brag that he had Stern in his pocket and that Stern's mentor at Columbia University had been Steven Trokel, MD, a paid Visx consultant.) Stern said he was rebuffed in his attempts to bring his concerns to the attention of FDA commissioner David Kessler and deputy commissioner Michael Friedman.
CDRH Office of Device Evaluation director Susan Alpert recognized the gravity of the leak as soon as she heard of it. She implemented new document security measures and convened several office meetings at which she unsuccessfully begged the perpetrator to step forward.
According to subcommittee sources, FDA's OIA investigated the case as if it involved little more than employee misconduct. FDA shared no information with the subcommittee, and not until Barton advised Kessler on July 15 of the scheduling of the July 31 hearing did FDA turn the investigation over to the Health and Human Services inspector general. In less than 24 hours, the inspector general decided it was a criminal matter requiring referral to the FBI. According to a memorandum of understanding between the Department of Health and Human Services and the Justice Department, FDA is required to refer cases immediately when there is a suspicion of criminal conduct.
A subcommittee analysis of FDA records of OIA activities appears to show that the office stopped taking official actions against FDA staff at about the time the Summit case began. For the fiscal year 1995, the office reported 4 employee terminations, 5 resignations, 7 suspensions, 10 letters of reprimand, and 5 letters of admonishment. For the eight months to June 30 of this year, OIA reported only one letter of reprimand.
While not very conclusive, the subcommittee analysis nevertheless paints a picture of an agency that seemed to be struggling hard to sweep a major embarrassment under the rug as Congress was considering reform legislation.
The embarrassment in this case was a federal crime worth 12 months in prison, whether or not bribery was involved—the deliberate leaking of a company's confidential documents to one of its direct competitors. There has been no suggestion that Summit Technology or any intermediary on its behalf made a "cash or kind" payment or offer of a payment or favor to anyone at FDA. But such evidence is not necessary to make the leak a felony, as FDA should have known at the outset.
Visx insists that the FDA leak greatly damaged it in the marketplace, especially with respect to a future competitive advantage it expected to have over Summit. But it is society that stands to lose the most, if this episode erodes public confidence in FDA's integrity.
This new incident is strongly reminiscent of the 1988 generic drug scandal in most respects other than evidence of any transfer of gratuities.
In both cases, FDA employees allegedly favored certain companies while retarding the reviews of others. In both, some companies were alleged to have such good connections inside the agency that they could work their wills and gain market advantage through manipulated FDA actions.
In both, upper agency management repeatedly turned a deaf ear to both trade complaints and protests from honest FDA employees.
In both, OIA (formerly the Division of Ethics and Program Integrity) participated in procedures that had the end result of actually sheltering, for a time, agency staff who had violated the law.
Apparently to forestall suspicions that the laser scandal reflects a dysfunctional agency unable to discipline itself, FDA associate commissioner for public affairs Jim O'Hara asserted after the July 31 hearing that the agency had conducted "a very intensive and thorough investigation, in coordination with other agencies" including the FBI. Because FDA statements might jeopardize the ongoing FBI investigation, he added, the agency had decided to remain silent even if it meant looking bad, confident that in the end a retrospective look would show that it had acted properly and diligently throughout the laser ordeal.
That seems a doubtful prospect. FDA has always presented a dense view of its decision-making processes, especially where its interactions with other agencies (in this case, the FBI) are involved. No public accounting of FDA's investigational decision making in the generic drug scandal has ever emerged. Neither has the agency publicly described its decisional roles in any of the major criminal investigations it has referred to the Justice Department in recent years.
Typically, after an investigation moves to another agency for further development, such as prosecution, FDA steps into the background and stays there. Judging from all the media reports that flowed from the generic drug scandal, for instance, one could conclude that FDA had virtually no role in any of the investigations. All of the public statements emanated either from Congress or the U.S. Attorney's Office in Baltimore. Yet the agency in fact assembled a special team of excellent investigators who were absorbed into the U.S. Attorney's office, and who did almost all of the case development against dozens of individuals in industry.
If a day of final reckoning in the laser scandal is reached, the behavior of the OIA will likely be as much a mystery as it is today. Questions that FDA won't be more willing to answer then than now will likely include the following:
Why wasn't the obviously criminal leaking of documents immediately referred to the FBI?
Why did OIA wait five months before beginning serious field investigations, such as taking fingerprints of people who might have handled the stolen documents and interviewing those outside the agency who had knowledge of events (such as Visx CEO Mark Logan and Summit vice president of regulatory affairs Kim Doney)?
Why did FDA not give Congress the same degree of cooperation, within the constraints imposed by the ongoing criminal investigation, as during the generic drug scandal?
Why did it take FDA more than nine months to publish the approval notice for Summit Technology's laser and to release its safety and effectiveness summary?
Why was FDA reviewer Emma Knight not reprimanded if, as has been alleged, she leaked that approval to Summit before it had been internally cleared? (Stern alleged that she gave the company the letter prematurely in order to help Summit's $110 million secondary stock offering on October 24, 1995.)
There are many other issues intertwined in this investigation. Most will probably not be addressed by the FBI, but should be picked up by Congress as soon as the FBI completes its work. None of these issues was the focus of the recent FDA reform debate. They raise questions about FDA's basic operating procedures, how it trains its employees, the effectiveness of FDA managers, the adequacy of security measures for company documents, and the efficiency of the agency's communications, both internally and externally.
Unless these issues are dealt with effectively and soon, there may well be more leaks. And then, as chairman Barton said, we might as well not have an FDA. In his perspective, leaks by FDA make the case for third-party product marketing reviews stronger and less controversial. At least a nongovernmental reviewing organization would have legal liability for any leaks by its employees.
James G. Dickinson is a veteran reporter on regulatory affairs in the medical device industry.