Summary of Key Points
This article highlights new risks in the innovation of China's biopharmaceutical industry, such as data violations and ethical misconduct (including data breaches, genetic discrimination, and misuse of neural data). It emphasizes the need to establish a compliance system driven by both "data security" and "ethical review." Although there are existing foundational rules, issues such as fragmented regulations, disconnected supervision, weak corporate compliance capabilities, and difficulties in cross-border coordination exist. The article proposes specific solutions in areas such as institutional integration, interdepartmental collaboration, internal corporate management, and alignment with international standards to support the high-quality development of the industry.
Why Can't Biopharmaceuticals Do Without Data Security and Ethical Review?
1. Data is the "Core Raw Material" of the Industry
The entire biopharmaceutical research and development process (from new drug discovery to patient care services) relies on data: clinical data, genetic information, and genetic resources are all critical assets. According to iResearch Consulting, the market for healthcare data services is expected to reach 13.28 billion yuan by 2025 and exceed 25 billion yuan by 2028. Data is valuable but also prone to issues (e.g., patient privacy breaches and illegal data exports), so legal safeguards are essential.
2. Ethics is the "Lifeline" of Innovation
Biopharmaceuticals rely on advanced technologies such as AI for drug discovery, gene therapy, and brain-computer interfaces, which handle large amounts of personal data and neural information. For instance, the misuse of genetic data can lead to genetic discrimination (e.g., job rejections or increased insurance premiums). Ethical review helps prevent these risks and builds public trust in innovative therapies, facilitating faster market approval.
What Are the Current Weaknesses in the Compliance System?
1. Fragmented Regulations and Lack of Uniform Standards
Although there are laws such as the Data Security Law and the Biosecurity Law, regulations from different departments (technology, health, pharmaceutical supervision, cybersecurity) are inconsistent. For example, standards for data classification and ethical review procedures vary, leaving companies unsure about whom to follow.
2. Disconnected Supervision and Ethics
Data security oversight and ethical review operate independently, without a coordinated approach. This can lead to problems even if ethical reviews are passed but data security measures are neglected.
3. Companies Prioritize Research Over Compliance
Many research institutions focus on producing results quickly and often treat compliance as a formality (e.g., submitting documents retrospectively or simplifying review processes), resulting in a lack of risk awareness.
4. Challenges in Cross-Border Cooperation
There is a mismatch with ethical regulations such as the EU's GDPR and those of European and American pharmaceutical authorities, making it difficult for companies to comply when expanding internationally and increasing compliance costs.
How to Address These Weaknesses?
1. Unify Regulations to Eliminate Gaps
The state should establish unified management guidelines that clarify standards for data classification, cross-border data flow, and ethical review, eliminating duplication in regulation.
2. Interdepartmental Collaboration
Form a joint committee consisting of pharmaceutical supervision, health authorities, and data management departments to evaluate major projects like AI-based drugs and gene therapies, ensuring consistent evaluation and information sharing.
3. Synchronize Ethical and Data Security Reviews
Integrate data security requirements into ethical review processes. For example, when evaluating new drug trials, both ethical compliance and data security should be assessed simultaneously.
4. Leverage Digital Platforms for Efficiency
Create a national online platform for ethical applications, data security monitoring, and risk alerts. This will enable cross-institutional and cross-regional recognition of review results, eliminating the need for duplicate submissions.
What Should Companies Do to Ensure Compliance Isn't a Formality?
1. Comprehensive Ethical Review Processes
Companies should establish independent ethical committees and conduct thorough reviews throughout the entire process (e.g., regular checks during clinical trials) to prevent post-event documentation.
2. Integrated Data Security Measures
Include the protection of biological data, patient privacy, and genetic resources in ethical review processes, and implement a comprehensive data lifecycle management system.
3. Strict External Supervision
Regulatory authorities should conduct joint inspections and impose severe penalties on non-compliant companies (e.g., fines or suspension of clinical trials) to link compliance with corporate interests.
How to Comply in Cross-Border Cooperation?
1. Align Data Security with International Standards
Promote the alignment of Chinese data regulations with international standards, such as the EU's GDPR, and establish mechanisms for collaborative data supervision.
2. Internationalize Ethical Review Processes
Ensure that Chinese ethical review committees meet international criteria and involve international experts to make our reviews recognized by European and American pharmaceutical authorities. Also, focus on cross-border data ethics issues (e.g., the use of Chinese genetic resources by overseas institutions).
In summary, biopharmaceutical innovation must balance speed with data security and ethical review to effectively manage risks and promote sustainable development.