PHILIP I. DATLOW1*, FRANK ROSCHANGAR2*, WOLFGANG STOCK3, DAVID M. BOSTROM4, MICHAEL STEIGERWALD5
*Corresponding authors
1. Legal, Boehringer Ingelheim USA Corporation, Ridgefield, USA
2. Global CMC Regulatory Affairs, Boehringer Ingelheim International GmbH, Ingelheim am Rhein, Germany.
3. Patents Biopharmaceuticals, Boehringer Ingelheim International GmbH, Biberach an der Riß, Germany
4. IT Governance, Quality and Compliance IP & Security Americas, Boehringer Ingelheim USA Corporation, Ridgefield, USA
5. Global Department Sourcing Direct, Boehringer Ingelheim GmbH, Ingelheim am Rhein, Germany

Abstract

Intellectual property (IP) is one of the most valuable assets of a biopharmaceutical company, and its mindful protection is essential to the firm’s future prospect in delivering novel, efficacious and safe medicines to patients worldwide. Presently, due to significant outsourcing of drug manufacturing activities and other related services across all phases of the drug’s lifecycle, biopharmaceutical companies must scrutinize how their intellectual property, including both patented and unpatented confidential and proprietary information within the IP “umbrella”, is protected and managed by their external partners, in particular in countries where IP laws are still evolving and where there may be an increased risk of IP loss or misappropriation. Herein, we disclose a newly established process at Boehringer Ingelheim that evaluates IP risks when working with external partners. A key success factor of the process is how we work with our external partners to mitigate identified IP risks collaboratively. In Part 1 of this two-part series we provided an overview of the program and described the preparation phase. In this Part 2, we describe the IP risk assessment review process itself, including how we arrive at an IP risk assessment rating and how we communicate such rating alongside suggestions for improvements to our suppliers that have deficiencies. We also share some of our hands-on experiences with this new process.

INTRODUCTION
In the previously published Part 1 of this two-part series we have described the initial process of preparing for the IP risk assessment, how we select suppliers, and how we request IP risk assessment documentation using our IP risk assessment and IT site security questionnaires. In this Part 2, we describe the subsequent steps of executing and completing the IP risk assessment, including how we arrive at an IP risk rating, communicate those results to our suppliers and work with our suppliers to implement any necessary improvements in their IP security measures. We also share some of our hands-on experiences with this new process.

MODEL - CONTINUED

Step 3 - IP risk assessment
The attorney from Legal or Patents begins to review the supplier’s responses to the IP Risk assessment questionnaire as well as the supporting documentation. The Expectations Document described in Step 2 and the Attorney Guidance Document detailed below support the attorneys with their review. Furthermore, information concerning the supplier collected via internal stakeholder surveys may be consid ...