top of page

Unlocking email consent: The journey to successful company owned marketing consent in Pharma

48% of Healthcare Professionals (HCPs) expect to have less contact with Pharma company employees in the 12-18 months post-Covid.

Are you set up for email consent success?

The need for a clear company owned customer acquisition and retention strategy has increased in importance within the healthcare and bio-pharma industry, as the impact of the recent pandemic has accelerated the need to change how we communicate with customers.


Consideration must also be given to how to ensure that the journey to collecting consent focuses on customer value drivers and a good experience, as well as how to use that hard fought for consent in a meaningful way. The collection and processing of customer personal information also brings into play regulatory and legal considerations, so we close by covering the regulatory and legal requirements for the capture, recording and maintenance of the consent.


What is consent?

Consent is defined in Article 4(11) of the Information Commissioners Office (ICO) guidelines as:


“Any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.”


The pandemic pushes for success

There is no doubt that the pandemic has forced us to change all aspects of our lives, be it in remote working, keeping distances from loved ones or having a much more of a holistic split with work and life balance. Some of the enforced commuting that has been in place since the industrial age has almost disappeared in one of the largest global forced control studies of its kind as flexible working takes over from the traditional 9-5 or 8-6 or worse and businesses adapt to the hybrid approach and ways of working.


This once in a lifetime event has truly altered the way we work forever, and it is evident to see wherever we look. This fact has not eluded healthcare either or our valued healthcare professionals, where a fundamental shift driven by the pandemic, but not exclusively, has led to many more remote engagements than ever before. The industry now more than ever before understands the value of digital engagements, and having Consent plays a huge part in its ability to connect and communicate with healthcare professionals going forward in the “new normal.”


The most dramatic digital shift has been the use of remote meetings as a primary way to engage HCPs. The number of virtual meetings increased more than sixfold, while rep-sent emails rose nearly fivefold, according to the tens of thousands of field rep activities that were captured in Veeva CRM since January 2020. (1)


IQVIA Channel dynamics findings also stated, “Even as formal restrictions lifted, volume of F2F did not return to pre-pandemic levels and interactive time is still down. This will likely continue to be the case as we continue to manage the third wave of infections & the Delta variant”. (2)


In a separate study (3) when HCPs were asked the question how often do you expect contact with pharma company employees in the next 12-18 months, compared with before Covid?

  • 30% said less frequently (11-25% fewer contacts)

  • 18% said significantly less frequently (26-50% fewer contacts)

  • 26% felt it would remain unchanged and another 26% felt it was slightly less frequently (1-10% fewer contacts)

If the above is indeed the case across the industry, then HCP consent is going to be key tool to communicate effectively with the target audiences. Specifically marketing consent, which is not to be confused with preferences, the distinction we will cover later in this article.


3rd party vs owned email consent, where do you sit?

Pharma has worked hard over the past few years to gain the consent of the HCP professionals even before the pandemic at great cost. They have used field force excellence models, driven by the rep interactions to gain this consent and other tools such as 3rd party suppliers and portals. However, most have gained consent without a clear mandate as to how and when to use the consent and how best to maintain it.


What we are still seeing from our brand planning sessions with pharma companies, is the over reliance of pharma companies on 3rd parties (who have a consented HCP user base and a governance model to keep this current and legal) to communicate with HCPs as the main stay to get their brand messages in front of this community. The latest data also suggests that certain 3rd parties are seen as a more trusted source of information compared to pharma owned websites and this amongst other internal factors such as lack of actionable insights is driving the surge in spending on 3rd party for frequency and reach metrics, as well as engagement.


Email consent capturing is easier when there is a clear strategy on how best to use it, it needs to form part of a much bigger omni channel and engagement strategy, not just be a standalone exercise. Below are some points to consider when setting up for success with Consent for your organisation.


4 key areas to address for email consent success (4)
  • Consent and Preference management structure

  • Processes and Technology to collect, record and maintain consent

  • People and Incentives

  • Governance and management


To consent or not to consent, that is the question

The key takeaway from any consent capture exercise, is the why? Why are you doing it? If the answer is not to improve or provide an excellent customer experience, then you should revise your plans. Consent gives you the ticket, it does not take you to the destination, your overall customer excellence strategy does.


Simplifying your consent collection

So, you have decided to go ahead and look to collect consent from your customer. The first rule here is to make sure it is easy for them to join your list. All too often the collection of consent is an intimidating experience for our customer with lots of data fields to fill in, a lack of clarity on what the consent means and lengthy legalese to consider. Therefore, when asking for consent keep the capture form as simple as possible by collecting only what is necessary from the customer. To start, this may be as little as their individual email address ONLY. You can always continue to gather more information over time. A “test and learn” mindset also works here to check to see if your capture form is working, and if not, it gives you the opportunity to optimise your approach.


Best practice of eConsent
  • Create compelling, valuable, and practical content that speaks for itself - this content should create a need in your audience to want to join your database, as they get something in return and know there is more to come (e.g., an exclusive download, access to an event etc.)

  • Around your high value content, have a prominent presence of your subscribe button to ensure you are making the most of it

  • Once you have optimised the capture form and identified what content is generating the most valuable leads, spend money in paid channels* to increase reach and drive new prospects through the same journey and watch your audience grow

  • Ensure you have an on-boarding journey once someone does subscribe. A welcome email at the very least, or a short series before they slip into your ongoing schedule

  • Do not just overtly sell your products in every email you send, give continuous value

As previously mentioned, having your own consented customer database can save you money by reducing your dependency on paid channels as you can leverage your first party database to engage appropriately with your customer.


*Example of paid channels include advertisements on third party websites.

Now let us cover the difference between consent and preferences.

As mentioned above by ensuring the opt in (consent collection) is simple and easy you now have started to build your customer database. But it’s through good preference management practices that you ensure you retain that consent. Consent has been defined by the ICO as any freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.


Preference is how you leverage the data collected on the customer to manage your communications, this can include channel preferences, information type, frequency, and relevancy. Your customer preference can be set by the customer who can self-manage your communication by selecting the type and frequency of information shared with them e.g., update my preference option in the footer of emails sent to them or this can be managed through the insights we have on that customer previous engagements to inform future communications. Capabilities like Marketing Automation and Engagement scores can be leveraged to help with this preference management and will be discussed in future updates from the PM Society, Digital Interest Group LinkedIn updates.


Legal and Regulatory Considerations for Consent

As previously mentioned, one of the four areas for success in consent is Governance and List Management4. When collecting customer information, it is important to have in place standard operating procedures (SOPs) that meet the regulatory requirements in your market/region.


In the UK for example, the sending of electronic marketing or the use of cookies on your websites must follow the Data Protection Act (5) , the Privacy and Electronic Communication Regulation (PECR) (6) and General Data Protection Regulation (GDPR (UK). (7) While there is complexity in having to follow different regulations, there are overlaps between the PECR and GDPR and in essence both are set up primarily to protect people’s privacy.


PECR: Focus on privacy rights in relation to electronic communications. These include:

  • Unsolicited marketing calls, emails, texts and faxes

NOTE: unsolicited covers electronic communications that include communications from an organisation to an individual EVEN if that person has opted in

  • The use of cookies (and similar technologies) on websites

  • Keeping communications services secure, and customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings

It is important to realise that PECR applies even if you are not processing personal data. For example, many of the rules protect companies as well as individuals, and the marketing rules apply even if you cannot identify the person you are contacting.


GDPR applies to anyone who controls and/or processes personal data. There are seven principles to follow:

  • Lawfulness, fairness, and transparency - in the context of this article getting consent from an individual to be able to use their information for a specific purpose – how we ask for consent, how we record the consent and how we manage a customer’s consent

  • Purpose limitation - only use the data for the stated purpose on collection

  • Data minimisation - only collect what is necessary

  • Accuracy - ensure that you take steps to ensure the data is accurate

  • Storage limitation - only keep the data for as long as you need it

  • Integrity and confidentiality (security) - the proper storage of the individual's data

  • Accountability - have in place the right processes and procedures to comply with the regulation

These principles should lie at the heart of your approach to processing personal data.


For more information in the UK please refer to the Information Commissioner’s Office www.ico.org.uk; The UK’s independent authority, set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.


Your checklist to ensure that the consent you collect on customers meet the above regulations:

  1. I have checked that explicitly asking for consent is the most lawful basis for processing

  2. I have made the request for consent prominent and separate from our terms and conditions

  3. I have given a brief description on how I plan to use the consent that uses clear, plain language that is easy to understand

  4. I have asked my customer to positively opt in

  5. I do not use pre-ticked boxes or any other type of default consent

  6. I have named my organisation and any third-party controllers who will be relying on the consent

  7. I will tell individuals they can withdraw their consent

  8. I will ensure that individuals can refuse to consent without detriment

  9. I will avoid making consent a precondition of a service


The collection, recording and maintenance of company owned marketing consent is not a one-time activity. This needs to be integrated into your customer acquisition and retention strategy. To be successful you will need company owner for marketing consent who takes accountability to deliver the people, process, and technological capabilities to ensure that you deliver:

  1. A great customer experience when collecting consent

  2. Clear value drivers (hooks) to help convince the customer to sign up

  3. Cost savings by reducing your dependency on third parties

  4. Good data management to ensure you adhere to regulatory and legal requirements

  5. Leverage customer behavioural data to prevent customer fatigue (opt-outs)

 
References:
  1. Pharmaceutical Commerce “Digital is reinventing the critical role of the rep: https://www.pharmaceuticalcommerce.com/view/digital-is-reinventing-the-critical-role-of-the-rep Feb 2021

  2. IQVIA Webinar “How COVID-19 impacts HCP channel preferences and the ongoing health implications of COVID-19 on long hauler patients: https://www.iqvia.com/events/2021/09/how-covid-19-impacts-hcp-preferences-ongoing-health-implications-on-long-hauler-patients Sept 2021

  3. Strategy& (part of the PWC Network) “No going back: Pharma companies route to a digitized go-to-market model Pharma’s route to digitization | Strategy& Germany (pwc.com) 2020

  4. Veeva Business Consulting Article”4 Key Ingredients in HCP Communication and Consent”: https://www.veeva.com/eu/resources/four-key-ingredients-in-hcp-communication-and-consent/

  5. Data Protection Act: Data protection: The Data Protection Act - GOV.UK (www.gov.uk)

  6. PECR: The Privacy and Electronic Communications (EC Directive) Regulations 2003 (legislation.gov.uk)

  7. GDPR: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/principles

 
Authors of this article
  • Amish Patel, Independent Consultant

  • Gaurav Sanganee, Founder, Closing Delta

  • Caz Hanrahan, Independent Consultant

 
The PM Society is a not-for-profit organisation that believes excellent healthcare communications leads to better outcomes for patients. We aim to:
  • Support organisations and people in healthcare

  • Recognise excellence and promoting best practice

  • Provide education and development

Visit us here to learn more about the society and the value of becoming a member

The Digital Interest Group is made up of passionate pharma digital experts who volunteer their time to:

  • Promote digital best practice across Pharma marketing and the wider commercial organisation

  • Explore and share an understanding of what digital strategies and tactics marketers in the life sciences sector can employ effectively to support their brand, business, and customers

Comments


bottom of page