European regulation: what does implementing regulation (EU) 2025/1466 mean for pharmaceutical companies?

Implementing Regulation (EU) 2025/1466, published by the European Commission on July 22, 2025, represents a major step forward in the regulatory landscape for pharmacovigilance in the European Union. It strengthens post-marketing surveillance of medicinal products by introducing enhanced requirements relating to organizational structure, quality management, outsourcing practices and data management.

This regulation will be fully applicable from February 12, 2026; however, certain provisions will apply as early as August 12, 2025. Pharmaceutical companies operating on the European market must update their processes and contractual agreements, and provide appropriate training and information to internal teams and external partners to ensure compliance with these new standards.

---

Here are the key points to remember for optimum compliance:

Organization and management of pharmacovigilance

• Companies need to formalize their organizational structure, specifying all the sites involved and precisely defining pharmacovigilance responsibilities.
• Any significant deviation from procedures must be recorded exhaustively, detailing the consequences, corrective actions taken and follow-up measures until complete resolution.

Outsourcing and contractual obligations

• Delegation of tasks to third parties is permitted, provided that contracts clearly define roles, responsibilities, data exchange and procedures, as well as audit and inspection conditions.
• Subcontractors must be contractually bound to accept audits or inspections; any subsequent subcontracting requires the prior written agreement of the marketing authorization holder.

Quality system and audit management

• An effective quality management system is mandatory for all pharmacovigilance activities. Regular audits, based on risk analysis, must be carried out by persons independent of the audited process.
• Subcontractors are subject to audit requirements commensurate with the criticality of the tasks and functions entrusted to them.

Data management and monitoring

• Companies must actively monitor data from the EudraVigilance database, cross-referencing it with other sources and complying with strict validation and safety signal notification requirements.
• Adverse reaction reports should be complete, standardized and, where possible, include a Digital Object Identifier (DOI).

Updating post-authorization reports and studies

• Periodic safety update reports must incorporate risk mitigation measures and document the results of assessments.
• At the request of the regulatory authorities, companies are required to conduct, manage, finance and register any post-authorization studies with the European Medicines Agency, submitting protocols and results in a timely fashion.

Terminologies and standardized formats

• The use of international standards such as MedDRA and ISO standards (including EN ISO 11615, 11616, 11238, 11239, 1124) is mandatory for the exchange and reporting of pharmacovigilance data.
• Reports must be drawn up using electronic formats and in accordance with the regulatory requirements laid down in European and international texts.

Please do not hesitate to contact us if you have any questions or would like to discuss the impact of Regulation (EU) 2025/1466 on your organization.