title: "How We Built Sandoz's Global Pharma Web Portal for 100+ Markets" slug: sandoz-global-pharma-web-portal-cms
Content editors at Sandoz don't click "publish" and see their work go live. They submit it into a queue. Three separate reviewers — Medical, Legal, and Regulatory — each receive an automated notification. Each has a defined review window. If any one of them rejects the content, it reverts to draft. If the window expires without action, the submission lapses. This is the MLR workflow, and it is a legal obligation for pharmaceutical content in regulated markets, not an editorial preference.
Building a headless CMS that regional teams can operate quickly while enforcing this approval chain on every published piece of content — across 100+ markets and 30+ locales — was the most architecturally demanding part of the Sandoz web portal engagement. The two requirements are in direct tension: editorial speed demands as few friction points as possible between idea and publication; pharmaceutical compliance demands that nothing moves without documented approval at three independent layers.
Sandoz is the global leader in generic and biosimilar medicines, serving approximately 500 million patients annually. The company became independent from Novartis in October 2023 — one of the largest pharmaceutical spin-offs in European corporate history — and needed a digital platform that matched the scale and regulatory rigour of its new standalone identity.
Who Sandoz Are
Sandoz's mission is to pioneer access to affordable medicines globally. They operate across two core business units — Generics and Biosimilars — and hold the distinction of having developed the world's first biosimilar to receive European regulatory approval. Their portfolio covers approximately 1,000 molecules across all major therapeutic areas, with manufacturing spanning Europe, Asia, and North America.
Their web ecosystem serves a heterogeneous audience: healthcare professionals needing clinical evidence and prescribing information, patients seeking condition-specific guidance, regulatory stakeholders reviewing product documentation, and regional marketing teams managing campaign content across 100+ localised sites. Each audience segment has different content requirements, different access permissions, and in many markets, different regulatory constraints on what can and cannot be shown to whom.
The Novartis spin-off created an acute digital infrastructure need. A company of this scale could not run its global web presence on legacy Novartis systems. The brief was to build a compliant, scalable pharmaceutical web platform from scratch — capable of serving the full Sandoz portfolio across every market where they operate.
The Problem
Pharmaceutical web content and compliance are inseparable. In regulated markets across the EU, UK, and most major pharma jurisdictions, product information that reaches healthcare professionals must be approved by medical, legal, and regulatory review before publication. This is not a quality check — it is a legal requirement. Publishing unapproved medical product information on a public-facing portal carries direct regulatory consequences.
The operational challenge: Sandoz's marketing and communications teams need to publish content quickly, respond to market changes, launch localised campaigns, and update prescribing information as regulatory approvals evolve. They operate across 30+ languages with regional teams who have strong local knowledge but limited technical capability. Any system that puts a developer in the critical path of every content update becomes an immediate commercial bottleneck.
According to Veeva Systems' 2025 State of Compliant Content report, pharmaceutical companies lose an average of 14 weeks per year per product line to unplanned compliance review delays — not because the reviews take too long, but because content management tooling routes work through the wrong channels or fails to surface approval status clearly to reviewers. That pattern was exactly what Sandoz needed to avoid.
The brief on the content infrastructure side was explicit: regional teams must be able to create and manage localised content without developer involvement, while the MLR approval workflow is enforced at the platform level — not by process convention, but by technical constraint. Content cannot reach the published state without completing all three approval stages.
On top of that: HCP gating (healthcare professional content requires identity verification via Okta CIAM before access is granted), an Elasticsearch-powered medicine finder covering the full portfolio using pharmaceutical taxonomies, WCAG 2.1 AA accessibility compliance across all market builds, and global performance targets enforced by Azure CDN routing.
What We Built
The platform is a headless architecture: Next.js on the frontend with Incremental Static Regeneration for product and content pages, a headless CMS handling editorial content and multi-locale content modelling, Elasticsearch for the medicine finder, and Okta CIAM for HCP identity management. All connected through a GraphQL API layer with Node.js microservices behind it.
The standard storefront — product pages, campaign landing pages, condition-area content, the medicine finder — serves both general audiences and healthcare professionals depending on authentication state. Built with Next.js ISR: pages are statically generated for SEO performance but content updates propagate without a full site rebuild. Each market build is cached and served independently via Azure CDN, meaning a campaign update in Germany doesn't trigger rebuilds across all 100+ markets.
The HCP portal layer sits on top of the standard storefront. Healthcare professionals in markets with gated clinical content authenticate via Okta. On successful authentication, they see an expanded content layer not visible to general audiences: prescribing information, clinical trial summaries, and indication-level evidence. Critically, HCP and patient content share canonical URLs — there are no separate "HCP portal" URLs splitting search authority.
The medicine finder covers the full Sandoz portfolio with pharmaceutical-specific indexing: ATC code hierarchy, International Nonproprietary Names for generic matching, brand names per market, and therapeutic area classification across 20+ categories. Synonym handling is built in — "paracetamol" and "acetaminophen" resolve to the same molecule, with market-appropriate brand names surfaced.
How We Built It
The MLR Workflow Engine
The MLR approval workflow is built as a custom state machine on top of the CMS. Content moves through defined states: draft → submitted → medical_approved / legal_approved / regulatory_approved → all_approved → published. Any rejection at any stage reverts to draft. Window expiry without action also reverts to draft with a submitter notification.
The three reviewer types are independent and parallel: Medical can approve while Legal has not yet reviewed. The workflow only advances to all_approved when all three sign off. Each approval is timestamped and attributed to a named reviewer with an explicit approval reason code, creating an immutable audit record. This log satisfies documentation requirements for pharmaceutical content approval in EU-regulated markets.
The CMS surfaces role-based views throughout: content editors see their submission status; reviewers see their queue with deadline indicators; content managers see the full pipeline across their market. No user can view states or take actions outside their authorised role.
We added three optimisations to reduce friction inside the compliance constraint: automated deadline reminders to reviewers at 24h and 6h before window expiry; rendered preview links so reviewers see the final output exactly as it will appear live, without accessing a staging environment; and a lightweight "editorial change" track for non-promotional content updates — factual corrections, formatting, navigation labels — that routes through a single reviewer rather than the full three-stage chain.
Okta CIAM for HCP Gating
HCP gating required Okta CIAM rather than standard authentication because the verification requirement is not "this person has an account" — it is "this person is a registered healthcare professional in this specific market." Okta provides the identity foundation; market-specific credential verification hooks integrate with professional registers or document verification services, depending on each market's regulatory framework.
The HCP experience is a progressive enhancement: the same URLs serve both audiences, with server-side rendering detecting the session and serving the appropriate content tier. HCPs don't navigate to a separate portal. Their content expands inline on the pages they're already on.
Elasticsearch Pharmaceutical Search
The Elasticsearch index was designed with pharmaceutical-specific query patterns in mind. A general e-commerce search index treats all fields roughly equally — name, description, tags. The Sandoz medicine finder weights queries differently: ATC code searches need exact hierarchical matching, INN searches need synonym expansion and transliteration handling for names that differ across alphabets, and brand name searches need market-scoping (a brand approved in Germany may not be available in Spain).
Faceted filtering covers therapeutic area, administration route, and product type. Merchandising rules allow regulatory teams to surface market-appropriate alternatives when a queried product isn't available locally — a critical capability when managing a portfolio across 100+ markets with varying regulatory approval status.
What Made It Hard
1. Making Compliance Fast Without Removing the Compliance
The MLR workflow creates inherent wait time. A pharmaceutical content manager submitting new prescribing information must wait for three sequential approvals before publication. No architecture makes that instant — the reviews exist for a reason, and the regulatory consequence of bypassing them is worse than the operational consequence of waiting.
The real engineering challenge was minimising all friction that isn't required by the compliance constraint. The parallel notification system meant all three reviewers received their tasks simultaneously rather than in sequence — cutting the expected review cycle to the longest single reviewer's response time rather than the sum of all three. The rendered preview eliminated the "I need to check staging before I approve" loop, which was adding an average of half a day to every cycle in legacy workflows. And the editorial change track, once adopted, moved 30%+ of content submissions through a single reviewer — which is where the actual editorial velocity gain came from.
2. WCAG 2.1 AA on Complex Pharmaceutical Tables
WCAG 2.1 AA is standard for healthcare web platforms. The challenge is that pharmaceutical content is structurally dense: prescribing information tables with multi-row headers, dosage matrices by age group and administration route, drug interaction grids with nested variables. These are among the hardest HTML patterns to make accessible — screen reader navigation of complex data tables requires precise use of scope, headers, and ARIA attribute relationships that design tools don't generate correctly.
We built a component-level accessibility review process: every CMS component was tested with NVDA, JAWS, and VoiceOver before being promoted to the component library. Components that failed screen reader navigation were not released. This added approximately 15% to component development time but meant the launch accessibility audit was a verification exercise, not a remediation sprint.
3. Regulatory Content Variants Across 100+ Markets
Standard i18n models assume that localisation is translation: one content record, multiple language versions. The Sandoz content model couldn't work this way, because the variation across markets is not linguistic — it's regulatory. The same molecule may have different approved indications in Germany versus Spain versus the UK. A page for a specific product in Germany can legally surface indications A, B, and C. The same product page in Spain can only surface indication A, because indications B and C have not received Spanish regulatory approval.
This required modelling content at the market-variant level: every clinical or promotional content block carries a market applicability array, and MLR approval is independent per market. An approval in Germany does not constitute an approval in Spain. The content architecture shifted from a standard translation model to a market-variant model — more complex to manage, but the only structure that correctly reflects pharmaceutical regulatory reality across 100+ independent regulatory jurisdictions.
What Changed
The platform launched across all markets simultaneously. The medicine finder indexed the full Sandoz portfolio on day one. Regional marketing teams started publishing localised content without raising development tickets. The HCP portal brought gated clinical content online for key markets, giving healthcare professionals a single authenticated access point for prescribing information and clinical evidence.
WCAG 2.1 AA compliance was verified at launch by an independent accessibility audit. Medicine finder queries achieve sub-400ms response times at p95 across all market queries. The MLR workflow adoption rate — the proportion of content submissions that complete the full approval chain on first submission without rejection — reached 78% within the first quarter, compared with an industry benchmark of around 55% for first-generation pharma CMS MLR implementations.
What's Next
The roadmap includes developments already in scoping: an AI medicine information assistant for HCPs — an LLM-powered tool to query clinical evidence, dosage guidelines, and drug interaction data within the gated portal, with all responses grounded in Sandoz's validated content corpus; LLM-assisted regulatory translation for new market locales with pharmacist review before MLR submission; and an adverse event reporting integration linking the portal directly to Sandoz's global pharmacovigilance safety database.
Common Questions About Pharmaceutical CMS Development
What is an MLR workflow and why is it required for pharmaceutical web content?
MLR stands for Medical-Legal-Regulatory — the three disciplines that must review and approve content before publication on a pharmaceutical company's web platform. Medical reviews for clinical accuracy. Legal reviews for liability and intellectual property. Regulatory reviews for compliance with market-specific advertising and prescribing information rules. Each represents a distinct failure mode with distinct legal consequences, which is why all three sign-offs are required independently rather than as a single combined review.
How does HCP gating work in a multi-market pharmaceutical platform?
HCP gating uses identity and access management to verify that users accessing clinical content are registered healthcare professionals. The verification mechanism varies by market: some markets use national professional register APIs, others require document upload, others accept self-declaration for lower-risk content tiers. On the Sandoz platform, Okta CIAM handles the identity layer with market-specific verification hooks, allowing gating logic to vary per market without changing the application architecture.
What is the difference between localisation and regulatory content variants in pharma web development?
Localisation handles language differences — the same content translated for different language audiences. Regulatory content variants are structurally different: the same molecule may have different approved indications, dosage recommendations, or contraindication lists across markets due to different regulatory approval histories. These variants require independent content records and independent MLR approval per market, and cannot be modelled as translations of a single master record.
Why is WCAG 2.1 AA particularly challenging for pharmaceutical content?
Pharmaceutical content is structurally complex: prescribing information tables with multi-row headers, dosage matrices with multiple nested variables, drug interaction grids. Screen reader navigation of these structures requires precise use of scope, headers, and ARIA attribute relationships that visual design tools don't generate correctly by default. Each complex table component needs individual accessibility testing with NVDA, JAWS, and VoiceOver before release.
Pharmaceutical web development forces a decision most digital projects avoid: what happens when compliance requirements and editorial efficiency are in direct conflict? On the Sandoz project, the answer was to enforce the compliance requirement at the architectural level — the MLR workflow is a technical constraint, not a process guideline — and then eliminate every friction point that the constraint itself doesn't require.
The result is a platform where regulated content gets published correctly, regional teams have genuine editorial autonomy within defined guardrails, and the pharmaceutical taxonomy underlying the medicine finder serves the genuinely diverse audience that a global generic medicine company reaches.
If you're building in a regulated industry — pharma, finance, healthcare, or government — the compliance architecture has to come first. We've applied the same thinking to Germany's national cybersecurity incident reporting infrastructure for the BSI and to regulatory compliance tooling for financial services. Our AI integration and automation service covers this architecture from brief to production delivery.