Novo Nordisk Forgot to Tell the FDA About Three Deaths

A System Built to Fail

The FDA didn't just flag individual missed reports. It called out the entire system. Novo Nordisk's internal procedures had structural problems that practically guaranteed things would fall through the cracks.

For starters, the company required consent from the person who originally reported a side effect before it would even investigate. Imagine a hospital calling 911 but the dispatcher says, "Hold on, let me check if the caller is okay with us sending an ambulance." That's essentially what Novo was doing. In one case involving a patient death, this consent requirement blocked the investigation entirely.

The company also had internal rules that allowed it to cancel safety reports without confirming whether the drug actually caused the problem. And medical reviews were painfully slow: a suicidal ideation case from December 2024 didn't get reviewed until February 2025.

Bigger Than Ozempic

The FDA's language in the warning letter was unusually broad. While the inspection focused on semaglutide, liraglutide, and a couple of other products (nedosiran sodium and estradiol), the agency made clear it has "serious concerns about the scope and impact of these violations on your entire product portfolio."

That's a loaded sentence. Novo Nordisk doesn't just sell weight-loss drugs. It's a massive pharmaceutical company, and the FDA is essentially questioning whether any of its safety reporting can be trusted.

This also wasn't the company's only regulatory hiccup in recent months. In September 2025, the FDA sent Novo an untitled letter (a step below a warning letter) for misleading advertising of its semaglutide products. A separate August 2025 inspection flagged violations at a manufacturing plant in Bloomington, Indiana. The pattern isn't a great look.

An Important Asterisk

Before anyone panics about their Ozempic prescription: the FDA's warning is about reporting failures, not drug safety. The agency isn't saying these drugs caused the deaths or the other serious events. It's saying Novo Nordisk broke the rules by not reporting them properly, which makes it harder for regulators to do their job.

In fact, the FDA conducted a separate safety review in January 2026 and concluded there was no connection between GLP-1 drugs and suicide. The agency actually asked manufacturers to remove boxed warnings about suicidal behavior from these medications. So the safety signal that sounds scariest here (the suicide and suicidal ideation cases) has already been evaluated and, for now, cleared.

Novo Nordisk responded on March 11, saying it had been working to fix the problems since the original 2025 inspection. The company expressed confidence it would resolve the FDA's concerns and emphasized that the warning letter "did not conclude anything about the safety or quality of its medicines."

Why This Still Matters

The GLP-1 drug class is the most commercially important thing to happen to pharma in a generation. Ozempic and Wegovy aren't just drugs; they're cultural phenomena. When the company that dominates this market can't keep its safety reporting house in order, it creates a trust problem that ripples outward.

Post-marketing surveillance (tracking side effects after a drug hits the market) is the FDA's main tool for catching problems that clinical trials miss. Trials involve thousands of patients over a few years. The real world involves millions of patients over decades. If the pipeline of real-world safety data has leaks, regulators are flying partially blind.

Novo Nordisk submitted updated procedures through January 15, 2026, but the FDA deemed them inadequate, saying the company didn't provide enough detail about how its fixes would actually prevent future violations. So the back-and-forth continues.

The drugs themselves are probably fine. The evidence, on balance, supports their safety profile for their approved uses. But "probably fine" is not good enough when you're the biggest player in the biggest drug category in the world. The FDA expects better. Patients deserve better. And 800 days late is never, ever on time.

Iran Just Hacked One of America's Biggest Medical Device Makers

An Iran-linked hacking group just hit Stryker, one of the world's largest medical device companies, wiping 200,000 systems and claiming to steal 50 terabytes of data. The attack didn't compromise surgical robots or defibrillators, but it exposes a terrifying vulnerability in the healthcare supply chain.