Under normal circumstances, a company should have all the pedigree data shortly after receiving the product. However we do not want to slow down the supply chain, because of latency in information propagation.

Right now goods are exchanged for money. To streamline the process, companies build credit, and they have 30 days to pay their invoices. When I place an order, there is an estimated delivery time, and I am expected to pay my my invoice within a set time period. There are still cases of companies not paying their invoices, however we don’t slow down the supply chain for that. It is simply cost of doing business.

If these two fundamental elements of trade are not in exact synchronization, why should we expect the pedigree information to be any different?

The proposal is to add pedigree information to the mix, so goods plus information are exchanged for money. We would treat information the same way goods and money are treated today. There would be a pedigree rating that a company would assign based on its contractual agreements with suppliers. If a supplier doesn’t meet its obligations for providing pedigree information, then its pedigree rating would drop. This process would be internal to each company and it would be part of their risk management.

The same way a company needs to manage its inventory and cash flow, it would need to manage its information flow as well. We won’t need to invent new procedures, just to copy the existing processes for cash & inventory balancing and adapting it for pedigree information, on per supplier basis.

Regards,
Ali

Your comments on caching data that was initially distributed would result in a non-distributed model, which I think is an improvement. It’s hard to withhold payment to suppliers who fail to provide a pedigree by the time you are ready to ship the drugs because the time separation between receiving and shipping can be well beyond the time you are invoiced by your supplier. You would have to get their pedigree information before the invoice was due. I think it makes more sense to expect to receive their pedigree information as soon as you receive the drugs, like the California law requires.

Dirk.

Thanks for another great post. The final pedigree solution would probably become a hybrid of document-based and network-based approaches.

In the distributed pedigree, just because we can fetch pedigree information anytime, doesn’t mean that we should always fetch them on demand, and to discard the results after use. The distributed pedigree model, gives flexibility for asynchronous delivery of physical goods and its electronic data.

A simple example can be mail servers today. There usually is a web interface to access emails, as well as POP/IMAP interface, which downloads local copies of the messages. In the event that the mail server is inaccessible or a glitch deletes the account. The locally cached messages would remain intact; while the web interface might not have access to that information any longer.

One way that distributed pedigree could work, is that when an item is received, the industry’s Discovery Services instance would be queried with the item’s identifier. A list of pedigree information resources would be returned, subject to resource owner’s authorization. Then each information resource would be individually queried and any pedigree information obtained would be cached locally. At this stage, the cached pedigree information need to be consolidated and any gaps in its history are identified. Then a standing-query could be submitted to the Discovery Services instance, to notify the custodian of any new pedigree information resources that become available. The items that have full pedigree information can be shipped immediately and the items with gaps in their pedigree history, are held back. If the standing-query subscriptions haven’t provided the full pedigree (after a set duration), then payment on invoices for those items is held back until that information has become available and cached by the current custodian.

The above approach would address the issue with latency in information propagation inside and outside of an organization. Also it would address the variability in data retention policies across different organizations.

Best Regards,
Ali

I’m not so sure I agree with your thoughts on reverse logistics and the ability or willingness of manufacturers and regulators for rejuvenating product that was the subject of a pedigree loss. The point of a pedigree is to give the next buyer in the supply chain an indication of how many places the drugs have been before they bought them. Drugs that have gone through one or more shipments that include a pedigree loss, then get shipped back to the manufacturer and then shipped out through the supply chain again, without including all the record of their previous “life” in the supply chain might not be as desirable to a buyer, even if the manufacturer says they vouch for them. Would an insurance carrier want to cover that liability?

Dirk.

As for the need for the Board of Pharmacy (BoP) to staff-up to be ready for the deadline, I suspect that they would count on the industry to self-report problems so it’s not likely they would need an army of inspectors. Supply chain buyers are required to receive a valid and complete pedigree for every unit they purchase. If they don’t get one, the drugs can’t be sold so they have no value. The buyer is going to demand to receive a pedigree or will send the drugs back and refuse the invoice. No state inspector or BoP involvement necessary. This is what I have coined the “Deputized Supply Chain” . A supply chain that self-monitors, self-regulates and self-reports when necessary. It’s a very neat way to auto-enforce conditions like a pedigree requirement. The BoP doesn’t need to see all the pedigrees. They just need to make a big deal out of any drugs they do find that made it through the supply chain without a pedigree. You can bet that will make companies demand that they receive clean pedigrees from their suppliers.

I’m sure you’re right, they will need a few more people to make it work, and they will need some laptop computers that are capable of validating electronic pedigrees so they can properly inspect. I also think you are right that the BoP is praying for federal preemption. I think the question is, will the Congress and the FDA be as clever as California was by adopting a self-regulating approach?

Dirk.

Eeven if all business partners agree, this is not really a practical proposition in bulk, and creates an greater fraud opportunity for someone to scam the returns system. I think that in practise the importance of sensory (yes/no) authentication features to back up the digital pedigree will become ever more important. Some flexibility will be needed in dealing with lost pedigrees because, as you point out, a rigid interpretation of the California statute creates liabilities that cannot easily be addressed.

I’ve thought for while that there may soon be a space for a new business model, with insurers parnering with supply chain security providers to provide insurance-linked authentication. Safer product equals lower corporate liability premiums.

The product security field is ripe for a disruptive technology to come along. Since RFID is perpetually 5 years away, maybe the first innovation will be in business processes.

Back in 2008, the CA Board of Pharmacy was planning to increase its budget by only 2.5% (!) and add no new positions when it implemented e-pedigree in 2009. Judith Nurse, Supervising Inspector at the CA Board of Pharmacy, made the following comment in February 2008: “We do not want to be the pedigree police.” I asked Ms. Nurse the following question in 2008: “It seems likely that many manufacturers and wholesalers will not be able to comply with the pedigree laws by January 1, 2009. What contingency plans has the Board of Pharmacy prepared to handle such a situation?” Ms. Nurse replied: “We have not developed any contingency plans.”

Yikes! Amateur hour all the way.

I’m sure the folks in California are praying for federal preemption. I know that I am!

Adam