Conversations about the merits of various pedigree and authentication models usually start from dissatisfaction with some characteristic of the current GS1 DPMS pedigree model. I maintain that the design of DPMS—including its perceived flaws—is merely a reflection of the current state and federal pedigree laws and regulations. Characteristics that people don’t like—like digital signatures, a growing document as drugs move down the supply chain, and the fact that Supply Chain Master Data is not used by DPMS—are actually all characteristics of the laws and/or regulations, so any alternate pedigree model that would truly be usable for compliance would need those characteristics too.
But that’s not exactly what I want to discuss in this essay. Instead, I wanted to explain my theory of what U.S. pedigree laws are trying to accomplish in the first place. Forget about how they do it for now. What were the goals of those who wrote these laws and regulations? I’ll agree that this is impossible to know for sure but I think I can construct a pretty convincing theory. I don’t know any of the legislators or congresspeople who wrote these laws, but I have studied their work for over four years now. I have made the following observations.
- The highest priority goal of the Florida and California laws appears to be to detect the introduction of illegitimate drugs (counterfeit, stolen, up-labeled, diverted, etc.) into the legitimate supply chain as early as possible, preferably at the very first transaction. These laws accomplish this by requiring companies buying drugs within the supply chain to receive the full supply chain history of those drugs at the time of the purchase (contained in a “pedigree”), and, most importantly, by requiring them to verify the legitimacy of those prior transactions. In Florida that verification can be performed by direct contact, such as a phone call, email, fax, etc., or, optionally, through the use if digital signatures. In California, this verification can only be performed through the use of digital signatures. The federal PDMA, on the other hand, does not appear to obligate the buyer to do any verification of the information provided on pedigrees they receive.Finally, Florida and California both require the recipient of the shipment to confirm that the physical drugs they received match those described by the pedigrees they received. That seems obvious, doesn’t it? Why would any legislative body require all or some supply chain participants to go through all the expense to generate and pass pedigree information but stop short of requiring anyone to actually look at it? Well, oddly, the federal PDMA appears to do just that.
- There is a clear attempt in the laws to help identify who participated in the introduction of the illegitimate product. This is important if your goal is to efficiently and quickly investigate the suspected crime. This would aid in shutting down the criminals as quickly as possible before they are able to spread bad medical products very deeply into the supply chain. All U.S. pedigree laws require some type of information that describes each transaction affecting the change of ownership and/or possession of drugs. Florida requires the name and signatures (hand written or digital) of the individuals who are vouching for the accuracy of the information for each step in their pedigrees. California requires the same in digital form. For those transactions that require a pedigree, the PDMA simply wants the names (but apparently no signatures) of any company who had something to do with each distribution transaction.
- There is also a pretty clear attempt to automatically generate solid evidence that can be used to prosecute criminals efficiently. Here again, signatures play an important role, but just as important is the fact that Florida and California require their pedigrees to be in a single record. I draw the conclusion that this is to ensure that pedigrees are constructed as self-contained pieces of documentary evidence for use “as is” in case a crime occurs.
Supply Chain Master Data in Pedigrees
In my opinion, the use of Supply Chain Master Data (SCMD) in pedigrees fails to meet these goals. When a criminal obtains a wholesaler’s license, they own the SCMD (the GLN, or Global Location Number) that describes the location of their operation. If pedigrees were allowed to make use of SCMD, the criminal would be in control of what their own GLN means. GS1 doesn’t police and enforce the guidelines, best practices or even the rules around GLN’s so the criminal could change the meaning of their GLN at any time it helps their case. Before they are discovered they can throw off investigators by defining their address at an empty lot. After they are caught, but before trial they might correct their “error” and make their GLN point to their actual address. In court, their lawyer might easily be able to challenge the pedigree because too many people can change the SCMD referenced by it, and that means the pedigree is not a fixed record but a dynamic one, meaning one thing today, perhaps something else yesterday and maybe something entirely different tomorrow. Leaving criminals in control of the content and meaning of all pedigrees they have ever touched might make pedigrees difficult to use for detection and identification, and potentially worthless for prosecutions.
To overcome this problem, regulators might be forced to make it a crime to ever change any SCMD after it is used on a single pedigree, which may leave a lot of non-criminal organizations open to criminal prosecution for inadvertently attempting to correct an honest mistake in the definition of their GLN’s or GTIN’s. It may also require the FDA to require a monitored GLN registry.
A distributed pedigree approach (See my earlier essay, “Fundamental Law of Commerce“) would have an even worse problem along these lines. It would take a pretty talented prosecutor to be able to make sense in the minds of a jury out of a pedigree that is composed of snippets that are held and controlled by an array of supply chain participants, including innocent parties and alleged criminals. In contrast, a fully self-contained pedigree could be presented to a jury much more convincingly because it can be fully displayed and validated in front of them without any need for a live internet connection in the courtroom. A self-contained pedigree would not use SCMD.
In Europe, A Different Approach
Pedigree laws in the U.S. are designed to protect the public by attempting to detect the introduction of illegitimate product into the legitimate supply chain as early as possible, identify those who were involved, and then help prosecute them. A current proposal for securing the drug supply in Europe takes a rather different approach. The European Federation of Pharmaceutical Industry Association (EFPIA), an industry organization, proposes a model that would only detect illegitimate drugs at the point of dispense (POD) in the pharmacy. In many cases, this will prevent patients from consuming illegitimate drugs…at only the last opportunity. However, with POD, there is no ability to identify who is introducing the illegitimate product and it offers no help in prosecutions.
In my view, widespread adoption of POD may actually result in an increase in the number of illegitimate drugs introduced at distribution. That’s because the criminal gets paid for their crimes and can disappear before the detection of their fake drugs occurs at the POD, the point of dispense in the pharmacies. These criminals probably don’t really want to harm anyone. They just want to get paid and to not get caught. If they can still get paid, not get caught and their illegitimate products get filtered out of the supply chain before they can do any harm, all the better for them. Currently POD is only a proposal, although you could successfully argue that regulations in Italy, China, Turkey and others are POD regulations. It will be interesting to see if the approach continues to catch on with regulators.
What is your theory about what U.S. and POD pedigree laws are trying to accomplish? Reply below.