Plateaus of Pharma Supply Chain Security

One of the most recent improvements that California made to their drug pedigree law was to spread out the compliance dates by supply chain segment.   Previously, all segments had to comply with the regulation by January 2011.   Now drug manufacturers will need to comply with half of the products (or sales) by January 2015 and the remainder one year later, distributors must comply by mid-2016 and the pharmacies by mid-2017.   As I understand it, this spread was intended to help the industry fully prepare for the new requirements in their businesses.   Companies would now have time to adjust to the changes implemented by their upstream trading partners according to their earlier deadlines.

This staggered start pleased a lot of people—particularly distributors and pharmacies.   However, to me, the staggered start of the current California regulation doesn’t address the issue of complexity very well and a different kind of ramp up to full operation would be more practical and have better odds for success.

I discussed complexity in my last essay, “U.S. Pharma Supply Chain Complexity”.   I tried to show what it is about the supply chain that leads to difficulty in the setup and execution of a drug pedigree system.   On its own, the U.S. pharma supply chain is naturally complex.   A truly workable and protective pedigree system needs to deal with that natural complexity without exploding in its own complexity and cost.   As I pointed out in that essay, the problem with the more popular pedigree models (like DPMS and the various distributed pedigree models) is the large number of the point-to-point data connections that are necessary to reflect the natural complexity of the supply chain.   That adds a lot of complexity.


No matter which model the industry implements, starting it up will have its own complexities.   In my view, regulators and industry should define a clear endpoint for whatever track & trace and/or pedigree model is selected, but they should establish a roadmap to achieve that endpoint over a period of years using what I call “plateaus of security”.   The point of using this approach is to help the industry take smaller steps on its way toward the ultimate goal of a fully operational system.

Unlike the staggered start dates for each segment that currently exists, the plateaus approach would require all segments to add some capability and functionality at each plateau.   Plateaus would be staggered across a number of years so that all companies could spread the costs of their deployments over a number of budget cycles and they would have time to adjust to each increment of new functional and process complexity until the ultimate goal is reached.

There are many ways one could divide the full adoption of a track & trace / pedigree system across a number of years.   Some ways might vary depending on the model selected.   To illustrate the concept, here is one way it might be done.   I’m not saying this is the best way to do it—that should be worked out between the industry and the regulators.  The dates are purely illustrative.


In this first plateau, pharma manufacturers would be required to put Standardized Numeric Identifiers (SNI’s) on all unit-level packages of prescription drugs, but they wouldn’t need to serialize cases and they wouldn’t need to generate any aggregation information.   All downstream trading partners would be required to begin reading the unit-level SNI’s and keep track locally of the information about them (received from, shipped to, etc.) but only if the units are removed from their cases as part of a normal business process.   Units received and shipped without being removed from cases would not be read or documented.


In this plateau, pharma manufacturers would need to write simple records that define the SNI’s (GS1 EPCIS Commission events perhaps) into a secure data repository that is accessible securely through web access by downstream members of the supply chain.   Starting in this plateau, those downstream members would be required to make a web service call whenever they remove units from their manufacturer-packed cases, or when receiving units not packed in a manufacturer’s case.   The web service call would simply authenticate that the SNI is valid, return that information to the caller and record which company did the asking.   This is a big step because it requires the industry to create new large, secure data repositories and make a bunch of connections.   Which model the industry decides to implement would determine how complex this part would be.


In this plateau, manufacturers would be required to serialized shipping cases and document the containment hierarchy of the unit-level SNI’s in each case.   Distributors would need to do the same for containers (totes, boxes, etc.) that they ship drugs in.   Containment information would need to be passed, or otherwise made available (depending on the model selected) to the next downstream buyer of the drugs.   Distributors who sell full manufacturer-packed cases would need to pass, or make available (depending on the model), the manufacturer supplied aggregation information to their customer.

Downstream members of the supply chain would need to read the case/tote serial numbers and may use the supplied aggregation information to “infer” the unit-level SNI’s in their shipping and receiving operations.   Whenever units would be unpacked from these shipping containers in any business process the current owner would need to continue to authenticate them using the service established in Plateau 2 and confirm the aggregation against the information supplied by the upstream trading partner.

Aggregation errors would need to be reported back upstream through each prior owner to the company who originally established the aggregation.   That company would need to reply, indicating if the discrepancy indicates a potential security breach, or a simple error.   Errors would not impede the ability of the current owner to sell the product forward in the supply chain.   Of course, those units involved in a potential security breach would need to be quarantined until the issue has been investigated and resolved.


In this plateau, all trading partners would be required to update an electronic pedigree or a secure track & trace data repository whenever drugs are bought and sold.   Inference would continue to be used in the way described in Plateau 3.   All previous supply chain transactions would be checked whenever each drug is bought from an upstream trading partner, whether this check is performed by the buying company or by a contracted third-party (which depends on the model selected).   Drugs with incomplete histories would have to be refused by the buyer unless the seller could correct the deficiency.


Success in any pedigree or track & trace system intended to protect patients and the supply chain should be measured by the following outcomes:

  1. Criminals cannot introduce illegitimate drugs into the legitimate supply chain without being detected well before patients are threatened;
  2. Criminals who attempt to scam the system are more easily identified and more easily prosecuted using evidence produced by the new system;
  3. Legitimate supply chain members can quickly and clearly differentiate between likely criminal activity and innocent unintended errors;
  4. The number of businesses in the supply chain who enter bankruptcy as the result of the additional compliance costs is minimized;
  5. The cost added to finished pharmaceuticals delivered to patients as the result of the new complexity is minimized.

Measured this way, I believe that it is possible to achieve a high level of success.   The first step is to select the industry model that has the right balance of complexity/cost and risk.   The second step is to define an adoption/deployment roadmap that provides a smooth on-ramp to the full system for the entire industry.   Failure in either step will likely result in a failed system.


6 thoughts on “Plateaus of Pharma Supply Chain Security”

  1. Dirk – The lack of established rules and a set of compliances (with associated risks) makes this project much harder and more risky than it should be, especially for smaller players.

    I’d pretty much agree with what you have here, except I’d push back #3 and #4. I believe #4 is incredible overkill (regardless of timeframe) for the size of problem in the US Supply chain – frankly I’d rather see some efforts being made in the area of Internet traffic than force an entire industry to spend billions on this vision. I see ownership, security and visibility issues in achieving that model that may take decades to sort through. I believe #’s 1 and 2 are sufficient to increase safety – with alot more thought put into alternate channels to really get at the problem.

    1. Brian,
      Thanks for your comment. Well said. In fact, my essay wasn’t necessarily trying to deal with whether or not each plateau is necessary and I tried to discuss it without limiting the approach to a particular model, but I may not have been successful in doing so. I hope to write more in the future about what I think we might need to meet the challenges we are currently experiencing in the U.S. supply chain. Stay tuned.


  2. What I find amazing is that criminals can still introduce product (non-genuine/adulterated) into the channel. As long as channel members don’t verify the product it can still get to the patient. Strengthening liability for those that don’t, increasing criminal law to make them responsible should be considered. We know that in the past buyers of product have known it was “too good to be true” and bought it anyway. There was no real reason to not do so. I’d hope that we make these people criminally responsible for not validating the authenticity and reliability of the product going forward.

  3. I’m not sure I would qualify California’s separation of compliance dates by industry segment an improvement. In the past, all segments (manufacturers, distributors, and pharmacies) were able to speak to a single theme that California’s goal, methodology, and timeline were impractical. In my opinion, California has implemented a divide and conquer approach by separating when the various industry segments must comply. If manufacturers are unable to deliver in 2015, other parts of the supply chain can and will claim that they cannot comply because of manufacturer shortcomings. The viability of track and trace as legislated by California is suspect. Success requires all industry segments speaking with a single voice to describe a risk based approach that can be grown over time rather than the all or nothing mandate we’ve been given. The separation of compliance dates works against a cooperative partnership that could develop an argument for this outcome.

    1. Mike,
      Thanks for your comment. You have a very interesting thought. From everything I know I don’t think the effect you describe was the reason the staggered start was originally proposed and adopted by the board, but you could easily make the argument that that effect has occurred. I agree that a better approach is one that includes staggered compliance dates, but which has all segments participating in one way or another in each of those dates.


Comments are closed.