How To Make The Semi-Centralized Track & Trace Model A Reality

Important Notice To Readers of This Essay On November 27, 2013, President Barack Obama signed the Drug Quality and Security Act of 2013 into law. That act has many provisions, but one is to pre-empt all existing and future state serialization and pedigree laws like those that previously existed in California and Florida. Some or all of the information contained in this essay is about some aspect of one or more of those state laws and so that information is now obsolete. It is left here only for historical purposes for those wishing to understand those old laws and the industry’s response to them.Last week I attended the Enforcement Committee meeting of the California Board of Pharmacy.  The value of attending these meetings is hard to extract.  It helps to have a solid knowledge of the language of the pedigree law, understanding of the standards and technology being considered to meet it, and the history of how we got where we are today.  Even with all that on your side it takes a lot of concentration during the meeting and after it is over to put it all into perspective and find the value.

I will provide you with my thoughts on what went on at the meeting in a future essay, after they post the video of the event.  I was there live but I want to provide the video time of the points that I reference so you can go right to them and see if you agree with my conclusions.  Hopefully it will be posted by the Board of Pharmacy by the end of this week.


One of the more amusing things that often happen at these meetings is when vendors make presentations that aren’t pertinent to the California law.  For example, at this meeting we heard from Hewlett Packard about a drug authentication service they provide in small countries in Africa.  I know that often when solution providers present to the Board they are really using the “opportunity” as an excuse to actually talk to the supply chain members who are in the audience (who are looking at their backs), but in this case, the service HP presented would have absolutely no applicability to meeting the California pedigree law.  In response to the presentation by Abbott Labs, McKesson, the VA and GHX about their pilot, which had been made earlier, they seemed to be saying, “Look!  We can operate an online database too!”.  But the authentication service HP runs in Africa is a far cry from what is needed to meet the California law (see my essay, “Illegitimate Drugs In The U.S. Supply Chain: Needle In A Haystack”), so what’s the point?

In a joint presentation, representatives from Intelleflex, Verify Brand and Rehrig Pacific explained their RFID-based returnable container track & trace solution that they think would be great for use in the pharmaceutical supply chain.  Maybe I missed something, but I couldn’t figure out why the Board needed to know about it.  Maybe on individual company could use their system to track containers along with their contents while they are within their control, but it just doesn’t really seem to work as an overall industry solution to the California requirements.

What these two presentations—and many others just like them through the past—are missing is that the solution the industry needs cannot be based on a single proprietary database or service.  That will be especially true if/when a U.S. nationwide pedigree or track & trace regulations is passed.  What is needed is a standards-based approach that will enable competition in all the software and services that model defines.


The GHX service looks like a proprietary service too on first glance, but as I understand it, it implements the GS1 EPCIS standard Capture and Query interfaces with a security layer, an additional value-added reporting interface and some expanded capture capabilities for enterprises that want to capture events directly from readers.  The point was to create the first service that would eventually be one of multiple competing services that implement an EPCIS-based semi-centralized Network Centric ePedigree (NCeP) system.  Of course, when you are the first implementer of a semi-centralized NCeP you instead look more like the fully centralized model, which it more like the government-run repositories in Italy, Turkey and Brazil (see my essay “The Viability of Global Track & Trace Models” for more on the differences between centralized and semi-centralized models).

But from what I understand, GHX fully expects other companies to offer compatible but competing services in a semi-centralized model.  Apparently they believe they can compete and still be profitable.  So now what they need is one or more competitors to help work out the details of an interoperable system.  And the right place to do that is in the GS1 GSMP Pedigree Security, Choreography and Checking Service (PSCCS) work group which is right now working on the security, communications choreography and pedigree checks of just such a model.  In fact, that work group still needs more participation from supply chain members as well.  Contact John Ryu of GS1 if you would like more information about the group or to sign up.


I’ll have more to say about this in my future essay about last week’s meeting, but right now it doesn’t appear to me that the GHX service is usable directly for compliance with the current California pedigree law because it is based on the GS1 EPCIS standard alone (see my essays “Why GS1 EPCIS Alone Won’t Work For California Pedigree, Part 1” and “…Part 2” for an explanation).  Others may disagree.

So doesn’t that tear down my argument that the GHX service is more important to meeting the California pedigree law than services like the one that HP runs in Africa?  Perhaps, but I think it is much more likely to be usable in the U.S. in the future than the HP service—either to meet a slightly modified California law or a likely future federal nationwide pedigree system.  At least it warrants more attention than it is getting from potential competitors.

Stay tuned for more on last week’s meeting.


6 thoughts on “How To Make The Semi-Centralized Track & Trace Model A Reality”

  1. Hi Dirk,

    As usual a great essay and a constructive POV with good reasoning.

    As one of the presenters I do want to correct a couple of points that perhaps you may elaborate on in future essays. The Intelleflex/Verify Brand/Rehrig presentation actually was based upon options for solutions, and/or technology products that can enhance the track and trace models and in this case presented as an overall solution.

    Included was passive BAP RFID tags that can store data and provide temperature monitoring (an area that was mentioned as lacking in the GHX pilot). The V/B data base and messaging structure, which is competative to GHX and offers a semi-centralized solution also offers a returns and recall benefit (something else I believe we heard was lacking from the GHX pilot). And finally the Rehrig pallets are an option that can help improve safety and provide a further tracking feature.
    I think that if you take these 3 components individually they will all inhance any track and trace solutions in differing ways, but the over-arching benefit is the Verify Brand product which is a valid option to the GHX solution and even goes beyond in providing a semi-centralized track and trace alternative.

    1. Peter,
      Thanks for your comment. I appreciate the dialog. Of course, anyone with a proprietary database can claim to offer a “centralized” solution, and you would be right. However, when I use the term “semi-centralized” I am using the definition established by the GS1 Network Centric ePedigree (NCeP) work that has occurred over the last few years. That is, a standards-based repository that is designed to be totally interoperable with any other competitive service offering within a higher-level standards-based environment.

      Admittedly, the GHX offering does not fulfill that yet either because there aren’t any competitors who have stepped up (that I know of anyway) to make their repository conform to the GS1 approach in an interoperable way. Perhaps Verify Brand and/or HP might want to pursue that. I provided some of the links that would help them get going within the body of the essay.

      The significance of the Abbott, McKesson, VA pilot was not that it proved a proprietary vendor’s repository worked, but that the concept of a true standards-based centralized system could work and work well. Turning it into a standards-based semi-centralized approach will require one more repository vendor to step up and follow the GS1 approach. Once that happens, all other vendors will have to play catch-up. Which vendor will be next?

      Stay tuned. In January I hope to explain how the GS1 semi-centralized NCeP approach just might comply with the California law–something I thought wasn’t possible in the past.


  2. Hi Dirk
    “…right now it doesn’t appear to me that the GHX service is usable directly for compliance with the current California pedigree law”.
    I’m eagerly awaiting your further thoughts. One of the issues is surely how to efficiently manage pedigrees flooding in from hundreds of manufacturers to the informational “choke point” represented by the relatively few wholesalers.
    One-to-one pedigree exchanges between manufacturer and wholesaler for each shipment is surely unworkable.

Comments are closed.