California, Congress and The Choices We Are Forced To Face

The Thinker statueImportant Notice To Readers of This Essay On November 27, 2013, President Barack Obama signed the Drug Quality and Security Act of 2013 into law. That act has many provisions, but one is to pre-empt all existing and future state serialization and pedigree laws like those that previously existed in California and Florida. Some or all of the information contained in this essay is about some aspect of one or more of those state laws and so that information is now obsolete. It is left here only for historical purposes for those wishing to understand those old laws and the industry’s response to them.Another week has gone by with no official movement in the Senate on the compromise pharmaceutical compounding and track & trace bill, H.R. 3204, the Drug Quality and Security Act (DQSA) (see “Waiting For The Senate To Act On A Track & Trace Bill, Again”).  With the focus of the Congress rightly on reopening the government I think we should expect to wait a little longer.  You can bet that the supporters and the opposition are both developing their strategy as time goes by.

I attended the GS1 Global Healthcare Conference in San Francisco last week and it was a great opportunity to reconnect with a lot of people I have worked with over the years on defining workable standards for healthcare supply chain data exchange.  Some of us are still at it.  It was great seeing you all.


The California Board of Pharmacy has been working on a draft regulation for the practice of inference for a long time (see “California’s Draft Inference Regulation”).  Because the process they are required to follow to transform a draft into actual regulation takes about one year, they are going to freeze that draft sometime in the next two months or they risk not having a working regulation by the time their law goes into effect on January 1, 2015 (assuming they are not preempted by the recent bills in Congress).  The same goes for regulations on inspections and certifications (see “California’s Draft Regulation on Inspections” and “Draft Regulations On Certifications Within California ePedigrees“).

At last week’s GS1 Healthcare conference, Virginia Herold, the Executive Officer of the California Board of Pharmacy, explained that if the process takes too long the Board can invoke an emergency clause to ensure that companies know the regulation before the effective date.

The latest draft of the proposed inference regulation can be found within the meeting materials for the Board’s ePedigree Committee meeting on September 26, 2013.  It is a weighty regulation that would require trading partners to jointly develop standard operating procedures (SOPs) that define the circumstances under which inference would be deployed, the limitations of that deployment, a sampling plan for sampling sealed homogenous cases for continued compliance and the means and time limits for remediation of any data and product discrepancies discovered.  And it would require you to notify the Board of Pharmacy of those discrepancies within 3 business days.

But probably the most onerous and, in my opinion, unnecessary provision is the following:

“Where, once a sealed case is opened, the entire contents of the case are immediately scanned and confirmed to the pedigree data received, and any discrepancies are reported”

The problem is with the term “immediately”.  This is unrealistic and adds nothing to public safety.  Instead of “immediately”, the Board should require that the entire contents of the case are scanned prior to further distribution or dispensing.  That would address the same public safety concern without subjecting supply chain participants to undue and unnatural process changes.  In fact, when a case is opened today, most members of the supply chain already scan the barcodes on all of the units inside, just not immediately.  These scans occur over a period of time as less-than-full-case orders are fulfilled.  Forcing this to occur immediately would really mess up the natural sequence of events in a distribution center without adding any additional benefit.  Companies are going to find the discrepancies either way.  Isn’t that the important thing?


It’s tough for everyone to think about and continue working on the California regulations in light of the pending action in Congress, but if you take your eyes off of California right now you elevate your risk of not meeting that law should the compounding pharmacy lobby successfully block the bill currently in the Senate.  Every company’s situation is different and so there is no one-size-fits-all strategy (see “California ePedigree Uncertainty”).  However, here are a few things to consider.

The serialization part of the bill in Congress makes use of the same technologies and standards that the California law does, so investments in those technologies—including line management, number management and local EPCIS repositories—are safe.  I recommend that you proceed with that part of your projects regardless what happens.

Be aware that the California law does not require serialization of shipping containers, like cases, but supply chain efficiencies dictate that you do so.  The federal bill would require it anyway.  California does not require the inclusion of the lot and expiration date in your barcodes but many companies are planning to include them anyway.  The federal bill would require that too.

When it comes to pedigree software, it may be unlikely (though certainly still possible) that the FDA will mandate the use of any of the technology and standards that are currently being applied by solution providers for meeting the ePedigree part of the California law.  The federal bill would give the FDA one year to specify how transaction information, history or statements must be exchanged by parties in the supply chain.  Remember, these data elements could be exchanged by trading partners in either paper or electronic form for 10 years after enactment.  If you have already made an investment in an ePedigree solution, proceed with the deployment unless and until the federal bill passes.

But if you have not yet made an investment but are on the verge of doing so, you might consider holding off a couple more weeks to see what happens with H.R. 3204 in the Senate.  If the bill passes without amendment, reset your decision-making process.  If the bill is blocked, or if nothing happens in the next few weeks, you have to decide if the risk of waiting is worth the possibility that you might not be ready for California should the federal bill fail.  It is a tough call.


There appears to be a lot of uncertainty and debate going on around the industry about whether or not the enactment of H.R. 3204 would require pharmaceutical companies to generate aggregation data.  I’ve heard both sides and I have been asked what my opinion is on the subject several times, including in a comment left on last week’s essay.

My read of the bill leads me to believe that aggregation would not be required, at least for the 10 year period starting with enactment.  During that period, the system would operate as a lot-based pedigree system, not a unit-level serialization-based pedigree system.  So during that time (starting after 4 years), the unit-level serial number would have to appear on each drug package and each case, but no one would need to make use of it.  That is, the unique serial numbers would not need to appear in anyone’s transaction statement, information or history—the pedigrees—because they would be lot-based.  In that case there would be no need for serial number-based aggregation data.

It is possible that aggregation data might be a necessity, either by FDA rule or for supply chain efficiencies, once the enhanced supply chain track and trace rules would take effect 10 years after enactment, but that’s so far out and there will be so many public meetings and time to re-think the whole solution that I cannot even guess at this time.

That’s my observation.  Leave a comment below if you disagree.


11 thoughts on “California, Congress and The Choices We Are Forced To Face”

  1. Thanks for a great article as always Dirk. A question on aggregation. The bill clearly states that for Suspect products manufacturers “beginning 4 years” of the bill enactment need to verify the product at the package level including the SNI. This is “beginning 6 years” for the wholesalers. How will that be possible without aggregation?

    1. TJ,
      Thanks for your comment. The percentage of drugs in the U.S. supply chain that fill the definition of “suspect” is a very tiny fraction. Those drugs will need to be verified at the package level (the unit-level), not the case level. Therefore, aggregation data will not be necessary. In fact, even under the California law if someone has a reason to believe that a case of drugs are “suspect” it would be a serious mistake to use inference (with the aggregation data they were given) on that case. In all instances of suspect product companies should open the cases and verify each of the SNIs on the units inside.


  2. The interpretation of the bill is that manufacturer’s need to have an electronic system instead of paper after four years.

    1. D
      Thanks for your comment. You are right! The systems for exchanging transaction statements, information and history between manufacturers and wholesalers must be electronic after 4 years. I don’t see that requirement for any other member of the supply chain so it appears that anyone receiving those electronic documents can convert them back to paper at will. I suppose the assumption is that once manufacturers start providing these things exclusively electronically, wholesalers and chain pharmacies will decide to store them that way at least.


  3. Certainly, the consensus view of those I interacted with @ the GS1 Conference was that whilst the Federal Bill does not state the need for aggregation, it is certainly not possible to fully comply with the requirements of the Bill without it.

    I think before the bill is finally passed, some consideration should be given to unambiguously stating the requirements in this area else we’ll have a whole mass of poorly implemented solutions with no real business benefits which will need rework in a few years time.

    There’s always the option of California passing a supplemental bill to enforce pedigree & aggregation separately – now that would make for a fun time for all.


    1. Ian,
      Your comments led me to review the text of H.R. 2304 to make sure there was nothing I missed, and I am convinced more than before that in the first 10 years there will be no need for manufacturers to capture or pass aggregation information. Since, during that time, the SNIs will not be passed between trading partners, there will not even be an opportunity to provide aggregation information. No one will want it. They won’t know what to do with it. After the first 10 years, yes; before the first 10 years, no.

      Also, notice that a manufacturer’s or repackager’s proper response to a product identifier authentication request (called a “request for verification” in H.R. 2304) is to indicate that the SNI in the request “corresponds to the product identifier affixed or imprinted by the [manufacturer] [repackager]”. That is, the SNI is, or is not, one that was produced. The response need not determine whether or not it makes sense for the company making the request to be in possession of that particular SNI. No aggregation information needed.

      However, it is fine to disagree on this point for now. In fact, it will be up to the FDA to produce final rules for the implementation of the law, if it passes. Their interpretation will be the only one that matters and companies will be given enough time to comply whichever way they go. No need to rush a deployment or rework a system later.


      1. Dirk,

        What about the need to Serialize @ Unit & Case.

        If there’s no association between the two, I.e. Aggregation, what’s the point?

        You can’t use the case ID to receipt the saleable units.


        1. Sorry, “sent too soon”.

          I attended GTT this week and this topic was discussed there. Certainly, a major Distribution Company stated that it is expecting case to serial relationship data and, ideally case to pallet due to their huge transaction volumes and that they are working with Mfrs on that basis.



          1. Ian,
            Thanks for continuing the dialog on this topic. The bills in Congress may appear to be somewhat illogical, as you point out, but that is likely due to the differing interests of the three primary supply chain segments represented on the PDSA (manufacturers, wholesalers and pharmacies) and the politicians in Congress. I don’t see any requirement to receive saleable units using their serial numbers until after 10 years so even though the cases and the units must all be serialized after 4 years, there would be no need for manufacturers to provide aggregation data until the 10 year milestone. Notice that the words “inference” and “aggregation” only appear in the section that describes what happens after the 10-year point, not before.

            Regardless of what the major distribution company said at GTT, unless they are required to deal with serialization, I am confident that the major wholesalers will not need aggregation data and therefore they will not demand it until around the 10 year point. I’ve run into quite a few people in the last few weeks who assume that because serial numbers would be required after 4 years, that means that aggregation data will also be necessary, so the folks from that major distribution company are not alone. I just think they are mis-interpreting the actual language and making unwarranted assumptions.

            But as I have said, the only interpretation that really matters will be that of the FDA if/when they are expected to implement it in rules.


          2. All serilized product will be aggregated to the lot/batch first and foremost. Secondarily, relationships between serialized products in that lot/batch (items to cases, etc.) may also be created. Products whether item, case or pallet can then always be verified as a child of the lot. The relationship data (items to case) should be provided or made available to the downstream trade partner for business purposes. Compliance would be specific to the verifiable unit being handled. Dependance on inference can be reduced and exception processing can be built upon the verification of suspect serial numbers.

  4. Knowing what serial numbers were produced as part of which Batch/Lot should be foundational to a proper serial number management solution. You shouldn’t need “aggregation” (items to cases, cases to pallets) to accomplish that.

    I agree with Dirk, the initial reaction to the law that a lot of companies (me included), have made assumed aggregation, but that word isn’t in the bill at all. Until we see and FDA guidance, similar to what happened with UDI, then we really won’t know 100%.

    I also think that the wholesalers will require aggregation before 2023 so they can phase it into their supply chain, but anything sooner than 2020 just doesn’t make dollars sense given the cost of aggregation (HW, SW, process), and the risk of technical obsolescence over the next 5-7 years.

    In my own admittance, I realize I’m just one more opinion; It appears we aren’t short on those!

Comments are closed.