Over the last five years the larger companies in the U.S. pharmaceutical supply chain have increasingly aligned around GS1’s Electronic Product Code Information Services (EPCIS) standard for holding and communicating serialization-based events. The hope and expectation by many of these manufactures and others in the supply chain is that EPCIS will be the standard that ensures supply-chain-wide interoperability in any future track and trace or ePedigree system that the federal government might impose. On its surface it appears that EPCIS is designed around GS1’s family of serialized identifiers, which are based on GS1’s GS1 Company Prefix (GCP) (see “Anatomy of a GTIN” and “Your GS1 Company Prefix: An Enterprise Resource“). This includes GS1’s Global Trade Identification Number (GTIN), Global Location Number (GLN), Serialized Shipping Container Code (SSCC), Global Returnable Asset Identifier (GRAI), Global Individual Asset Identifier (GIAI) and a few others.
Of course, the U.S. federal government does not like to mandate the use of a single company’s products or standards at the expense of others. In the last few years we have seen the FDA go out of its way to ensure that companies in the healthcare supply chains can use standards from GS1, HIBCC and ICCBBA to generate a valid Standardized Numeric Identifier (SNI) for pharmaceuticals (see “FDA Aligns with GS1 SGTIN For SNDC”), and most recently, a Unique Device Identifier (UDI) for medical devices (as soon as those organizations are officially “accredited” by the FDA) (see “InBrief: FDA Publishes Final UDI Rule”).
(Interestingly, they broke with that approach recently when it came to location identification, choosing to sanction only Dun and Bradstreet’s Data Universal Numbering System (DUNS) number for the registration of manufacturing facilities, seemingly ignoring GS1’s similar purposed Global Location Number (GLN). See “FDA Chooses DUNS For Unique Facility Identifier”).
That works for identifiers, but what happens when you start making use of higher-level standards that need to reference SNI’s, UDI’s and locations? Can you take the same approach and allow users to choose higher-level standard from GS1, HIBCC and ICBBA? GS1’s EPCIS standard is one of those “higher-level standards” that I am referring to here. The problem is, neither HIBCC nor ICBBA has a high-level standard like EPCIS, so if you need to generate a set of supply chain events based on serial numbered product, right now you’re probably going to be forced to choose EPCIS from GS1.
So what happens if you invest in HIBCC or ICCBBA identifiers to identify your products today, but then later find out that the supply chain is planning on using GS1’s EPCIS standard to ensure interoperability in the exchange of supply chain events. Are you in trouble?
Looking at it in another way, you might think the use of EPCIS to convey serialization and ePedigree data in an interoperable way would result in a bit of a wedge in the future that would force all drug and device manufacturers to obtain their product identification codes from GS1, even though the FDA might accept identifiers from other accredited organizations. In other words, if GS1 EPCIS would be the only way to carry mandated track and trace or ePedigree information so that interoperability is maintained, then you might think the only way to do that successfully would be if everyone was forced to use GS1-issued GTINs for their healthcare products.
Well, if you thought that, you would be wrong. EPCIS has its origins in the Massachusetts Institute of Technology (MIT) AutoID Center, now MIT AutoID Labs. In 2003, GS1 acquired the intellectual property that included what would later become the EPCIS standard from MIT and created EPCGlobal which focused on RFID tag standards. But EPCIS was specific to serialization, not just RFID. It took some of the folks in GS1 a few years to figure that out but once they did, the standard was elevated out of the EPCglobal organization to its proper status as a general purpose serialization standard (see “InBrief: RFID and Barcode Interoperability”).
The architects of the GS1 EPCIS standard wanted to create a standard that could be easily used with product identifiers and serial numbers from any global issuing agency as long as they conformed to certain standards developed by the World Wide Web Consortium (W3C). Even after GS1 acquired EPCGlobal the organization, this concept prevailed and is built into the EPCIS standard today. GS1-issued identifiers are treated no differently than those from any other conforming organization, making EPCIS a truly general purpose standard. So the answer to the question posed in the title of this essay is, “no”, the use of EPCIS will not force everyone to use GS1 identifiers. That’s true of any use of EPCIS—not just for drugs—so EPCIS would be a good choice for tracking & tracing medical devices and other serialized “things” in the future as well.
If you already have HIBCC or ICCBBA product identifiers and serial numbers, in theory, you will be able to use GS1’s EPCIS. I use the phrase “in theory” because, before you can do that, someone must define an accepted Uniform Resource Identifier (URI) for those identifiers and serial numbers. That’s not very hard to do but I doubt if GS1 will do it, so HIBCC and ICCBBA should do it before their users need to use EPCIS, or they risk the appearance of a wedge when none actually exists (see my suggestion for HIBCC in “Masterpiece: GS1 Tag Data Standard 1.5”). They don’t even need to contact GS1 in order to do it either.
Use of the GS1 EPCIS standard is royalty free. The only payment for use of GS1 standards is for the use of their GS1 Company Prefix (GCP). When you use EPCIS with properly formatted identifiers and serial numbers assigned by a different standards organization you don’t use a GCP so you would incur no additional cost from GS1. Because EPCIS was designed to use product identifiers and serial numbers from any conforming standards organization, the FDA and any other governmental organization should not feel like they are locking companies into a single standards organization if they were to identify GS1’s EPCIS standard for track & trace.
So do you think the FDA will embrace EPCIS in the track & trace guidance they are due to publish soon?
Dirk.
Dirk-
Great article highlighting the role of EPCIS as a flexible traceability standard. I’m deeply familiar with a great example outside of pharma where one of the most recognizable high tech/electronics company in the world has a complete supply chain traceability solution that uses EPCIS but doesn’t use a single GS1 Identifier key (yet).
I look to the solution providers to keep pushing this principle forward (a few have some catching up to do) and ensure support for GS1 standards is just a subset of their overall capabilities.
Hi Dirk,
Thanks for the article. It really got me thinking. Also, Would EPCIS (hence GS1) become the preferred choice if the FDA were to go to a centralized model verses a distributed model? That is, supply chain members would record data into a central repository. Authentication and verification would be performed by querying the central repository.
Sam,
Thanks for your comment. Good question. I don’t know. If the FDA were to go down the path of a centralized model, it is possible that they would agree that a standards-based approach, using a standard that is developed and maintained by a third-party standards organization, like GS1’s EPCIS, would be best for the industy. On the other hand, they may be able to come up with a specific-purpose repository and interface that is simplified compared with EPCIS, which is designed to be a general purpose standard. At this point it’s not possible to guess which way they would go on that. We’ll just have to see if it comes to that.
Dirk.