Last week the Healthcare Distribution Alliance (HDA) submitted nine pages of comments in response to the FDA’s Request For Comments in docket number FDA-2017-N-3857 (find their submission here).  It is worthwhile for you to read because the HDA generally sets the gold standard for detailed analysis of the Drug Supply Chain Security Act (DSCSA), and because this one is particularly pertinent to discussions going on at the FDA and around the industry right now.

The full title of the FDA RFC is “Enhanced Drug Distribution Security Under the Drug Supply Chain Security Act; Public Meetings”.  So far the comments submitted are the results of the first of three planned public meetings by the FDA (see “FDA Announces New DSCSA Pilot Program and Public Meeting Series” and “FDA DSCSA Public Meeting #1 Exposes Gulf In Goals”).  This series of meetings is intended to allow the FDA to collect opinions and ideas about how the US pharma supply chain should operate under  the DSCSA after November 27, 2023, the beginning of the so-called Enhanced Drug Distribution Security (EDDS) phase (see DSCSA Section 582[g]).  It’s a good idea to monitor this docket as these meetings occur to see what various organizations think about the topics discussed.  Their written responses submitted there—usually after-the-fact—are always well-composed and to the point.

And that is especially true of the HDA’s response to the August 23, 2017 FDA Public Meeting.  The HDA is very concerned about the FDA’s apparent desire, as demonstrated by the way they ran this first public meeting, for the industry to go well beyond the EDDS requirements that are spelled out in the DSCSA.

During the August 23 public meeting, much of the discussion seemed centered around the things an interoperable electronic system for tracking pharmaceuticals theoretically might do, without sufficient explanation of what an interoperable system is and what it must do by November 27, 2023. HDA recognizes the appeal of aspirational features of this system and fully supports trading partners voluntarily exploring additional functionality.

“However, with 2023 requirements still to be met and transaction data that must be exchanged seamlessly between trading partners throughout all sectors of the supply chain, we believe focus upon potential, future capabilities is distracting from the considerable work that must be done, particularly item-level serialization, verification, serialized data exchange, and providing certain transaction data upon request by an appropriate entity. Wholesale distributors look forward to exploring with their trading partners the potential additional opportunities interoperability provides, though not at the risk of sacrificing compliance with the DSCSA’s requirements by 2023.”

If this theme is familiar to you, then perhaps you read my own recent scathing review of the first FDA public meeting (see “FDA DSCSA Public Meeting #1 Exposes Gulf In Goals”).  We have similar impressions of the wide separation in goals between the FDA and some in the industry, but the HDA’s comments get very granular and articulates their goals so well.  They establish the fact that the supply chain is already more secure than it was before the law was passed, but after 2023, if only the requirements spelled out in the DSCSA are implemented, the supply chain will be significantly more secure.

The DSCSA builds over its ten-year implementation a highly protective, secure, interoperable system between trading partners that significantly enhances supply chain security over the pre-2013, preDSCSA state.”

The HDA also has concerns over the definition of “interoperability” that the FDA included in a pre-meeting document sent to the attendees.  HDA fears that the definition could be misinterpreted by some to mean that transaction data must be visible to entities beyond just the two parties involved in the change of ownership (see also “Does Interoperability Change In 2023?”).

Each trading partner should be able to engage in DSCSA-compliant, consistent, efficient interoperable transactions with all its trading partners; this does not mean that a single trading partner can, or is entitled to, view the transaction data beyond the immediate, single transaction to which it was a party. We accede to the proposed definition of ‘interoperability’ so long as it is not interpreted to mean end-to-end visibility into all of a product’s transactions from any point in the supply chain.”

The HDA is very concerned about the FDA’s loose talk about ideas that imply a centralized transaction data repository.

[In] [t]he vision FDA articulated at the August 23 public meeting […] [i]t appears FDA envisioned a system that could provide all information on a product, from point of commissioning the identifier to point of dispensing.  Such a system appears to presume that each trading partner in the supply chain would make its transaction data available, via an upload to a central database, or routers to interconnected databases, or some other means.”


“A centralized system with the ability to see and know a product’s status at any point in the supply chain would […] require trading partners to undertake actions the DSCSA does not mandate. […] It is difficult to see how any such centralized system could provide meaningful, accurate data unless all trading partners were legally required to participate in it. We do not believe such a requirement can be found in the DSCSA.”


“[…] [T]hough wholesale distributors have been and are committed to implementing the DSCSA and to its goals of better serving patients through a secure, efficient, compliant, supply chain, the enormous work done so far does not contemplate building a centralized model which is what we believe would be necessary to accommodate the many additional, but not required, features discussed at the August 23 meeting. There would be very significant consequences to diverting scarce resources to building such a model now.”


“We continue to believe that the supply chain is best served by doing first what must be done – achieving interoperable data exchange between two trading partners with each trading partner owning and maintaining its data in a repository it controls – before trying to build something far more complex, and more expensive. Attempting to add extra attributes now will divert valuable, and limited, expertise and resources to other tasks extraneous to meeting DSCSA requirements and may actually delay implementation of the well-defined supply chain security improvements Congress has mandated take place by 2023. We believe altering course to a centralized system – which is what would be required for many of the additional functionalities – would entail enormous additional costs and significant delays.”

The HDA is also concerned about FDA’s talk about the ability to query a unit’s “status”.

“The DSCSA does not mandate the capture or reporting of a product’s status as it moves through the supply chain. The distributor is not required under the DSCSA to report to the manufacturer when it sells a product to a buyer, or otherwise sends the data for the transaction anywhere other than to its buying customer. Similarly, dispensers do not have to record, maintain, or verify identifiers when they administer or dispense a product.”


“Finally, the accuracy of any ‘status’ information assumes all trading partners record and report all changes to a product’s status. In the absence of a DSCSA mandate, it is difficult to envision the entire supply chain participating in such a voluntary effort.”

HDA is concerned about comments by the FDA that implied an ability to verify that a trading partner is an “authorized” trading partner.

This functionality is beyond the DSCSA’s requirements, and we do not believe this is a reasonable expectation for the enhanced, interoperable electronic system.

The extracts above only summarize the HDA’s arguments, but the full arguments are well supported with sound reasoning.  It may seem like I have extracted a lot of material but it represents a small fraction of the text from their submission.  I highly recommend that you read their full response—particularly before you attend the HDA Traceability Seminar and the next FDA Public Meeting.

Speaking of that next Public Meeting, HDA has some recommendations for the FDA.

For the December 5-6 public meeting, HDA strongly urges focus upon identifying the necessary elements for compliance with the DSCSA’s 2023 data exchange requirements between trading partners. We believe time and resources should center upon what must be done to meet the statutory requirements and what is workable.

Thank you HDA.  Well said.  We need other organizations to be as brutally honest with the FDA as the HDA is in their response, or we will all wasting a lot of time, energy and money chasing things that are not mandated.  The time to pursue those extra elements that the FDA wants to discuss is after everyone has met the 2023 requirements that are actually in the law.

Disagree?  Leave a comment below.