DSCSA, FDA

FDA DSCSA Public Meeting #2, Still A Gulf

Click image to enlarge

The gulf in expectations and goals exposed in the first FDA Drug Supply Chain Security Act (DSCSA) Public Meeting back in August (see “FDA DSCSA Public Meeting #1 Exposes Gulf In Goals” and “HDA Schools FDA On DSCSA”) was still visible in the second meeting last week.  There is still one more announced meeting scheduled for February 28, 2018 for the FDA and the industry to align (see “FDA Announces New DSCSA Pilot Program and Public Meeting Series”).  Based on my observations at these first two meetings, I’m not going to hold my breath.  The FDA is likely to announce more meetings in 2018.

The FDA did adjust their position on at least one thing after the August meeting.  They “heard” that the industry does not want a central data architecture to meet the DSCSA 2023 requirements.  So, in the FDA’s dialog at the December meeting, they referred to a distributed data architecture and systems.  Sounds like progress, right?  Well, the only problem was, the FDA still expected features and performance that would only come from a centralized data model.  That is, they still seemed to expect to have a full, end-to-end view of the supply chain history for any given drug, provided very quickly at a single point.  That’s not what you are likely to get from a distributed model, so all they really did was to call it what they heard the industry wanted to call it, but still ascribe the features and characteristics you would expect from a central model.  Is that really progress?

Maybe some progress occurred over the use of aggregation and inference.  The FDA included a solid block of time to discuss it because they understand that the industry wants to rely it in 2023.  At the end of several presentations on the technology and how it would work (see “How Should Inference Work?”), one of the FDA panelists asked how the industry can get to a governance group to move the decision process forward?  It seemed clear that the industry needs to create a proposal for the use of aggregation and inference for the FDA to review and comment.  No industry organization stepped up to volunteer to produce it, but hopefully one will soon.

There was an interesting discussion near the end of the second day that seemed to bring everything to a head.  The read-out from the last breakout session on 2023 scenario exercises had just finished and one of the things that one or more of the groups included in their report was that the 2023 requirements do not require dispensers to perform a verification check on every drug.  Dr. Bernstein, Deputy Director, Office of Compliance, Center for Drug Evaluation and Research with the FDA didn’t like that (see “FDA Speaks About DSCSA At HDA”).  She said the goals of the DSCSA EDDS phase are to enhance patient safety and how can we do that if dispensers do not do a verification check on every drug, at least on receipt?  Is there a way to design a system that will solve this problem, she asked?

It was around that time when one of the other FDA panelists asked a question about how recalls will change after 2023.  She asked for an explanation of how drug manufactures would handle the recall of a single unit, given its Standardized Numerical Identifier (SNI) (see “Anatomy Of An FDA SNI”)?  Years ago this topic came up in the various groups I have participated in, but I think most people have concluded that it is unlikely that drug manufacturers will issue recalls based on serial numbers rather than lot numbers, even after 2023.  Just because someone from the FDA asked the question doesn’t mean they will require the industry to do it—in fact, the FDA would have to update their recall guidances for that to happen—but the question is not a closed issue.

The Verification Router Service (VRS) from the Healthcare Distribution Alliance (HDA) came up in the discussion several times (see “First Meeting of the HDA Verification Router Service Task Force”).  Over the last few weeks I have listened very carefully to the comments made by representatives for each of the “Big 3” wholesale distributors, and I started to sense that they each use different words when they talked about when drug manufacturers should expect to use that technology.  Last year, when the HDA concluded their year-long study of the dozen or so ways to solve their DSCSA 2019 saleable returned drug verification requirements (see “DSCSA: Saleable Returns Verification”), they said that drug manufacturers could choose either one of two ways to help them meet those obligations:  either provide them with a list of SNI’s that are in each shipment along with each shipment, or, use the VRS (see “DSCSA Serialization: What Wholesalers Expect”).  But now I sensed that at least one of the wholesale distributors was saying they would require their suppliers to do both!  So, during the IQPC Pharmaceutical Traceability Forum that occurred immediately after the FDA Public Meeting (see “Don’t Miss These Back-To-Back Pharma Serialization and Tracing Events”), I asked the members of the wholesale distributor panel to explain exactly what they require.

It turns out that I have mis-interpreted what they were saying.  All three of them (McKesson, AmerisourceBergen and Cardinal Health) agree that their suppliers may choose one approach or the other, but McKesson strongly believes that every manufacturer will need to implement the VRS anyway.  The reason is that it will be the only way for secondary wholesalers—those (generally smaller) wholesale distributors who buy drugs from the wholesale distributor who buys directly from the manufacturer—to verify their saleable returns.  A list of SNI’s included in their incoming shipments from their supplier will not be sufficient because their supplier is not the original manufacturer.  Any drug manufacturer who does not participate in the VRS system should expect to receive phone calls and emails from those secondary wholesalers to verify their saleable returns.  For some, that may still be a large volume of product.

During the FDA meeting and the follow-on IQPC forum there were signs that blockchain has become a bit of a joke (see “Blockchain Reigns At GS1 Connect 2017” and “Could Blockchain Technology Be Used For DSCSA Compliance?”).  Occasionally, during quiet moments between sessions, someone would yell out “Blockchain!”, and everyone would laugh.  Besides that, I started to get the sense that there is an opposition to the use of the technology for DSCSA beginning to organize.  We’ll see if it actually gets organized and makes a stronger appearance in the industry.  If it does, then this meeting is probably where it began.

I also noted that HDA’s Origin master data service (see “Dawn of HDA’s Origin, The Key to DSCSA Compliance”) was not mentioned once during the FDA meeting or the IQPC Forum—at least in the sessions that I attended.  This is despite several open discussions of the importance of supply chain-wide master data exchange.  I’m not sure if that is bad omen for the future of the service, or just a reflection of people not wanting to talk about the TraceLink/HDA lawsuit (see “What The TraceLink v HDA Lawsuit Teaches Us About The Value of Supply Chain Master Data”).

This series of FDA public meetings is intended to explore options for the EDDS, but if the industry and the FDA do not agree on the intention of Congress when they enacted the DSCSA back in 2013, it is unlikely they will agree on the technology and processes that will be necessary on that date.  The problem is, the language that describes the operation of the EDDS is vague (see “5 Myths About The DSCSA In 2023”), leading both sides to an interpretation that favors their preferences:  The industry toward minimizing costs and maximizing efficiencies, and the FDA toward maximizing patient safety at all costs.

Neither interpretation is a surprise, considering their respective missions, but if this process had been started earlier—say, back in 2014—there would be more time to debate and develop some alignment.  But at this time it is too late to expect alignment without missing the 2023 deadline.  Working backwards, to meet that deadline, solutions will need to be tested and deployed.  Prior to that, those solutions would need to be designed and built.  Prior to that, the requirements for those solutions would need to be well-defined and agreed to.  Prior to that, you need alignment between the FDA and the industry.

Each of these steps takes time, even when there exists good leadership and a sense of urgency.  The problem is, the responsibility for the leadership has not been established (see “A US Medicines Verification Organization (USMVO)?” and “DQSA: The U.S. Pharma Supply Chain Must Organize, Or Risk Failure”).  So there is currently little forward movement toward what is needed to meet the deadline, and these FDA Public Meetings are little more than windows that let us view the gulf in goals and interpretations that exist.  But the bigger problem is, I don’t see any movement toward establishing exactly what organization will be granted leadership responsibility by the industry and/or the FDA.  Until that changes, I don’t see how the DSCSA 2023 deadline is achievable.

Dirk.