Does the DSCSA Have A ‘Spirit’

I was on an industry call a few weeks ago when someone from a technology vendor suggested that the industry should take some particular action because, it was aligned with “the spirit of the Drug Supply Chain Security Act (DSCSA)”.  That got me to thinking…

Whenever you hear some someone say something about “the spirit” of a law, what they are admitting is that the law doesn’t explicitly require some specific action, but the speaker believes that action is an implied requirement.  In other words, that unspecified action fits logically within those that are explicitly specified by the law.  It’s just that the people who drew up the text that became the law did not think of that left-out action, but would certainly have included it if they had thought of it at the time.

In general terms, the “letter vs spirit” of a law debate has a long history.  People take one side or the other depending on where they stand to benefit on the outcome, but I think most people would acknowledge that words used in the “letter of the law” are often incapable of expressing the full intent of those who enacted it, and therefore are willing to accept “the spirit of the law” in many cases.  In the legal realm, we need judges and juries to help draw the line between letter and spirit in specific cases (although in the case of the current Presidency I think the US public and/or their representatives will soon be given the chance to draw that line).

What does the “letter vs spirit” debate have to do with the DSCSA?  Does the DSCSA even have a “spirit”?  I’m not so sure it does, or if it does, it might not be what that technology vendor thinks it should be.  Let me explain.


To understand what the spirit of a given law is, you have to go back in time to figure out exactly why it was enacted in the first place.  RxTrace was around well before the DSCSA was conceived and I followed its development from the beginning.  My take on why the DSCSA was enacted goes something like this:

Following the tragic and incredibly evil instances of counterfeit drugs discovered in the legitimate supply chain, as documented so well by Katherine Eban in her book “Dangerous Doses” (2006), about thirty states passed various drug traceability regulations.  No two were the same.  This seriously threatened the efficiency of the nationwide operation of the pharma supply chain and would have resulted in spot shortages and significantly higher costs for everyone, including patients.

All of this state legislative activity missed the fact that the Attorney General of New York had effectively closed the open window back in 2006 that allowed all of those counterfeit drugs to enter the legitimate supply chain, right around the time Eban’s book was published (see “Do We Even Need To Mandate Drug Pedigrees Anymore?”).  No one in government (outside of New York perhaps) recognized that the root cause of the problem was now fixed and it was just a matter of time before things would return to “normal”.  So the states did not back off on their regulations.

In fact, the addition of unit-level serialization by California was the last straw for the industry (see “The California Pedigree Law” and “California Pedigree Law: Historic Change to Commerce”).  They formed the Pharmaceutical Distribution Security Alliance (PDSA) with the express purpose of approaching members of Congress and worked with them to create a national pharma supply chain security law.  PDSA’s primary goal was to create a federal law that would preempt all state pharma supply chain traceability laws.  Of course, minimizing the other provisions to keep them as less burdensome as possible was a secondary goal.

And it worked.  Members of Congress were not being flooded with calls from constituents about pharma supply chain security, except at just the right time, the New England Compounding Center (NECC) tragedy came to a head.  While unrelated in most cases, the two laws were easy to combine because, to people in Congress, pharmaceuticals are pharmaceuticals, so two laws that aim at pharmaceutical safety deserve to be together.  The Compounding Quality Act (CQA) was combined with the Drug Supply Chain Security Act (DSCSA) to form the Drug Quality and Security Act (DQSA).

The point is, the DSCSA was not really created in a normal democratic process.  Congress did not decide it was necessary.  The industry did; to protect it from the overly complex California law.  Rather than show how the actions of the New York Attorney General had solved the problem and so nothing was really necessary, the industry created a regulation that would force themselves to take some actions (but not the full “California-like” actions) and, most importantly, it preempted all existing and future state laws that dealt with pharma supply chain traceability (see “Preemption: What Does It Mean?” and “The California Pedigree Law Is Now Officially Inoperative”).

Congress just went along for the ride since the industry—the very companies who would be regulated by it—was asking for it.  Congress was happy to accommodate the industry with a bill that had no opposition, allowing them to pass something/anything in a bipartisan fashion.  The bill passed both the House and Senate on voice votes without opposition.  Even one of the bill sponsors really didn’t know much about what was in the DSCSA portion of the DQSA (see “Impact of RxUSA v. HHS On Future Pedigree Legislation”).

So what, then, is “the spirit” of the DSCSA?  I would argue that the spirit of the DSCSA is that states must not regulate interstate commerce—the nationwide pharmaceutical supply chain, particularly.  You can bet that part of the law has lots of “spirit”.  All that other stuff in there (serialization, TI/TH/TS) was just necessary to get the California Congressional delegation to go along and not oppose it, and to prevent the FDA from complaining about it.  Those parts are “spirit-less”—not just because they were necessary baggage to get the law passed, but because the vast majority of it doesn’t really solve any current significant problem in the supply chain.

Remember, the Attorney General of New York took care of the real problems documented by Eban, and he did it without any significant changes to the way the supply chain operates (see “DSCSA: Special Privileges For The “Big-3” Wholesale Distributors, Part 1” and “Well-Intended Report Calls For Global Track & Trace Of Pharmaceuticals”).

No, the “spirit” of the DSCSA does not include everyone in the supply chain scanning barcodes and verifying drugs at every juncture, beyond what is specifically called out in the DSCSA.  That wouldn’t help anything, and it would cost everybody, including you and me.  And, no, the spirit of the DSCSA does not include any justification for going beyond the letter, as the FDA initially tried to do in their first DSCSA Public Meeting last year (see “FDA DSCSA Public Meeting #1 Exposes Gulf In Goals”).  Because we no longer have a serious counterfeit drug problem in the US legitimate supply chain (see “Illegitimate Drugs In The U.S. Supply Chain: Needle In A Haystack” and “Stop Claiming that 10% of Drugs Worldwide are Counterfeit”).


Even the FDA seems to have found this out.  Last week they posted a revision to their original estimate of the number of DSCSA-mandated reports of illegitimate drugs found by members of the US supply chain (they are looking for comments on their revisions).  Under the Paperwork Reduction Act of 1995 (PRA), FDA must estimate the amount to time companies are likely to spend filling out paperwork that is mandated in their regulations.  Back when the DSCSA first became a law, FDA estimated that they would receive 5,000 notifications of illegitimate drugs found in the supply chain by its members (form FDA 3911).  But now, based on actual notifications received in 2016 and 2017, they have lowered that estimate to just 150 per year.  That’s quite a drop, but the final number doesn’t surprise me.

It’s also interesting to note who they now expect to submit those DSCSA notifications of illegitimate drugs, based on their experience.  The vast majority (120) came from drug manufacturers.  They estimate 22 from wholesale distributors, and only 8 from dispensers.  I’d love to know how many of those 120 instances submitted by manufacturers are drug packages returned for credit and destruction that are found to be filled with M&Ms, TicTacs or just plain aspirin.  Maybe its time to do a Freedom Of Information Act (FOIA) search to find out.


The FDA is measuring and reporting illegitimate drugs.  Only some portion of those are actually counterfeit.  But let’s assume that every one of these instances are deadly counterfeit drugs, and none of them were caught and removed by supply chain actors.  And lets multiply the total by ten to try to account for others that were not caught.  That means our doctored estimate of counterfeit drug packages in the US supply chain is about 1,500 per year.

Let’s say each package represents 10 prescriptions that would have been dispensed to patients.  That comes out to be 15,000 out of the estimated 4.5 Billion prescriptions filled in the US in 2016, or, generously .00033%.  That’s a fair amount more than my estimate of .00001% back in 2011, but I have intentionally tried to inflate each step of my calculation this time, attempting to arrive at an absolute maximum probability.  This includes the fact that I am treating everything the FDA calls “illegitimate” as if it were “counterfeit”.  If you disagree with my math or my assumptions, please leave a comment below.

If you’re one of those 15,000 people (but remember, the vast majority of these packages were taken off the market by the drug manufacturers—and likely would have been despite the DSCSA—so this actual number is likely several orders of magnitude lower) who receive a counterfeit—er, illegitimate—drug in your prescription dispensed by a legitimate pharmacist or medical professional, you are justified in being appalled.

All I can say is that the technology and the techniques we employ to go from .00033% counterfeits to .000033% (only 1,500 people potentially receiving counterfeit drugs, down from 15,000) should be a little different than what we are currently employing to meet the requirements of the DSCSA, let alone what will be necessary in 2023.  We put the cart before the horse when we failed to study the extent of the problem and search for the root cause, before we decided what to do about it.

So let’s not talk about the DSCSA having a “spirit”.  To have a spirit, the law has to result in some significant benefit to the public.  And even if I’m wrong, and the DSCSA does have a spirit, it particularly does not justify scanning and verifying every drug package at every stop.


If you like these essays, I wanted to let you know that I have entered into a new agreement with the Center For Supply Chain Studies to post new essays on their MemberSpace under “A Monthly Slice of RxTrace“.  Essays posted there will be public and free.  I intend to write the same kind of material there as I do here, and I just posted a new one last week for September.  Check it out and let me know what you think.  Make sure you subscribe (follow) there.  It’s free!