One of the most recent improvements that California made to their drug pedigree law was to spread out the compliance dates by supply chain segment. Previously, all segments had to comply with the regulation by January 2011. Now drug manufacturers will need to comply with half of the products (or sales) by January 2015 and the remainder one year later, distributors must comply by mid-2016 and the pharmacies by mid-2017. As I understand it, this spread was intended to help the industry fully prepare for the new requirements in their businesses. Companies would now have time to adjust to the changes implemented by their upstream trading partners according to their earlier deadlines.
This staggered start pleased a lot of people—particularly distributors and pharmacies. However, to me, the staggered start of the current California regulation doesn’t address the issue of complexity very well and a different kind of ramp up to full operation would be more practical and have better odds for success.
I discussed complexity in my last essay, “U.S. Pharma Supply Chain Complexity”. I tried to show what it is about the supply chain that leads to difficulty in the setup and execution of a drug pedigree system. On its own, the U.S. pharma supply chain is naturally complex. A truly workable and protective pedigree system needs to deal with that natural complexity without exploding in its own complexity and cost. As I pointed out in that essay, the problem with the more popular pedigree models (like DPMS and the various distributed pedigree models) is the large number of the point-to-point data connections that are necessary to reflect the natural complexity of the supply chain. That adds a lot of complexity.
The debate over pedigree regulatory models in the U.S. pharmaceutical supply chain often centers around how much data for each package of drugs needs to be moved between trading partners as those drugs move down the supply chain from the manufacturer to distributor(s) and ultimately to the pharmacy. The ideal model would minimize the amount of data moved yet always allow each member of the supply chain to check the prior history—the pedigree—of the drugs they are about to buy.
At a superficial level this appears to be all you need to do, but when you take a closer at the details of how the supply chain actually works in the U.S. you will see that there are other characteristics besides data volume per package that need to be considered.
FOUR VIEWS OF THE U.S. SUPPLY CHAIN
In the debates and discussions over pedigree regulatory models we are used to seeing a view of the supply chain that shows one manufacturer, one distributor and one pharmacy. That view masks so much important complexity that if we were to select a regulatory model or solution based on that view it would be far from ideal.
At the end of my last essay I said I had recently concluded that the jump to a fully automated pharma supply chain upstream visibility system is too big and complex to be achievable by every company in the U.S. supply chain by the California dates. I want to explain that statement in a future essay (soon), but before I do I want to explore some of the track and trace models that are being considered by both GS1 and the FDA. I particularly want to look at the viability of each model because I think we will find that some just aren’t (viable), and that will help narrow the search.
I’ll look at the three basic models that the FDA mentioned in their recent workshop: Centralized, Semi-Centralized and Distributed (or Decentralized as the FDA called it). There are others, but it seems that they can all be either based on, or reduced to, one of these three basic models.
In this essay I am looking at track & trace models from a global viewpoint, which is something that GS1 is doing but the FDA may not. Attacks on the pharma supply chain are a global problem and global problems demand global solutions or gaps will be left for criminals to exploit.
Trustplays a big role in today’s U.S. pharmaceutical supply chain. Patients trust that their doctors know what they are doing when they prescribe a medicine and they trust their pharmacist to fill their prescriptions with real medicines that were:
manufactured to tight quality specifications,
are well within the expiration date,
have not been tampered with,
have always been kept within recommended environmental tolerances,
and have been in the control of companies who have a strong interest in supply chain integrity and in the safety of the drugs within the supply chain.
When we receive our little amber bottles of repackaged drugs from our pharmacist, we aren’t given any way to check on any of those things ourselves. We trust that the pharmacy has done something to ensure all that. And fortunately in the U.S., we are almost always justified in that trust. We enjoy the safest supply chain in the world.
A WHOLE LOT O’ TRUSTIN’ GOIN’ ON
But, now if the pharmacy doesn’t get the drugs directly from the manufacturer, they trust that their wholesaler will supply them with drugs that have those characteristics too. And if the pharmacy’s wholesaler doesn’t get the drugs directly from the manufacturer, they trust that their wholesaler’s wholesaler provides them with drugs like that too. And if the pharmacy’s wholesaler’s wholesaler doesn’t get the drugs directly from the manufacturer, they trust that Continue reading Reliance on Trust in the U.S. Pharma Supply Chain→
If you are a regular reader of RxTrace but you still haven’t read Fortune Magazine’s recent article, “Drug Theft Goes Big” by Katherine Eban, then I suggest that you stop reading this essay right now and spend the next 15 minutes absorbing her article carefully. And then return here for my analysis. It’s that good and that important.
In this essay, I’m not going to discuss the attributes of a track & trace system from a regulator’s point of view. I’m not going to discuss input into the FDA’s Track & Trace workshop that occurs this week and I’m not going to speculate on the outcome of that meeting. Instead, I’m going to talk about the attributes of a track & trace application from the viewpoint of any global pharma manufacturer who is facing the regulatory mandates for serialization and traceability in a growing list of countries around the world, and from the viewpoint of any solution provider who is thinking about what they need to include in their solution offering so that those global pharma companies find it attractive enough to buy.
To those kinds of companies, the potential for new non-binding guidance from the U.S. is important, but perhaps less so than an increasing number of binding regulations from around the world. Whatever the FDA—and especially the U.S. Congress—may do in the future will be important when selecting a track & trace solution, but the U.S. is only one of the countries in the world and pharma companies that do business in those other countries do not have time to wait for the U.S. to figure out their approach before making investments.
Digital electronic messages can be transmitted from one party to another using a wide range of communications technologies. Today, businesses that make use of the internet to transmit their business messages to and from their trading partners make use of standards-based Electronic Data Interchange (EDI) message formatting.
EDI messages are typically transmitted point-to-point, from one business to one other business. There are a large number of EDI message types defined but in the pharmaceutical supply chain the most common messages are purchase orders, purchase order acknowledgments, invoices and advance shipment notices (ASN’s). (While I have the chance, I’d like to point out that ASN’s are not pedigrees for multiple reasons that I will not cover in this essay.)
In the U.S. pharma supply chain AS2 is the most common communications protocol in use for EDI message exchange. AS2 provides generalized message security to ensure that the messages cannot be understood or tampered with by unauthorized parties during movement from sender to recipient. According to Wikipedia, these are achieved through the use of digital certificates and encryption. Messages can optionally be digitally signed by the sender to provide non-repudiation within the AS2 payload context.
DISCLAIMER: RxTrace contains some of the personal thoughts, ideas and opinions of Dirk Rodgers. The material contained in RxTrace is not legal advice. Dirk Rodgers is not a lawyer. The reader must make their own decisions about the accuracy of the opinions expressed in RxTrace. Readers are encouraged to consult their own legal counsel and trading partners before taking any actions based on information found in RxTrace. RxTrace is not a vehicle for communicating the positions of any company, organization or individual other than Dirk Rodgers.