In my recent essay, “RFID is DEAD…at Unit-level in Pharma”, I used relative cost estimates to theorize that Radio Frequency IDentification (RFID) will not be the predominant carrier of serial numbers applied to drug packages for compliance with U.S. pedigree laws. My theory is that there will actually be a mix of RFID and 2D barcodes, and that barcodes will be the predominant carrier technology. As you might expect, that was a little controversial with the RFID industry (See RFID Journal’s blog post in response to my essay). Hey, it’s just a theory. I too, wish everything would be RFID, and for all of the reasons cited by RFID Journal. It’s just that I don’t believe it’s going to turn out that way and that’s based on the logic I laid out in my essay. (Also see FiercePharma Manufacturing’s more neutral post in response to my essay.)
BARCODES WILL PREDOMINATE. LET’S MOVE ON…
In a mixed-but-predominantly-barcode-serialized U.S. pharmaceutical supply chain, companies will not be able to tell which unit serial numbers are inside of each sealed case at receiving or at shipping. Because barcodes are a “line-of-sight” technology, the only way to tell with absolute certainty what the sealed-up unit serial numbers are will be to cut the tape seal, open the case, expose the barcodes, scan each unit and tape the case closed again.
It is a ridiculous notion to believe that Continue reading Inference in the Pharmaceutical Supply Chain
That’s right. And it comes from an economic reality that was evident even six years ago. That was when a small group of people with various pharmaceutical supply chain backgrounds had an informal discussion of the relative costs and impacts that each of the three primary business segments in the supply chain would face in a full deployment of Radio Frequency IDentification (RFID). As I recall, this conversation may not have even been part of the official proceedings of the project we were assembled to work on at the time. It may have actually occurred during one of the social hours after a day of meetings, but it stuck with me. Ever since that time I kept meaning to get around to creating the graphs that we envisioned at that time but have never gotten around to it, until now. Continue reading RFID is DEAD…at Unit-Level in Pharma
Conversations about the merits of various pedigree and authentication models usually start from dissatisfaction with some characteristic of the current GS1 DPMS pedigree model. I maintain that the design of DPMS—including its perceived flaws—is merely a reflection of the current state and federal pedigree laws and regulations. Characteristics that people don’t like—like digital signatures, a growing document as drugs move down the supply chain, and the fact that Supply Chain Master Data is not used by DPMS—are actually all characteristics of the laws and/or regulations, so any alternate pedigree model that would truly be usable for compliance would need those characteristics too.
But that’s not exactly what I want to discuss in this essay. Instead, I wanted to explain my theory of what U.S. pedigree laws are trying to accomplish in the first place. Forget about how they do it for now. What were the goals of those who wrote these laws and regulations? I’ll agree that this is impossible to know for sure but I think I can construct a pretty convincing theory. I don’t know any of the legislators or congresspeople who wrote these laws, but I have studied their work for over four years now. I have made the following observations.
- The highest priority goal of the Florida and California laws appears to be to detect the introduction of illegitimate drugs (counterfeit, stolen, up-labeled, diverted, etc.) into the legitimate supply chain as early as possible, preferably at the very first transaction. These laws accomplish this by requiring companies buying drugs within the supply chain to receive the full supply chain history of those drugs at the time of the purchase (contained in a “pedigree”), and, most importantly, by requiring them to verify the legitimacy of those prior transactions. In Florida that verification can be performed by direct contact, such as a phone call, email, fax, etc., or, optionally, through the use if digital signatures. In California, this verification can only be performed through the use of digital signatures. The federal PDMA, on the other hand, does not appear to obligate the buyer to do any verification of the information provided on pedigrees they receive.Finally, Florida and California both require the recipient of the shipment to confirm that the physical drugs they received match those described by the pedigrees they received. That seems obvious, doesn’t it? Why would any legislative body require all or some supply chain participants to go through all the expense to generate and pass pedigree information but stop short of requiring anyone to actually look at it? Well, oddly, the federal PDMA appears to do just that.
- There is a clear attempt in the laws to help identify who participated in the introduction of the illegitimate product. This is important if your goal is to efficiently and quickly investigate the suspected crime. This would aid in shutting down the criminals as quickly as possible before they are able to spread bad medical products very deeply into the supply chain. Continue reading What are Pedigree Laws Trying to Accomplish Anyway?
Right now there is only one industry standard that can be used to comply with the various drug pedigree laws in the United States. That’s the GS1 Drug Pedigree Messaging Standard (DPMS), which was created in 2006 by a group of technology experts and participants from nearly all segments of the U.S. supply chain culminating in GS1 ratification in January 2007. Many of those companies began using DPMS even before it was ratified because the Florida Pedigree Law went into effect in July 2006. Since then, companies are using it to comply with other state pedigree laws as well as for the pedigree provisions of the federal government’s Prescription Drug Marketing Act (PDMA) of 1988 (stayed until December 2006). Interestingly, a few companies have chosen to require DPMS pedigrees today for trading partner risk mitigation even where there is no existing regulatory requirement to do so.
A few months after GS1 ratified the DPMS standard, they ratified the Electronic Product Code Information Services (EPCIS) standard. This is a more general purpose standard intended for use in all supply chains that have a need to track and trace serialized products. Everyone acknowledges that it doesn’t make sense to try to use it for compliance with PDMA, Florida or other state pedigree laws because they do not require serialization, but in 2015 the California Pedigree Law will go into effect and one of its unique provisions requires item-level serialization. Some see this as an ideal place to apply EPCIS.
There are lots of ways to contrast these two standards and their use for pedigree law compliance, but probably the most striking difference is how they each treat Supply Chain Master Data (SCMD). I defined SCMD in a previous post as “…that persistent, non-transactional data that defines a business entity for which there is, or should be, an agreed upon view across the supply chain.”
GLN as SCMD
Addresses are an example of a “business entity” that can be treated as SCMD. GS1 defines a location identifier they call a Global Location Number (GLN) that can be used to refer to an address. A GLN is a structured series of digits that can be assigned to refer to a single address (among other things). Refer to the GS1 General Specification for the details. Continue reading Pedigree Models and Supply Chain Master Data