Tag Archives: pharmaceutical supply chain

Estimated Rise In Serialized Drugs In The U.S. Supply Chain

Back in 2005 I created a line graph of my personal prediction of the percentage of pharmaceuticals in the U.S. supply chain that would be unit-level serialized by the manufacturer and I circulated it among my co-workers at the time.  I based it purely on guesses that were “supported”–very flimsily–by the number of large pharmaceutical manufacturers who were participating in the GS1 EPCglobal Healthcare and Life Sciences (HLS) Business Action Group (BAG) (the group is now defunct), and the existence of an early version of the California Pedigree Law.  The graph included a high and low line that formed a band that I thought would be where the reality would fall.  In that prediction I didn’t think most manufacturers would achieve 100% serialization of their products until sometime between 2010 (high) and 2015 (low).

In my analysis at that time, I theorized that the actual percentage would start out following my “low” estimate line, but at some unpredictable point, something would happen that would cause the percentage to jump up to the “high” estimate line.  At the time, I assumed the event that would cause that jump would be the U.S. Federal government issuing some kind of pedigree regulation that included a unit-level serialization requirement.

As it turned out, things moved slower than I had guessed.  Here it is 2010 and the percentage of drugs in the supply chain with unit-level serial numbers on them is so small that it’s tough to give it a percentage.  But I think my estimate from way back in 2005 was not bad for its time (but notice I’m not publishing the actual graph).  After all, the California Pedigree deadline has been pushed out at least three times since then (from 2007 to 2009, to 2011, to 2015/1016).

I think the future is a little less murky now because, since 2005, Continue reading Estimated Rise In Serialized Drugs In The U.S. Supply Chain

The “Normal Distribution” Concept

Important Notice To Readers of This Essay On November 27, 2013, President Barack Obama signed the Drug Quality and Security Act of 2013 into law. That act has many provisions, but one is to pre-empt all existing and future state serialization and pedigree laws like those that previously existed in California and Florida. Some or all of the information contained in this essay is about some aspect of one or more of those state laws and so that information is now obsolete. It is left here only for historical purposes for those wishing to understand those old laws and the industry’s response to them.


Understanding the concept of “Normal Distribution” is important in understanding the status of pedigree regulations in the United States pharmaceutical supply chain.  The term itself didn’t exist back in the late 1980’s when the federal Prescription Drug Marketing Act (PDMA) pedigree provisions were originally enacted by Congress but the concept is built into that law as the “Authorized Distributor of Record” (ADR) concept.  When states began enacting their own pedigree legislation back in the early 2000’s, the term “normal distribution channel” was defined to describe the path of drugs when they move through the most common–or “normal”–sequence of supply chain owners.  It’s a concept that is explicitly defined in most state pedigree legislation.

When a pedigree law is a “normal distribution” law, it generally means that pedigrees are not needed for any shipment or change of ownership where the drugs do not leave this common/typical/normal path as defined in the law.  But as soon as a change of ownership or custody occurs where the drug leaves this “normal” path, a pedigree is then necessary.

Typically, when a pedigree is required outside the “normal distribution channel”, that pedigree must Continue reading The “Normal Distribution” Concept

Will The Pharma Supply Chain Be Able To Use Inference? Maybe Not!

In an essay published in April, I explained my theory that “RFID is DEAD…at Unit-level in Pharma”, which, if true, would mean that most drugs in the U.S. supply chain would be serialized by manufacturers with 2D barcodes by 2015 for California.  In my last essay, “Inference in the Pharmaceutical Supply Chain”, I carried that theory one step further by showing how the widespread reliance on 2D barcodes to serialize at the unit level would lead directly to the widespread use of the practice of inference in the supply chain.  This would be out of necessity since the unit-level serial numbers would not be readable without opening their containers, something that can’t happen because it is so inefficient that it would cripple the supply chain.  So let me say it this way, the widespread use of 2D barcodes for unit-level serialization will necessitate the widespread reliance on inference.  The former leads to the latter just like excessive sunshine leads to sunburn.

But the projections of widespread reliance on inference lead directly to a new concern.  Let me explain.  Successful use of inference for determining the contents of cases is totally dependent on the accuracy of the aggregation information established and provided by the manufacturer, or whoever packed them.  If a packer uses a casepacking process that is incapable of yielding highly accurate aggregation information, inference will not work well.

This is a problem.  A big problem, because Continue reading Will The Pharma Supply Chain Be Able To Use Inference? Maybe Not!

Inference in the Pharmaceutical Supply Chain

In my recent essay, “RFID is DEAD…at Unit-level in Pharma”, I used relative cost estimates to theorize that Radio Frequency IDentification (RFID) will not be the predominant carrier of serial numbers applied to drug packages for compliance with U.S. pedigree laws.  My theory is that there will actually be a mix of RFID and 2D barcodes, and that barcodes will be the predominant carrier technology.  As you might expect, that was a little controversial with the RFID industry (See RFID Journal’s blog post in response to my essay).  Hey, it’s just a theory.  I too, wish everything would be RFID, and for all of the reasons cited by RFID Journal.  It’s just that I don’t believe it’s going to turn out that way and that’s based on the logic I laid out in my essay.  (Also see FiercePharma Manufacturing’s more neutral post in response to my essay.)


In a mixed-but-predominantly-barcode-serialized U.S. pharmaceutical supply chain, companies will not be able to tell which unit serial numbers are inside of each sealed case at receiving or at shipping.  Because barcodes are a “line-of-sight” technology, the only way to tell with absolute certainty what the sealed-up unit serial numbers are will be to cut the tape seal, open the case, expose the barcodes, scan each unit and tape the case closed again.

It is a ridiculous notion to believe that Continue reading Inference in the Pharmaceutical Supply Chain

The Modern Pharmaceutical Wholesaler and the Approaching Transformation

Photo by Rafael Vila

The modern pharmaceutical supply chain is an amazing thing.  No other supply chain handles the combination of volume, variety, value and complexity, and does it as efficiently and accurately as the U.S. pharmaceutical supply chain.  And it does it on an overnight order-to-delivery cycle from wholesaler to pharmacy.  Wholesalers are the key to the efficient operation of the pharmaceutical supply chain, and that’s why I am personally drawn to that segment.

The heart of the modern drug wholesale business—the thing that makes it live, kicking or screaming—is the modern pharmaceutical distribution center (DC).  That magical combination of people, processes, data and automation produces a dance every night across the country where individual drug packages are picked from cases and combined with other individual drug packages to fulfill the orders of pharmacies everywhere.  It is musical to watch and understand, and the crescendo occurs around 10:30pm every night local time at every pharma DC.  Today’s successful wholesalers have figured out how to deal with this specific complexity by organizing their people, processes, data and automation in a stabilizing way to make it all manageable, repeatable and very efficient, and thus making it possible to carve out a thin but well-earned and reliable profit.

Over the last 20 years only a few companies have found a way to surf this traditional complexity to profitability.  But faced with the supply chain transformation that will occur soon as the result of widespread serialization and pedigree requirements, the complexity these companies face seems likely to  Continue reading The Modern Pharmaceutical Wholesaler and the Approaching Transformation

RFID is DEAD…at Unit-Level in Pharma

That’s right.  And it comes from an economic reality that was evident even six years ago.  That was when a small group of people with various pharmaceutical supply chain backgrounds had an informal discussion of the relative costs and impacts that each of the three primary business segments in the supply chain would face in a full deployment of Radio Frequency IDentification (RFID).  As I recall, this conversation may not have even been part of the official proceedings of the project we were assembled to work on at the time.  It may have actually occurred during one of the social hours after a day of meetings, but it stuck with me.  Ever since that time I kept meaning to get around to creating the graphs that we envisioned at that time but have never gotten around to it, until now. Continue reading RFID is DEAD…at Unit-Level in Pharma

The California Pedigree Law

Important Notice To Readers of This Essay On November 27, 2013, President Barack Obama signed the Drug Quality and Security Act of 2013 into law. That act has many provisions, but one is to pre-empt all existing and future state serialization and pedigree laws like those that previously existed in California and Florida. Some or all of the information contained in this essay is about some aspect of one or more of those state laws and so that information is now obsolete. It is left here only for historical purposes for those wishing to understand those old laws and the industry’s response to them.The original California Pedigree Law was passed back in 2004 and it was subsequently modified by the State Legislature in 2006 and again in 2008. In all three instances, I understand that members of the legislature and the Governor’s office worked closely with the State Board of Pharmacy to develop the final content and language.

I heard that one of the goals was to create a better law than the one in Florida. Did they succeed? In order to find out, let’s take a closer look at how they compare.

The law that is currently on the books in California differs from the Florida Pedigree Law in the following ways:

  1. It is fully electronic (it is NOT paper-based)
    The law and all of the discussion of the law by the Board of Pharmacy make it clear that the only acceptable form of a pedigree is electronic. This make it much more reasonable to implement because supply chain members can make use solely of computers to exchange, store and validate pedigrees, without fear that their trading partners can only handle paper pedigrees.
  2. Pharmacy returns must be reflected on pedigrees
    This was an original requirement of the Florida Pedigree Law too, but it was removed under pressure from lobbyists before the law went into effect. So far, it remains intact in California, but the law is not yet in effect. What it means is that when a pharmacy buys drugs from someone and they return those drugs, regardless of how little time has transpired, they must provide a pedigree update so that subsequent buyers of those drugs can see their purchase, and return transactions. This is no different from the requirements faced by all other segments.
  3. It starts with the manufacturer
    In Florida the first wholesaler started the pedigree. In California, the pedigree must be started by the manufacturer or it is not valid. If you are looking to expose the full history of package of drugs, how could you not start with the manufacturer? I even think the manufacturers generally agree with that notion.Interestingly, the Law doesn’t actually require anything of the manufacturers directly. It is directed at wholesalers who are licensed to operate within the state. Distribution of a drug without a pedigree that was started by the manufacturer is illegal and subject to penalties, but it is the wholesaler who violates the law and is punished, not the manufacturer. Thus, if a given manufacturer fails to provide California wholesalers with serialized product and compliant pedigrees by the time the law goes into effect, it will be up to the wholesaler to decide not to distribute those drugs within California in order to avoid violation of the law and avoid the associated penalties. The only risk a manufacturer takes on is that their drugs may no longer reach patients in California (and the subsequent PR firestorm that would follow).
  4. It requires item-level serialization
    California is very clear that they consider the concepts of “electronic track and trace” and “item-level serialization” as being inseparable. That is, if you have one but not the other, then you don’t have a pedigree system. Every drug package must have a unique identifier on it, applied by the manufacturer or repackager, and that UID must be included in the pedigree (the electronic record). This is a substantial difference from the Florida law which has no such requirement.
  5. No holes designed to accommodate special interests
    I’m not aware of any special treatment in the Law for any particular segment of the supply chain. Florida opened several holes that seriously compromise the intent of their law. So far, California has resisted opening holes, unless you consider pushing back the effective date to 2015-2017 a “hole”. 😉

Attentive readers will notice that I have listed these differences in the same order as my list of failures of the Florida Pedigree Law in my earlier post about the Florida Law. This is my way of showing that California has, so far, created a pedigree regulation that does not have any of the major failures of the Florida regulation.

These are the major differences, but what about the common characteristics? Here are the key things that the California Law has in common with the Florida Law:

  • Reliance on Digital Signatures
    Florida allows a pedigree to be created, stored and passed in electronic form, though they don’t require it. But if a Florida pedigree is in electronic form, digital signatures are required for the same purpose as a hand-executed signature on a paper document. The digital signature legally binds the signing person or entity to the content of the electronic document. Florida identified some specific standards that ensure that the digital signatures possess the all-important quality of non-repudiation. The California Pedigree Law does not, itself, specify any standards for digital signatures, but the Board of Pharmacy’s Q&A (see their Q72) calls out the fact that the California Code of Regulations identifies the specific characteristics that must result from a compliant digital signature architecture for electronic documents. The digital signature standards that are compliant in Florida would also be compliant in California.The fact that California included the use of digital signatures is significant because it ensures that each pedigree can stand on its own as a self-contained, self-secure package. This maximizes the value of the entire pedigree architecture because the security mechanism that prevents tampering goes with the package itself. No one has to rely on the access security of a given server or group of servers to prevent tampering. And, if tampering does occur, it can be easily detected, unlike tampering of pedigree approaches that rely solely on server access security. In that case, if server security is breached, you can’t tell which pedigrees were modified and which were not, rendering them all suspicious.
  • It distributes responsibility for monitoring supply chain security to all supply chain participants
    This is the one genius concept of the Florida Law and California retained it, thus qualifying those involved for genius status as well. It’s a regulatory approach that is relatively new but is likely to become much more common in the face of perpetual budget “crises” in state and federal government agencies. Instead of requiring trading partners to simply keep records of their own buying and selling history for each drug so that they can be audited by an inspector at some later date, these laws require them to check the validity of the full pedigree at the time of each purchase transaction, in near real-time.Notice the difference. In the first instance, it is up to the State Board of Pharmacy inspector to detect suspicious activity in the supply chain. But how often will a state inspector visit, and how many records will they be able to review? It’s inconceivable that this approach would result in the detection of illegitimate activity.But when every purchase of a drug as it passes down the supply chain requires the buyer to run a validity check on the full transaction history of that specific bottle, it greatly increases the odds that most suspicious transactions will be detected. And for most suspicious events in the history there will normally be multiple opportunities for detection. Here, digital signatures are the enabling technology. They allow all of this supply chain monitoring activity to occur reliably and automatically inside computers that are distributed throughout the supply chain, without human intervention and without slowing the movement of drugs.

So did California succeed in creating a better law than Florida? I propose that there is almost no comparison so the question may be moot. The California Pedigree Law is so much more far-reaching than the one in Florida. While Florida focused on disrupting some very troublesome practices being performed by a few nefarious licensed and unlicensed wholesalers, California’s law is designed to cause a major reorientation of the pharmaceutical supply chain approach to security, monitoring and policing (see also The Deputized Supply Chain). This has major implications that go well beyond those of the Florida law.

Faced with that, it is not surprising that it was necessary to push out the effective dates to 2015-2017. Transformation this big takes time to implement.

The Legitimate and Illegitimate Supply Chains

There are a number of important misunderstandings out there related to exactly how illegitimate pharmaceuticals get into the hands of unsuspecting consumers and patients. We need to understand all there is to know about the subject, especially those who are responsible for protecting the public against criminal activity and those who are contemplating new laws aimed at elevating the integrity of the supply chain. In this post, I want to define and differentiate the legitimate and the illegitimate pharmaceutical supply chains.

Extracting the meanings we are looking for, Wiktionary defines the adjective “legitimate” as:

  1. Accordant with law or with established legal forms and requirements; lawful
  2. Conforming to known principles, or accepted rules; valid
  3. (obsolete) Authorized; real, genuine

and the adjective “illegitimate” as:

  1. Illegal; against the law

I don’t think there is any surprise here since these words are in fairly common use, but let’s apply these adjectives to the pharmaceutical supply chain. We could deduce:

The Legitimate Pharmaceutical Supply Chain: The chain of pharmaceutical supply that conforms to known and established legal forms, principles and requirements; the lawful supply chain; the valid supply chain; the real, the authorized, the genuine supply chain.

The Illegitimate Pharmaceutical Supply Chain: The illegal supply chain

Again, no surprises here.

We need one more definition: supply chain.

Wikipedia defines “Supply Chain” as:

“A supply chain is the system of organizations, people, technology, activities, information and resources involved in moving a product or service from supplier to customer. …”

For pharmaceuticals, the supply chain begins with the manufacturer and ends with the consumer, or patient. (For logistical purposes we often talk of our supply chain beginning with the drug manufacturer and ending with the pharmacy, but in actual fact, it ends when the product is irreversibly consumed by the patient.)

We have a single legitimate pharmaceutical supply chain in the United States–filled with complexity, but singular nonetheless. I’ve heard people make the claim that “their [pharma] supply chain is secure”, as if there were many pharma supply chains and it is no concern of theirs if anyone else’s supply chain might not be secure. For security purposes we should treat the U.S. supply chain as a single entity. Martin Luther King famously once wrote, “Injustice anywhere is a threat to justice everywhere”. Similarly, in the pharma supply chain, it could be said that insecurity anywhere is a threat to security everywhere.

Likewise, I believe we have only one significant illegitimate supply chain: the internet. That’s a topic all on its own.

Both the legitimate and the illegitimate supply chains end with the consumer/patient. Interestingly, illegitimate drugs (counterfeit, stolen, diverted, up-labeled, adulterated) can reach the consumer/patient from both the legitimate and the illegitimate supply chains.

Here is perhaps the first surprise in this essay. If we have already separated the legitimate and the illegitimate pharma supply chains, how is it possible for illegitimate drugs to make it into the legitimate supply chain? Wouldn’t they only exist in the illegitimate supply chain?

The answer to the second question is “No”. I selected the adjectives “legitimate” and “illegitimate” for supply chains and for the drugs that pass in them. Just because the adjective is the same doesn’t mean that the subjects are bound to each other.

The answer to the first question is less intuitive. How do illegitimate drugs make it to consumers/patients through the legitimate supply chain? The answer is well documented in Katherine Eban’s book, “Dangerous Doses” already discussed in an earlier post. Look at the case of Timothy Fagan. His parents did not order his Epogen from a website. They bought it (in New York in 2002, prior to the crackdown on criminals in Florida…don’t miss my comments on how much has changed since then) from their favorite national chain pharmacy, a very solid participant in the legitimate pharma supply chain. But the Epogen was “counterfeit” (actually up-labeled and spoiled due to storage at improper temperatures) and Timothy nearly lost his life as the result.

In her book, Eban follows the path of the Epogen from manufacturer to Fagan. It’s a very interesting case. A legitimate drug started out in the legitimate supply chain and it was transformed into an illegitimate drug on its way to the consumer/patient. Did it exit the legitimate supply chain, get transformed by criminals and then get reintroduced, or was the transformation executed by criminals who had infiltrated the legitimate supply chain? The answer depends on whether all of the owners were properly licensed to buy and sell that type of pharmaceutical. If they were, then the drug did not exit the legitimate supply chain. Yes, one or more of the supply chain participants were criminal enterprises, but because they were licensed, they were a legitimate part of the legitimate pharma supply chain at the time.

The point is, individual or groups of criminals can infiltrate the legitimate supply chain at any point (even in big-name companies…read the book!). Once they do, illegitimate drugs can be introduced into the supply chain…easily.