Counterfeiting of drugs has become a favorite activity of organized criminals and it negatively impacts the citizens of every country in the world. The pharma industry is multi-national, the criminals are multi-national, the patients that are harmed are multi-national. What we need now more than ever before is a multi-national approach to fighting these crimes.
Most Warehouse Management Systems (WMS) available on the market today do a fine job of allowing their users to manage inventories in the warehouses of drug manufacturers, distributors and chain drug stores. A WMS is a software system that may be a part of a larger Enterprise Resource Planning (ERP) system, or it may be a third-party application that is interfaced with the owner’s ERP system.
All WMS systems that I am aware of are intended to be sold into multiple industries, not just in pharma. That’s so that the WMS vendor can maximize their sales. The more industries, the more sales and the more profitable it is. Because some industries have long had serial numbers on some of their products (computers and peripheral equipment, cell phones, electronics, medical equipment, appliances, etc.) WMS vendors have included serial number handling in their software for decades. In fact, I would bet that a serial number handling feature was included in WMS systems since the very beginning of that category of software.
But at least one news source seemed to do some additional investigating. Bill Berkrot and John Acher of Reuters published the excellent article “Fake Avastin’s path to U.S. traced to Egypt” on Thursday. In the article they provide a little more background on the path the drugs allegedly took before apparently arriving on the shelves of U.S. physicians and potentially in the bodies of unsuspecting U.S. patients.
And Pharmaceutical Commerce Online reports that Avastin isn’t the only incident of recent counterfeit injectable cancer drugs making it into the U.S. market that the FDA is currently investigating.
HOW COUNTERFEIT AVASTIN MADE IT INTO THE LEGITIMATE U.S. SUPPLY CHAIN
At the end of my last essay I said I had recently concluded that the jump to a fully automated pharma supply chain upstream visibility system is too big and complex to be achievable by every company in the U.S. supply chain by the California dates. I want to explain that statement in a future essay (soon), but before I do I want to explore some of the track and trace models that are being considered by both GS1 and the FDA. I particularly want to look at the viability of each model because I think we will find that some just aren’t (viable), and that will help narrow the search.
I’ll look at the three basic models that the FDA mentioned in their recent workshop: Centralized, Semi-Centralized and Distributed (or Decentralized as the FDA called it). There are others, but it seems that they can all be either based on, or reduced to, one of these three basic models.
In this essay I am looking at track & trace models from a global viewpoint, which is something that GS1 is doing but the FDA may not. Attacks on the pharma supply chain are a global problem and global problems demand global solutions or gaps will be left for criminals to exploit.
Currently well over half of the U.S. states have a drug pedigree law of some kind either on the books, in the process of being enacted or proposed in their legislature. No two laws are exactly the same. That fact is quite painful for the national participants in the supply chain and it gets a little worse every time a new law is enacted or a change is made to an existing law. For this reason, the conventional wisdom among many supply chain participants, industry organizations, solution providers, and even the regulators themselves is that a nationwide pedigree law would be better than 50 different local laws.
In an essay published in April, I explained my theory that “RFID is DEAD…at Unit-level in Pharma”, which, if true, would mean that most drugs in the U.S. supply chain would be serialized by manufacturers with 2D barcodes by 2015 for California. In my last essay, “Inference in the Pharmaceutical Supply Chain”, I carried that theory one step further by showing how the widespread reliance on 2D barcodes to serialize at the unit level would lead directly to the widespread use of the practice of inference in the supply chain. This would be out of necessity since the unit-level serial numbers would not be readable without opening their containers, something that can’t happen because it is so inefficient that it would cripple the supply chain. So let me say it this way, the widespread use of 2D barcodes for unit-level serialization will necessitate the widespread reliance on inference. The former leads to the latter just like excessive sunshine leads to sunburn.
But the projections of widespread reliance on inference lead directly to a new concern. Let me explain. Successful use of inference for determining the contents of cases is totally dependent on the accuracy of the aggregation information established and provided by the manufacturer, or whoever packed them. If a packer uses a casepacking process that is incapable of yielding highly accurate aggregation information, inference will not work well.
Conversations about the merits of various pedigree and authentication models usually start from dissatisfaction with some characteristic of the current GS1 DPMS pedigree model. I maintain that the design of DPMS—including its perceived flaws—is merely a reflection of the current state and federal pedigree laws and regulations. Characteristics that people don’t like—like digital signatures, a growing document as drugs move down the supply chain, and the fact that Supply Chain Master Data is not used by DPMS—are actually all characteristics of the laws and/or regulations, so any alternate pedigree model that would truly be usable for compliance would need those characteristics too.
But that’s not exactly what I want to discuss in this essay. Instead, I wanted to explain my theory of what U.S. pedigree laws are trying to accomplish in the first place. Forget about how they do it for now. What were the goals of those who wrote these laws and regulations? I’ll agree that this is impossible to know for sure but I think I can construct a pretty convincing theory. I don’t know any of the legislators or congresspeople who wrote these laws, but I have studied their work for over four years now. I have made the following observations.
The highest priority goal of the Florida and California laws appears to be to detect the introduction of illegitimate drugs (counterfeit, stolen, up-labeled, diverted, etc.) into the legitimate supply chain as early as possible, preferably at the very first transaction. These laws accomplish this by requiring companies buying drugs within the supply chain to receive the full supply chain history of those drugs at the time of the purchase (contained in a “pedigree”), and, most importantly, by requiring them to verify the legitimacy of those prior transactions. In Florida that verification can be performed by direct contact, such as a phone call, email, fax, etc., or, optionally, through the use if digital signatures. In California, this verification can only be performed through the use of digital signatures. The federal PDMA, on the other hand, does not appear to obligate the buyer to do any verification of the information provided on pedigrees they receive.Finally, Florida and California both require the recipient of the shipment to confirm that the physical drugs they received match those described by the pedigrees they received. That seems obvious, doesn’t it? Why would any legislative body require all or some supply chain participants to go through all the expense to generate and pass pedigree information but stop short of requiring anyone to actually look at it? Well, oddly, the federal PDMA appears to do just that.
There is a clear attempt in the laws to help identify who participated in the introduction of the illegitimate product. This is important if your goal is to efficiently and quickly investigate the suspected crime. This would aid in shutting down the criminals as quickly as possible before they are able to spread bad medical products very deeply into the supply chain. Continue reading What are Pedigree Laws Trying to Accomplish Anyway?→
…a comprehensive exploration of the intersection between healthcare supply chains, track and trace technology, standards and global regulatory compliance
DISCLAIMER: RxTrace contains some of the personal thoughts, ideas and opinions of Dirk Rodgers. The material contained in RxTrace is not legal advice. Dirk Rodgers is not a lawyer. The reader must make their own decisions about the accuracy of the opinions expressed in RxTrace. Readers are encouraged to consult their own legal counsel and trading partners before taking any actions based on information found in RxTrace. RxTrace is not a vehicle for communicating the positions of any company, organization or individual other than Dirk Rodgers.