In August, the US Food and Drug Administration (FDA) announced a one-year delay in enforcing the Drug Supply Chain Security Act (DSCSA) electronic tracking rules until November 2024, in order to provide a 12-month stabilisation period to aid compliance.
In the meantime, the stakeholder landscape with regard to drug traceability has been busy aligning itself with DSCSA requirements.
Enacted by US congress in 2013, the DSCSA has been called the world’s most comprehensive pharma legislation, designed to prevent counterfeit, adulterated, and illegally diverted prescription medicines from entering the US supply chain.
It consists of a 10-year, phased plan, which began in 2015 and which culminates in November 2023, when, despite the year-long stabilisation period, the law will take effect. By that time, manufacturers, wholesalers, repackagers, dispensers, and third-party logistics operators must already have systems in place to comply with the regulation.
The FDA divides DSCSA requirements into critical categories, including product identification (serialisation), product tracing (transaction information and history), verification, and authorised pharma trading partners. The final, and most complex phase of DSCSA requires trading partners to implement a secure, electronic, and 100% interoperable digital system for tracking and tracing pharmaceutical products across the supply chain at the unit package level.
Central to the track and trace system is the application of a unique data carrier to each individual product in the form of a 2D data matrix barcode. The barcode must house the national drug code, lot number, expiry date, and unique serial number.
With their sights set on DSCSA compliance – and beyond – various authentication and traceability stakeholders have been aligning and reframing their strategies and solutions accordingly.
For example, AIM Global, the independent worldwide alliance of 300 organisations involved in the use, implementation, resale, and development of barcoding, RFID and asset tracking technology, has unveiled its VerifyReg™ solution. The solution validates the complex code structures of mandated and preferred data markers used on pharmaceuticals, in order to ensure DSCSA standards are being adhered to. For example, VerifyReg checks whether markers are actually readable and whether they are pointing to where they are supposed to point.
The VerifyReg consists of a paid service accessible through a website that enables anyone in the supply chain to register, login, and submit data for verification. The verification process requires the participant to send through a physical sample of their label carrying the data marker so that AIM can verify the actual label that is going to be on the product.
The data in the labels is reviewed by the VerifyReg team to make sure all steps have been properly completed. A VerifyReg checkmark is then awarded to successful participants, which they can display on their products and marketing materials.
Another member-driven organisation, UnitVisID Alliance, together with the active participation of its pharma supply chain members – including hospitals, clinicians, pharma manufacturers and distributors, and technology providers – has created universal specifications for RFID tag usage in the medication tracking space.
The alliance describes itself as taking serialisation beyond DSCSA, from the unit of sale to the unit of use, by applying unified tag specifications to every medication, container, and device.
The specifications include UnitVisID-issued serial numbers, which, apart from unit-of- use medications, can be applied to related objects such as user badges, dispenser trays, and inventory systems.
The alliance claims that UnitVisID is used by more than 1,000 hospitals and healthcare organisations, and over 210 million RFID-tagged products utilising the UnitVisID platform have been scanned.
Moving to solutions offered by individual technology suppliers, LSPedia, a provider of SaaS traceability for the pharmaceutical industry, and BestRX, a pharmacy software provider, have announced a partnership aimed at providing pharmacies with streamlined access to its OneScan Pharmacy Pro platform for full compliance with the DSCSA.
Another provider, Tracelink, has announced results for its DigitalRecall pilot programme, focusing on two workstreams: digital recalls across a supply network and an interoperable blockchain network solution. It is also going for a strategic partnership with PharmaLink, the reverse logistics provider serving life sciences and healthcare customers in the United States, aimed at helping these organisations accelerate and simplify their preparedness for DSCSA.
So, it’s all happening.
While the DSCSA refers to the need to ‘secure this’ and ‘secure that’ in the regulation wording, it doesn’t really explain what it means by ‘secure’. Furthermore, apart from the requirement for pharma products to carry a unique identifying code, there is no requirement for them to carry physical security features or anti- tampering devices.
The DSCSA could therefore be regarded as a ‘bare minimum’ as far as anti- counterfeiting measures are concerned, which leaves brand owners free to add their own features for reinforced security, such as RFID labels, and optical and covert features – which many of them have already been using for some time.
Some of the authentication solution vendors working alongside the DSCSA, like Systech and Covectra, offer authentication technologies that integrate with serial codes.
Covectra has updated its StellaGuard technology, which enables investigators to use a smartphone camera for online label verification based on the precise positioning of star-shaped particles in the label. And Systech is promoting its e-fingerprint technology based on a similar logic. Both technologies depend on access to a database containing the label’s original feature, which the smartphone can use for on-the-spot authentication.
So, the technologies are out there and are continuing to evolve.
In a country where (according to Centers for Disease Control and Prevention) counterfeit pill availability is increasing and drug overdose deaths are at historically high levels, it is clear that a nationwide, government-level directive, in the form of the DSCSA, is needed to control the entire supply chain of pharma products. However, it is also clear that this directive could be considered as a basis on which the industry then needs to apply enhanced security measures to protect the integrity of the rather bare and exposed data markers prescribed by the DSCSA.
