TrackTrace Rx

Month: April 2016

Drug Pedigree versus DSCSA T3s

By No Comments

The question, “What is a drug pedigree?” is easily answered because the FDA itself has given us the definition: “A drug pedigree is a statement of origin that identifies each prior sale, purchase, or trade of a drug, including the date of those transactions and the names and addresses of all parties to them.” To that we may add that there is also something called an e-pedigree, which is simply a pedigree in electronic form – that is, an electronic document that satisfies a pedigree requirement. The second question: “What difference does DSCSA make?” requires more discussion.

Before DSCSA came into force, the relevant legislation was the Prescription Drug Marketing Act of 1987 as amended in 1992 which placed pedigree requirements in 21 CFR Part 203. Every person engaged in the wholesale distribution of a prescription drug in interstate commerce who was not the manufacturer or an authorised distributor of record for that drug had to provide to the person who received the drug the pedigree for that drug. An authorised distributor of record was defined as “a distributor that has an ongoing relationship with a manufacturer to distribute that manufacturer’s drug products.” What qualified as an “ongoing relationship” was not at that time defined, but in 1999 FDA published regulations defining “ongoing relationship” to include a written agreement between manufacturer and distributor. The 1999 regulations also specified the fields of information that had to be included in the drug pedigree and stated that the information in the pedigree should be traceable back to the first sale by the manufacturer.

FDA did not seek to enforce the pedigree-related requirements in every case. In a guidance note, they set out the factors they would take into account in deciding whether enforcement measures were necessary.

These were as follows:

High Value in the US Market

FDA felt that experience showed that drug products with a high market value, high price or high sales volume or of which there was a shortage were more frequently counterfeited or stolen than others.

Prior Indicators

FDA finds that the same drugs are counterfeited or stolen again and again. In most cases, pedigrees are either falsified or not provided and this is an area where enforcement is almost automatic.

Reasonable Probability

In the case of new drugs that don’t have enough marketing history to qualify under the first two factors, FDA will take account of the reasonable probability that they may be earmarked for counterfeiting or diversion.

It should be stressed that these were the most frequent causes of enforcement but they were not the only ones; FDA also had a policy of taking action against wholesale distributors and others involved in the manufacture or distribution of counterfeit drugs and the type of drug involved would not enter into the calculation.

Passage of the DSCSA took us away from the previous regulatory environment and into a new one. The present regime is to be understood in relation to the requirement of the DSCSA that pharmaceutical manufacturers, repackagers, wholesale distributors, and drug dispensers who are not practitioners should notify FDA and certain trading partners of products identified as illegitimate within 24 hours of that determination being made. Products not so identified but suspect have to be quarantined while an investigation is conducted.

Trading partners have had to develop secure electronic systems to ensure that these requirements can be met. The idea of the drug pedigree is now expanded to embrace the set of documentation laid down in the Act. We are speaking here not of Master Data but of Transactional or Instance Data, of which the most relevant example is the lot number attached to a specific batch at the factory and following it all the way to the point at which it is broken down for distribution to consumers. The data must not change at any point on the chain.

We should, then, think of the pedigree in DSCSA terms as the DSCSA Transaction History, Information and Statement or T3. What we now have is a specific form for the Drug Pedigree – but not, as yet, a specific format. That is something that is being hammered out in discussions between all stakeholders at the present time and those stakeholders (they know who they are) who are not taking an active part in these discussions will have to accept what the active majority decides they should have.

We have said this on this blog before in relation to pharmacists; in fact, it applies to everyone on the supply chain from manufacturer onwards. It will be essential, if only to protect themselves against FDA enforcement, that every party involved at every stage of drug distribution from beginning to end should ensure that every T3 that passes through their hands is correct for the product it purports to cover and contains the data elements that FDA through DSCSA has decreed that it should contain.

Finally, and for the avoidance of doubt, here are the items that MUST be included in the new-style drug pedigree:

  • The name of the drug (both proprietary and established);
  • Dosage;
  • Container size;
  • Number of containers;
  • The lot number(s);
  • The business name and address of all parties to each prior transaction involving the drug, starting with the manufacturer; and
  • The date of each previous transaction

Free DSCSA Evaluation

Contact TrackTraceRx today to receive a free evaluation of your DSCSA current policy and procedures. This free consultation will allow you to have a piece of mind that you are following the correct procedures in order to meet ALL DSCSA requirements. TrackTraceRx will also provide you with a FREE Standard Operating Procedure (SOP) template which is required by the DSCSA during a FDA inspection.

DSCSA: The Special Role of the Third-Party Logistics Provider

By No Comments

The role of the third-party logistics provider (3PL) is highlighted under the Drug Supply Chain Security Act (DSCSA). A 3PL is not a wholesale distributor. The difference is inherent in the way the pharmaceutical industry works and the level of security demanded by the DSCSA.

A lot of industry works on a Just in Time (JIT) basis: the end user or consumer calls for the parts, equipment or other product on the brink of the event that makes it necessary. The drug industry works like that at one end; pharmacies, hospitals and other drug dispensers will order replenishments in the quantities they find most convenient when their existing stock is just about to run out. At the other end of the process (the manufacturing end), though, things are somewhat different. Whereas manufacturers in an increasing number of industries are, like their customers, focusing on JIT and not making something until it’s been ordered, Pharma manufacturers make drugs in large batches (aka lots) which are held until called for by the customer.

The only concern faced by a company that makes confectionery in large batches is the money they will lose if the sweeties are not kept secure and are stolen. In the drug supply business, the penalties imposed by the DSCSA if the whereabouts of any drug cannot be accounted for are severe and there is a need to keep the “buffer stock” (that is, the drugs that have been manufactured and are being held until someone places an order for them) completely secure.

It is open to any drug manufacturer to store finished goods in its own distribution center and only release them to the wholesale distributor when they are ordered, but many manufacturers prefer instead to have someone else look after them. The argument is: our skill is in developing and manufacturing drugs. Storage should be taken care of by someone who is expert in that field.

Hence the development of the 3PL. A distributor takes the finished goods from the manufacturer and stores them until they are instructed by the manufacturer to deliver them in fulfilment of customer orders received by the manufacturer. It is important to keep that distinction clear: storage is on behalf of the manufacturer; orders are placed on the manufacturer and not on the 3PL; the 3PL has negotiated a contract with the manufacturer under which the 3PL agrees to store the goods in safe condition and deliver them to a specified place (which is likely to be a wholesale distributor) when asked.

Note that in this whole process ownership of the goods remains with the manufacturer and that does not change until it passes to whoever the 3PL delivers them to. This remains true even though all of the paperwork may originate at the 3PL because it is often the 3PL who invoices the wholesale distributor on behalf of the manufacturer. In some cases, the 3PL actually receives payment on behalf of the manufacturer.

This is significant because the DSCSA requires that changes of ownership (all changes of ownership; there are no exceptions) should be recorded with a Transaction Information (TI), Transaction History (TH) and a Transaction Statement (TS). But ownership never passes to the 3PL.

Because a 3PL never owns the goods, they are not in theory required to be involved in the passing of TI, TH or TS, but in practice they are. What they can’t do is take from the manufacturer the responsibility under the DSCSA for generating, storing and retrieving the documentation.

It follows that the contract between the manufacturer and the 3PL is of high importance. In practice, the manufacturer will impose on the 3PL a contractual requirement to be responsible for the accuracy of all transaction paperwork and for the security of the goods while in the 3PL’s possession. The manufacturer cannot transfer to the 3PL the manufacturer’s own responsibility for security but can, will and does ensure that the penalties faced by the 3PL for any lapse in security are onerous in the extreme.

As will be seen, there are various ways to look at the 3PL’s position. It could be any of these:

  • Outsourced order fulfilment
  • High security warehousing
  • Shipping and invoicing documentation
  • Physical tracking, at present by lot/batch number but ultimately by package
  • Annual reporting to FDA

In fact, of course, it isn’t any of those; it’s all of them. Given the importance of keeping prescription drugs safe and the seriousness with which the FDA regards them, there should be careful checking of the 3PL’s competences and systems by the manufacturer before a contract is signed and then on a regular basis afterwards. 3PLs have to be licensed and the existence of a license will give confidence but the FDA’s stance is clear: the responsibility for ensuring that all goes well lies first with the 3PL and then with the manufacturer and cannot be passed off onto the FDA. The agency will simply not accept that.

Free DSCSA Evaluation

Contact TrackTraceRx today to receive a free evaluation of your DSCSA current policy and procedures. This free consultation will allow you to have a piece of mind that you are following the correct procedures in order to meet ALL DSCSA requirements. TrackTraceRx will also provide you with a FREE Standard Operating Procedure (SOP) template which is required by the DSCSA during a FDA inspection.

How DSCSA Applies To Physicians

By 2 Comments

The Drug Supply Chain Security Act (DSCSA) casts its tentacles widely. There are limits, though, and this post is intended to clarify where those limits are.

Two common and opposing ideas have grown up:

  • That physicians are exempt from the Act
  • That physicians have to comply with the Act to exactly the same extent as every other entity in the supply chain that stretches from manufacturer to patient.

Neither of these is correct. Only the first, though, will bring the physician grief; the second will merely inflict additional and unnecessary work.

It is not true that every physician practice that inventories drugs must accept and maintain transactional data. Buy-and-bill drugs that are administered by physician practices in the usual course of business are excluded from this requirement. The Drug Quality and Security Act, Title II says that, “notwithstanding any other provision of law, the requirements under paragraphs (1) and (4) shall not apply to licensed healthcare practitioners authorized to prescribe or administer medication under State law or other licensed individuals under the supervision or direction of such practitioners who dispense or administer product in the usual course of professional practice.”

Note that this does not apply to physician practices with in-office dispensing pharmacies; such practices ARE required to comply with transactional data requirements, though the need for compliance is restricted to the pharmacy in the office and does not apply to the practice side of the business.

So what is a dispenser? And, more relevantly, when is a pharmacist a dispenser?

The Act defines a dispenser as “a retail pharmacy, hospital pharmacy, group of chain pharmacies under common ownership and control that do not act as a wholesale distributor, or any other person authorized by law to dispense or administer prescription drugs, and the affiliated warehouses or distribution centers of such entities under common ownership and control that do not act as a wholesale distributor.” (Our italics).

This definition, then, includes physicians who dispense and administer prescription drugs, but only if we ignore the exemption quoted above. The requirement for dispensers that relates to product tracing and verification does not apply to physicians and other licensed healthcare practitioners.

That does not mean that DSCSA places no requirement on physicians and other licensed healthcare practitioners. They will be required to use product identifiers when the use of product identifiers for dispensers comes into operation in 2020 and they are required now, and have been since 1st January 2015, to confirm that trading partners are authorized.

It follows that at this time the only requirement the Act lays on physicians who administer prescription drugs in the usual course of their medical practice is to ensure that entities they deal with are authorized trading partners within the terms of the Act; by 2020, they will also have to use product identifiers. Where physician practices have in-office dispensing pharmacies, though, they should also ensure that those dispensing pharmacies comply with all provisions relating to dispensers.

That raises the question: how to ensure that trading partners are authorized? In this connection, verbal confirmation by the trading partner is unlikely to be sufficient and physicians should ensure that the process they go through to confirm a partner’s authorization is documented and can be summoned from whatever archive it is held in when the physician is called on to show what steps they took to confirm authorization. The confirmation can be carried out directly with the trading partner but it must be documented.

Third-party confirmation, though, would be preferable. FDA maintains a database showing all manufacturers and repackagers who are registered. State authorities maintain a register of licensed wholesale distributors, third-party logistics providers and dispensers. There is also an FDA website at www.fda.gov/knowyoursource that lists entities able to confirm that trading partners are properly licensed or registered.

The legislation has teeth. It is a feature of 21st-century life that criminals are continually refining existing methods of deceit and inventing new ones, but FDA cannot be relied on always to assume that the physician who accepts illegal drugs is an innocent party. FDA has in the fairly recent past commenced enforcement actions against physicians and sent letters to physicians identifying those it believes “may have obtained counterfeit or unapproved drugs from a rogue distributor.” No one wants to be the target of one of those enforcement actions or the recipient of one of those letters. However long a physician may have dealt with the trading partner and however illustrious the trading partner’s name, the wise physician (and is there any other kind?) will obtain and document confirmation of registration or licensure.

Free DSCSA Evaluation

Contact TrackTraceRx today to receive a free evaluation of your DSCSA current policy and procedures. This free consultation will allow you to have a piece of mind that you are following the correct procedures in order to meet ALL DSCSA requirements. TrackTraceRx will also provide you with a FREE Standard Operating Procedure (SOP) template which is required by the DSCSA during a FDA inspection.

DSCSA: What Phase II Implementation Means For You

By No Comments

Since the Drug Supply Chain Security Act (DSCSA) came into force there has been no shortage of teething problems and the stakeholders have learned a number of lessons about working together to develop systems and processes that are both effective and acceptable to all.

It’s worth remembering that the Drug Supply Chain Security Act (DSCSA) was not passed into law simply because Barack Obama has a liking for carefully mapped processes. The Act exists to ensure the safety and genuineness of all prescription drugs supplied to American consumers in America. That is the background against which the next big DSCSA milestone is coming.

Anyone who does not understand the challenges facing the pharmaceutical industry might have felt when the act was passed that 2017 was a long way in the future and that waiting till then was generous towards drugmakers. It wasn’t, and it isn’t. Even when the target date was set, 2017 did not allow more time than was needed; and now 2017 is almost here. Anyone in the drug supply chain, but especially any manufacturer, who has not made solid progress in the introduction of full drug serialization had better give it their complete attention RIGHT NOW.

By the end of last year, four targets had to be met:

  • All supply chain participants must work only with registered or licensed trading partners
  • Companies must pass, capture and maintain information about each product transaction
  • Companies must have in place processes and procedures that will allow them to respond promptly when asked for information by federal and/or state officials
  • Companies must have in place systems and processes allowing them to investigate, verify and respond promptly to suspect and illegitimate products as defined by FDA.

All of that has been done. So far so good; Phase 1 can now be said to be fully implemented and working satisfactorily.

Lot-level traceability deadline is passed. That caused difficulty in some quarters, but it’s done and it’s now possible to trace each batch of drugs from manufacture to final destinations. What is tracked is now to be broken down further, from batch or lot level to individual package. Lest there be any doubt about what that means, let us make it clear: there may be a hundred thousand individual saleable items in a batch, but every one of those individual saleable items needs its own serial number and its own traceability.

And now we turn to Phase II.

Every single saleable item to be marked with a product identifier, a serial number, a lot number and the expiration date. It is not a simple requirement. Packaging has to change. Documentation has to change – and that means that IT systems have to change.

At present, products must be traceable at the lot level. In other words, each lot must have its own unique serial number and it must be possible to follow that lot all the way to the end of the process (the point at which it is split up) and all the way back to the manufacturer, should that prove necessary. But a lot is a batch; it may include a large number of individual product packages and those will be split – sometimes by the dispenser but sometimes as far back in the chain as the wholesaler.

Not all of the responsibility lies with the manufacturer. Wholesale distributors and third-party logistics companies (3PLs) will have to work closely with the manufacturers to make sure that whatever process is introduced actually works. Since a good general rule is that no new process actually works properly until it’s been tweaked a few times, the testing and feedback should have started by now. If it hasn’t, there’s no time to waste.

Pharmacists, too, (and we include in that term dispensers in any guise) must look at their T3 Transaction History processing and archival systems. Right now, they can expect at any time to be called on to produce the documentation that shows exactly what happened to every batch of pharmaceuticals with which they have been involved at every stage from manufacture until it reached them. From next year, they have to go deeper than that and produce the documentation for a single item, even though the batch or lot may have consisted of thousands of items. It would be too easy to simply assume that everything will work as it should. That will only happen if the systems in place are robust enough and go to a sufficient level of detail, and if document storage is adequate.

Changes like those that have already been carried out under DSCSA and those that remain to be completed would be difficult enough if they concerned only one company, but that is not the case; perhaps the greatest challenge has been the need for all companies in the chain to communicate with each other and to arrive at a system acceptable to all. The FDA could have helped by setting out in law the format in which data should be recorded and passed on, but it did not do that. The result is that different companies have developed different ways of recording what needs to be recorded and a single 3PL, wholesale distributor or pharmacist may receive documentation in a variety of different formats. They all have to be understood, they all have to be processed, they all have to be stored and they all have to be capable of production on request.

It’s only when the numbers involved are considered that the full scale of the challenge faced by everyone in the supply chain becomes clear. Establishing clear and foolproof processing systems between two parties is a challenge in itself, but it doesn’t stop there. For even a small dispenser, there may be millions of transactions with hundreds of partners, and the dispenser may be given only 48 hours (everyone else in the chain has only half of that) to produce the comprehensive documentation relating to a single one of those transactions. It can never be simple but with good systems in place it can be done. Without good systems, it would be a nightmare – and failure can mean the end of the business.

Phase 2 involves carrying that serialization down to package level so that the traceability at present extended to individual batches will by that date extend all the way down to each individual package in the batch. For manufacturers, full serialization has to be in place by November 2017. It’s 19 months away and getting closer every day. After that, the requirement is extended annually: by November 2018, repackagers must comply; by November 2019 wholesale distributors must be meeting the requirements and by November 2020 dispensers will be covered.

So part of Phase II is converting from lot-level serialization to batch-level serialization. There is another significant change, though, which is in transaction reporting. At the moment, whenever a product moves, its transaction history must move with it. What we have is a T3 Transaction History that lists every step in the journey a lot makes from the moment it leaves the manufacturer. Each time it moves on, it takes with it an updated T3.

In Phase II, that changes. The model that comes into effect in Phase II is described as “one up, one back” which means that every entity in the supply chain captures the transaction information for its own receipt of the product and its own subsequent distribution. Instead of there being a single T3 Transaction History that travels everywhere with the product and says everything that has happened and names everyone involved, it will now be possible to put together the equivalent of that history by aggregating each piece of transaction information along the way. Since by that time everything must be electronic and electronically transferable, that aggregation will be – or should be – simple. It’s important to note that information passed on must facilitate saleable returns in a way that’s easy to understand and easy to implement.

Running alongside this is the establishment of uniform standards for licensing wholesale distributors and third-party logistics providers. At present, licensing is a state matter; the Act transfers the responsibility to federal agencies but leaves FDA to specify exactly what those standards should be. It will still be open to individual states to license distributors and logistics providers but they will have to use the federal standards. The Act created seven categories of licensing standards and required that these be in place by 27th November 2015.

In 2017, FDA must begin an assessment of the feasibility of small dispensers being able to conduct drug tracing at the package level. This assessment is to include the availability and practicality of software available to small dispensers. The assessment must be completed by 2020.

Before the end of 2022, FDA must release final guidance on standards for interoperable data exchange and by the end of 2023, the agency is required to have developed a complete package of regulations covering all aspects of drug security and traceability.

At that point, the process begun with the passage of the Act will finally be complete.

Free DSCSA Evaluation

Contact TrackTraceRx today to receive a free evaluation of your DSCSA current policy and procedures. This free consultation will allow you to have a piece of mind that you are following the correct procedures in order to meet ALL DSCSA requirements. TrackTraceRx will also provide you with a FREE Standard Operating Procedure (SOP) template which is required by the DSCSA during a FDA inspection.