To discourage the introduction and distribution of counterfeit drugs, the FDA introduced the Drug Supply Chain Security Act (DSCSA) in 2013. The regulation outlines the steps to build an electronic, interoperable system to identify and trace certain prescription drugs as they are distributed in the US.

The DSCSA aims to enhance the FDA’s ability to protect consumers from exposure to drugs that may be counterfeit, stolen, contaminated or otherwise unsafe. The system also improves the detection and removal of potentially dangerous drugs from the drug supply chain to protect consumers.

The regulation also directs the FDA to establish national licensure standards for wholesale distributors and third-party logistics providers, and requires these entities to report licensure and other information to the FDA on an annual basis.

To achieve these goals, the regulation strives to facilitate the exchange of information at the individual package level where a drug has been in the supply. This enables verification of the legitimacy of the drug product identifier down to the package level. It also enhances detection and notification of illegitimate products in the drug supply chain and facilitates more efficient recalls of drug products.


Year the FDA introduced the Drug Supply Chain Security Act to discourage the introduction and distribution of counterfeit drugs.


A unique impact

The pharma industry is characterised by a wealth of complex and ever-evolving regulations, but the DSCSA is relatively unique in terms of its impact on multiple stakeholders.

“Previous regulations have tended to affect one particular part of the product life cycle,” says Andrew Stevens, senior director analyst at Gartner. “The DSCSA requires much more of a diverse network of different stakeholders, that ultimately meets their own levels of responsibilities.”

Serialisation for the US is centred on the Standardised Numerical Identifier (SNI), a national registration and serial number for each medicinal product and pack. Each unit needs to carry the lot number and expiry date, and all data is a 2D data-matrix code and printed on the pack.

The serialisation data is reported to all relevant parties so that the flow of goods in the supply chain can be traced backwards. Compliance with the DSCSA, like all other regulations, involves collecting a huge amount of data, which can be used at a later stage to provide value in a number of different ways. Despite this potential, optimising the use of this information is not straightforward.

“At this moment in time, the regulations themselves are so resource intensive and, in many cases, quite complex,” says Stevens. “There is not just an off-theshelf- type solution that you can implement. You need very broad solutions.” This involves big-picture thinking. “It’s not just about the software,” explains Stevens. “The infrastructure that’s being deployed must ultimately have the ability to capture, consolidate and configure data, as well as store and transfer data electronically to another stakeholder.”

“Moving away from the over-reliance on paperbased, semi-manual, operational systems of records is very, very important.”

There is a huge number of stakeholders to consider, all of whom need different data, in different forms at different times. “Sometimes specific parts of those data element needs, transactions or operations will need to be reported to an individual regulator or as part of the compliance requirements,” says Stevens. “At the same time, manufacturers need to invest in a lot of infrastructure at the hardware level, which needs investment in solutions that can scan mobile barcode-scanning devices.”

Although the regulation was introduced in 2013, compliance is an ongoing and evolving process that provides an additional barrier. “None of the regulations can be considered to be completely fully mature or complete,” says Stevens. “There are always significant opportunities for them to expand or for them to incorporate additional requirements moving forward.”

Potential opportunities

Historically, the central aim of regulation has been on achieving and maintaining good manufacturing processes (GMP). However, as the industry shifts its product emphasis, this is set to change. “There’s much more of a focus now on patient-centricity, very sophisticated medicines and personalised therapies, but there is also much more emphasis on biologics, products and large molecule-type products,” says Stevens. “There is potential in the future for the regulations to expand to the stages prior to finished goods manufacturing as well, particularly given the significant change that’s taking place.”

Given this context, it is easy to see why post-compliance data activities are not at a particularly advanced stage. However, many companies are acutely aware of the opportunities. “Increasingly, I hear both from manufacturers as well as solution providers about the era of post-compliance,” says Stevens. “There will be a period where perhaps companies will start to look at the real value that this infrastructure can deliver in their supply chain.”

Doing this successfully means employing different solutions to those used for compliance. “Ultimately, the enabler of the track-and-trace functionality is its ability to promote the means and the mechanisms to have all of your stakeholders in the supply chain – the requisite level of maturity to be able to capture, scan and transmit electronic or digital data,” explains Stevens. “In that respect, the interoperability is key here and that configurability of different types of data could be incorporated within the barcodes in order to really look at postcompliance value propositions.”

Traditional approaches of data collections are woefully inadequate for this purpose. “You need to get that data to a level where perhaps you could start to apply layers of analytics,” explains Stevens. “Moving away from the over-reliance on paper-based, semi-manual, operational systems of records is very important.”

Areas for improvement

One area with the most potential to be optimised at a post-compliance stage is product integrity. “This demands condition-based monitoring,” says Stevens. “This is having the ability to capture in a real-time environment the specific attributes that you need to be delivering; for example, humidity, motion and temperature profiling. You could look at this as the next era of cold chain.”

There is scope to improve operational efficiencies. “The ability to maybe have different types of hardware infrastructure communicating with each other and to perhaps be more digitally connected is something that serialisation could have an input into,” says Stevens.

Traceability is another area that could benefit substantially. “If you look at the concepts of track and trace, lots of the mandates are more towards the track, as opposed to the trace,” explains Stevens. “Moving forward, if you look at some of the very highvalue, sometimes critical raw materials and source products that are going into this new generation of personalised medicines, the ability to have embedded levels of traceability going back to the origin will become increasingly important.”

Looking outside of pharma is a useful strategy in this context. “In other industry sectors, this is much more of a focus,” says Stevens. “You could see in the future that serialisation solutions could extend at a scalable level and perhaps extending into areas such as research and design, and clinical as well.”

Easier said than done

All this points towards a ‘connect-the-dots’ approach, but this is easier said than done. “The ability to have that kind of continual data feedback loop in a realtime environment is certainly very appealing to many companies I speak to,” says Stevens. “That said, there are lots of barriers to overcome. In the pharma industry, a lot of functional silos still exist and certainly, just applying a serialisation solution would probably not be sufficient. This would very much be more of a long-term, structural planning strategy.”

These silos mean that sometimes data is available but is not being utilised effectively. “Companies are often not aware of the data that’s residing across disparate systems,” explains Stevens. “There needs to be more of a focus on addressing these different pockets in the supply chain and there is a range of technology solutions that will be valuable in enabling companies to leverage those post-compliance activities for the serialisation infrastructure.”

It’s not just about bringing these disparate data sources together. “It’s about going out and extracting the data, finding the data, consolidating that data and then cleansing the data, and getting it to that level of quality where you can actually make more robust planning decisions as to what you could do with it,” explains Stevens.

“There needs to be more of a focus on addressing these different pockets in the supply chain, and there are a range of technology solutions that will be valuable in enabling companies to leverage those post-compliance activities for serialisation infrastructure.”

“Does that need to be put in front of a different type of stakeholder? Do you need to apply different levels of analytics to it in terms of valuable business intelligence? Is it being distributed to the right stakeholders at the right time? Do those stakeholders have the appropriate levels of integration in terms of dashboards or functionality to actually manage or perhaps translate that data into viable opportunities and directions?” These are just some of the questions Stevens goes on to ask.

There is reason to be optimistic, however. “There are a lot of inherent challenges, just given the current status of the industry,” Stevens says. “But dynamic changes are taking place.”