DSCSA ATPs Archives - rfxcel.com
EnglishFrenchGermanItalianPortugueseRussianSpanish

DSCSA Summary: A Look at the Law as We Count Down to 2023

As the clock continues to tick toward the November 27, 2023, U.S. Drug Supply Chain Security Act (DSCSA) deadline, we thought it was a good time for a recap. Our DSCSA summary will hit the major milestones, changes from the FDA, and compliance requirements.

We’ll also include an updated timeline graphic that first appeared during our three-part DSCSA webinar series last summer, which dealt with authorized trading partners (ATPs), EPCIS, and the Verification Router Service (VRS). We wrote about those topics twice just last week: Check out our FDA DSCSA Guidance Update: EPICS, ATPs, and the Countdown to 2023 and the Q&A with our SVP of Product and Strategy Herb Wong.

Now, on to the DSCSA summary: everything you need to know in 5 minutes.

What is the DSCSA?

The DSCSA is a 10-year plan to transform the U.S. pharmaceutical supply chain. It became law in November 2013, as Title II of the Drug Quality and Security Act (DQSA), and has been rolled out since 2015. Implementation culminates on November 27, 2023, at which time the U.S. pharmaceutical supply chain will be fully serialized.

The U.S. Food and Drug Administration (FDA) says the goal of the DSCSA is “to build an electronic, interoperable system to identify and trace certain prescription drugs as they are distributed in the United States.”

Furthermore, the DSCSA “will enhance [the] FDA’s ability to help protect consumers from exposure to drugs that may be counterfeit, stolen, contaminated, or otherwise harmful” and “improve detection and removal of potentially dangerous drugs from the drug supply chain to protect U.S. consumers.”

Who has to comply?

Manufacturers, wholesalers, dispensers, repackagers, and third-party logistics providers (3PLs) must comply with DSCSA if they want to do business in the United States.

Key requirements

The FDA puts DSCSA requirements into four categories. This is what Herb Wong calls “the four cornerstones” of the law.

1. Product identification (serialization). A unique product identifier (PI), such as a bar code, must be placed on certain prescription drug packages.

2. Product tracing. Stakeholders must provide information about a drug and who handled it each time it’s sold. This includes the following:

        • Transaction information (TI) includes the product name; its strength and dosage form; its National Drug Code (NDC); container size and number of containers; lot number; transaction date; shipment date; and the name and address of the businesses from which and to which ownership is being transferred. Note: We’ll be writing more about NDCs soon.
        • The transaction statement (TS) is a paper or electronic attestation by the business transferring ownership of the product that it has complied with the DSCSA.
        • Transaction history (TH) is an electronic statement with the TI for every transaction going back to the manufacturer. Note: TH will not be required after the November 2023 deadline.

For the record, the FDA defines “transaction” as the “transfer of product between persons in which a change of ownership occurs.”

3. Verification (VRS). Stakeholders must establish systems and processes to verify PIs for certain prescription drugs packages. The Verification Router Service (VRS) enables a rapid, secure exchange of data to do this

4. Authorized trading partners (ATPs). The DSCSA also says that if you’re not an ATP, your access to the U.S. pharma supply chain will be severely restricted or denied altogether. All manufacturers, wholesale distributors, repackagers, 3PLs, and dispensers and their trading partners must be ATPs

If you want to know more, read our in-depth explanations of the VRS and ATPs. Or just contact us today to talk to one of our DSCSA experts!

Other requirements

Detection and response + notification. Stakeholders must quarantine and promptly investigate suspect or illegitimate drugs. They must also notify the FDA and other interested parties when they find such drugs.

Licensing. Wholesalers must report their licensing status and contact information to the FDA. Third-party logistics providers must obtain a state or federal license.

DSCSA Summary: Timeline

The FDA has delayed the rollout of the DSCSA two times (September 2019 and October 2020). However, an FDA official said in August 2021 that there would be no more delays. November 27, 2023, is a done deal.

DSCSA Timeline 2013-2023

 

Final thoughts

If you have any questions about this DSCSA summary, contact us today. There might be one or two things that surprised you — like the sunsetting of the transaction history (TH) requirement — and we want to make sure you’re sure about what’s happening.

Our extensive writing about the law is a valuable resource, but nothing beats spending 15 minutes with one of our supply chain experts. So schedule a short demo of our DSCSA compliance solution. Our No. 1 priority is to help you understand the regulations and be prepared for the full serialization of the U.S. pharma supply chain next November.

And if you happen to be going to this year’s HDA Traceability Seminar in Washington, D.C., drop us a line here to arrange a meeting and be sure to catch Herb Wong in the “EPCIS Onboarding Across the Supply Chain” panel discussion and his roundtable about industry readiness for November 2023.

 

 

 

 

 

 

DSCSA Compliance Update with Herb Wong: What’s Happening Right Now?

Herb Wong’s a busy guy. We said that the last time we did a DSCSA compliance update with him, and it’s still true today Just last week, for instance, he participated in two Healthcare Distribution Alliance (HDA) webinars, “DSCSA 2023: How a Service Provider Can Help You Prepare” and “All About the VRS.” These were part of the HDA’s 2022 Traceability Webinar Series, which Antares Vision Group is sponsoring.

That’s why it was such a treat to get some one-on-one time with Herb for a real-time DSCSA compliance update — what’s happening right now with industry readiness.

We asked Herb to talk about what he calls “the four cornerstones” of DSCSA compliance: product identification (EPCIS and serialization), product tracing, authorized trading partners (ATPs), and verification (the Verification Router Service, or VRS). Here’s what he had to say.

DSCSA compliance update #1: product identification (EPCIS and serialization)

All solution providers’ systems are ready to send and receive serialization data in the EPCIS format, but we still need to help the industry get data flowing. To use an analogy, even though the pipes have been laid and connected, we’re just not getting enough water through to test for “leaks” in the system — errors in send/receive processing. Just as important, we need time to “flush the pipes” to ensure that we have “clean water.” By that I mean ensuring that the data is correct.

We’re trying to do everything we can. We’ve actually developed a standard process for onboarding customers and getting data exchanged with other solution partners. We’re going to be piloting this so we can refine the onboarding process. [Herb’s talking about the EPCIS Onboarding Guide Workgroup and its draft “Guide for Accelerated EPCIS Onboarding.”]

What’s the key takeaway, Herb?

The key takeaway is, “Let’s connect, let’s get the serialized data out.” Time is running out. That’s the biggest message. People who think they have time to wait until next year, you really don’t. Because what’s going to happen is similar to what happened when the lot-based laws went live: The people who waited couldn’t find help. All the solution providers were busy; everyone was busy. And everyone who waited was trying to get through the same door to meet the deadline.

So, if you’re a manufacturer, you have to start sending data early. If you’re serializing and not sending data downstream, start now. Don’t wait till the November 2023 deadline. You have to “turn on the switch.” Send your data downstream now.

At this point, we decided to ask Herb about aggregation.

DSCSA doesn’t say anything about aggregation. But wholesalers are asking for aggregation to support their business processes. When you send electronic data, wholesalers need to know what serial numbers are in the cases they just received.

Aggregation is a business requirement for operational efficiency. For example, if you get 10 cases with a hundred items in each case, you don’t want to open the cases and scan every item to see what you received and will ultimately ship. Aggregation makes things faster and more efficient. It’s similar to how VRS had both a legal and a business requirement: The legal requirement mandated a response within 24 hours for saleable returns verification. But given the potential volume of saleable returns, 24 hours was too slow for wholesalers; it would cause the receiving docs to fill up with products pending verification. For this reason, wholesalers mandated a business requirement of sub-second response times.

DSCSA compliance update #2: product tracing

A centralized solution or standard has not been defined for product tracing. A lot of different approaches have been discussed, but there’ve been no specs, no firm requirements, that solution providers can implement at this time.

Right now, we’re supporting the industry’s manual process for product tracing. The HDA, NABP, and PDG have done a really good job of outlining what’s required for tracing. [That’s the Healthcare Distribution Alliance, the National Association of Boards of Pharmacy, and the Partnership for DSCSA Governance.]

They’ve walked through a series of scenarios that can be executed manually and have helped the industry to better understand the complexity and nuances of tracing a product through the system. In parallel to this effort, the PDG is working on a data format to communicate traceability requests and responses. PDG is putting that information into a JSON format to communicate the need. [JSON is the JavaScript Object Notation data interchange format. Its advantages are that it uses human-readable text and is a more compact means of communicating data.]

What’s the key takeaway, Herb?

Pay attention to the traceability scenarios that are coming out of the HDA, NABP, and PDG. They’re doing a really good job of trying to show how tracing workflows will happen. They’ll be publishing more results and helping the industry understand. Watch for these, because it will enlighten you about what’s coming in 2023.

DSCSA compliance update #3 and #4: ATPs and VRS

From a solution provider standpoint, the ATP and VRS initiatives have become one and the same. Right now, ATPs have only been applied against the VRS, so the timing for us to get that done has become one implementation effort.

When you make a VRS request, you have to prove you’re an ATP. ATP is there to confirm two things: you are who you say you are and you are authorized to transact business. Proof that you are an ATP is especially important in the VRS network since trading partners may not have direct relationships with other VRS participants.

For VRS, there’s a new version 1.3 that will be deployed before the DSCSA 2023 deadline. The current version we have is based on the 1.2 standards interface. The 1.3 version “opens up” VRS beyond what it was intended to do, which is the verification of saleable returns.

What people should know is that VRS 1.3 is not backwards-compatible. This means VRS providers have to upgrade at once. To ensure that the upgrade occurs on time, solution providers have agreed to “decouple” the 1.3 interface from the 1.3 functionality.

What this means is that everyone on the VRS network will remain connected since we will all support the new 1.3 connections. However, solution providers (or customers) who are not ready to upgrade to the new 1.3 functionality can continue to use VRS as needed. That’s going to be important because it allows us to change the interface so we can at least keep talking to each other. We can be interoperable. But not everyone has to support the features of 1.3 at the same time.

As for timing of the update, we’re talking about doing the testing of the interoperability of 1.3 in Q1 [of 2023]. So we’ll have to push this into a production environment after Q1, but we haven’t agreed on a production date.

What’s the key takeaway, Herb?

There is going to be an upgrade required soon and the industry and solution providers are working to make sure it’s easy to implement. We realize that is not as simple as a software upgrade but we need to carefully consider the revalidation requirements of our customers.

Final thoughts

And there you have it: A DSCSA compliance update about what’s happening right now with industry readiness for product identification (EPCIS and serialization), product tracing, and ATPs and VRS. Thanks, Herb!

Contact us if you have questions about what Herb talked about or the DSCSA in general. We can explain the requirements and how our solutions will help ensure you’re ready for November 2023 and the full serialization of the U.S. pharmaceutical supply chain.

If you like, we can probably arrange a meeting with Herb. But remember, he’s busy. In the coming weeks, he’ll travel to the Antares Vision Group global HQ in Italy, visit the Group’s brand-new North America HQ in New Jersey, and join a panel discussion at the HDA Traceability Seminar in Washington, D.C. (Antares Vision Group is also a sponsor of that annual event.) So reach out today and let’s see what we can work out.

Also take a look at our DSCSA Compliance Library. It’s a clearinghouse of information with links to our blog posts, white papers, webinars — everything — about the law, including the “four cornerstones” Herb talked about in today’s DSCSA compliance update.