Today’s question: What is the Drug Supply Chain Security Act (DSCSA)?
The Drug Supply Chain Security Act (DSCSA) was passed on November 27, 2013. Envisioning a 10-year journey leading to the complete serialization of the U.S. pharma supply chain and electronic, interoperable exchange of product information, the law is scheduled to take effect on November 27, 2023.
We’ve written extensively about the legislation, but with the deadline for full compliance quickly approaching, we thought an overview was in order.
So let’s take a look at the DSCSA from top to bottom — milestones, requirements, highlights, expectations, and challenges — and answer the question, What is the Drug Supply Chain Security Act?
The Most Recent DSCSA Developments
As the timeline below shows, the FDA has adjusted DSCSA compliance deadlines during the rollout. The most recent — and arguably most significant — happened in August 2023, when the Agency announced that it was delaying by one year enforcement of key DSCSA requirements. This “extended stabilization period” moves the enforcement date to November 27, 2024.
However, it’s vital that all supply chain actors understand that the original compliance deadline of November 27, 2023, still stands. The Agency has made it clear that the stabilization period is not a delay of the 2023 requirements: It expects companies to have implemented the mandated systems and work to ensure they are operating correctly, smoothly, etc.
This guidance is not intended to provide, and should not be viewed as providing, a justification for delaying efforts by trading partners to implement the enhanced drug distribution security requirements under section 582(g)(1) of the FD&C Act. FDA strongly urges trading partners to continue their efforts to implement necessary measures to satisfy these enhanced drug distribution security requirements.
So what’s the key takeaway: Don’t stop preparing for the DSCSA. If you have questions about the DSCSA stabilization period or are concerned that your current provider isn’t doing everything it can to set you up for success, we encourage you to contact us today to speak with one of our DSCSA experts. We are 100 percent committed to ensuring all of our customers meet DSCSA compliance.
DSCSA at a Glance
Created as Title II of the Drug Quality and Security Act (DQSA), passed by Congress in November 2013, the DSCSA is an initiative to prevent the introduction and distribution of counterfeit, stolen, contaminated, or otherwise harmful drugs in the United States. It outlines steps to build an interoperable electronic system to identify and trace prescription drugs as they are distributed throughout the country. By providing comprehensive FDA guidance, the act facilitates the accurate tracing of products from the point of production to distribution to dispensation and beyond.
Understanding the Drug Supply Chain Security Act
If you’re a pharmaceutical company — a manufacturer, wholesaler, dispenser, repackager, or third-party logistics provider — you must comply with the Drug Supply Chain Security Act (DSCSA) if you want to do business in the United States.
The U.S. Food and Drug Administration (FDA) says the goal of the DSCSA is “to build an electronic, interoperable system to identify and trace certain prescription drugs as they are distributed in the United States.” The Act “will enhance [the] FDA’s ability to help protect consumers from exposure to drugs that may be counterfeit, stolen, contaminated, or otherwise harmful” and “improve detection and removal of potentially dangerous drugs from the drug supply chain to protect U.S. consumers.”
As we said above, the law has been rolled out in phases since it was passed nearly 10 years ago. Even though enforcement was delayed until November 2024, the FDA expects all supply chain stakeholders to keep preparing.
Key Requirements of the Drug Supply Chain Security Act
The DSCSA requirements can be divided into several categories that apply to manufacturers, repackagers, wholesale distributors, dispensers, and 3PLs. Each is important, but four are particularly vital to being ready for November 2023 because they require these stakeholders to have specific systems in place to be fully compliant. These are the “four cornerstones” of DSCSA compliance:
Product identification (serialization)
Manufacturers and repackagers must put a unique product identifier (PI), such as a bar code, on certain prescription drug packages. This must be able to be read electronically.
Manufacturers, wholesale distributors, repackagers, and many dispensers (primarily pharmacies) must provide certain information about the drug and who handled it each time it’s sold:
- Transaction information (TI) includes the product name; its strength and dosage form; its National Drug Code (NDC); container size and number of containers; lot number; transaction date; shipment date; and the name and address of the businesses from which and to which ownership is being transferred.
- The transaction statement (TS) is a paper or electronic attestation by the business transferring ownership of the product that it has complied with the DSCSA.
- A third type of information, Transaction history (TH), is an electronic statement with the TI for every transaction going back to the manufacturer. It is required before the November 27, 2023, deadline; it is not required after that date.
Manufacturers, wholesale distributors, repackagers, and dispensers must establish systems and processes to verify PIs for certain prescription drug packages. For saleable returns, manufacturers and wholesale distributors must use the Verification Router Service (VRS). Like everything else in the DSCSA, we’ve written extensively about the VRS. Our “DSCSA Saleable Returns Verification Requirement: Just the Facts” article is a good place to start.
Authorized trading partners (ATPs)
All manufacturers, wholesale distributors, repackagers, 3PLs, and dispensers must be ATPs and be able to electronically verify that their trading partners are ATPs.
In broad terms, to be an ATP you must meet certain registration, licensing, and licensure reporting requirements under the Federal Food, Drug, and Cosmetic Act (FD&C Act) and comply with state licensing requirements. The definitions of ATP also include language about accepting or transferring direct ownership or possession of products.
There are “four cornerstones” of DSCSA compliance requirements:
Other DSCSA Requirements to Consider
Detection and response + notification: Stakeholders must quarantine and promptly investigate suspect or illegitimate drugs. They must also notify the FDA and other interested parties when they find such drugs.
Licensing: Wholesalers must report their licensing status and contact information to the FDA. Third-party logistics providers must obtain a state or federal license.
What is the Drug Supply Chain Security Act? The DSCSA requires pharma stakeholders to work together to secure the U.S. supply chain. It doesn’t matter if you’re a manufacturer, wholesaler, repackager, third-party logistics provider, or a dispenser — the law affects how you conduct business. Your compliance depends on making sure you can meet your responsibilities.
That’s where rfxcel comes in.
We have 20 years of experience providing the pharmaceutical industry with leading regulatory and compliance software. So if you aren’t sure if you’re going to be ready for DSCSA 2023–2024 or you’re wondering if your current solution provider is doing everything it can to prepare you for compliance, contact us today.
Our DSCSA experts can show you a short demo of our solutions, clarify what your responsibilities are, and answer questions about your needs and how to meet them, no matter your role in the supply chain.
In the meantime, check out some of our other DSCSA resources, including our DSCSA: Preparing for the Full Serialization of the U.S. Pharmaceutical Supply Chain white paper and our DSCSA 2023 webinar series. These are great resources to help you better understand the law. You can click on those links or jump right to our DSCSA Compliance Library, a clearinghouse of all our information about the law.