Executive Summary: Drug Supply Chain Security Act
Drug companies and the FDA have an image problem. Many instances of adulterated prescription drugs make it to the market, be they stolen goods, counterfeit goods, or otherwise misdirected (think: expired materials relabeled and resubmitted for sale). Until the Drug Supply Chain Security Act (DSCSA), the pharmaceutical industry had asserted that these actions were the work of wrongdoers outside of their direct control. The FDA prides itself on ensuring the safety and security of the nation’s drug supply, and something needed to be done to prevent offenders from harming patients. Hence, the DSCSA came to reality.
With the DSCSA, no longer can a pharmaceutical company claim victimhood to criminal elements in the supply chain. Now, pharmaceutical companies are responsible for ensuring the integrity of pharmaceutical products from dock to receipt at the pharmacy. This article will help clarify the key points of the law from a 40+ page document, into a shorter executive summary.
The endpoint of this law, in the year 2023, is to have every unit (i.e. bottle) of prescription pharmaceutical product individually identified, tracked, and traced in a large database (called an Interoperable System), so that any illegitimate product can be quickly identified, quarantined and removed. At each point of ownership transfer in the supply chain, the seller needs to provide a manifest that tells the buyer the list of owners up until the unit was released from the pharmaceutical manufacturer. This information can then be authenticated by scanning a barcode on the unit (starting in 2017) and comparing that history to the information in the database. Tracking will also be employed at the case level and the pallet level, to simplify the tracking requirements for homogenous cases and pallets (i.e. full pallets and cases containing all units from a single lot number of product).
No such enormous database for tracking currently exists, so the law will be implemented in milestones. As of the authoring of this summary, traceability should already be implemented at the lot level (as opposed to the individual container/unit level). Pharmacies (known as Dispensers in the law) have a grace period for receiving this information by March 1, 2016, but all other supply chain entities are required to provide the manifest stating all previous ownership transactions at the point of sale. Some smaller pharmacies have outdated computerized systems, which present a challenge to transferring this data. This grace period will provide time for pharmacies to either procure the correct systems or to outsource maintenance of this information with a contracted entity.
The law provides a means of reporting illegitimate products online. Illegitimate products are counterfeit, stolen, diverted, adulterated, fraudulent, or otherwise unfit for distribution. While it is the pharmaceutical manufacturer’s responsibility to ensure that only legitimate product reaches pharmacies for dispensing, everyone is responsible for reporting a suspicious product, performing an investigation, and collaborating with the FDA and the pharmaceutical manufacturer to determine whether a “potentially” illegitimate product is, in fact, illegitimate. The distribution system ensures that all points of material transfer are monitored and that the FDA is alerted of suspicious activity. Pharmaceutical handlers must investigate anomalies within 24 hours, or not more than 48 hours for weekends and holidays.
The FDA outlines specific information that needs to be documented when investigating a potentially illegitimate product. Investigations include specific sampling requirements for product inspection/test, a review of transaction history, documentation requirements, and the need to have investigation data available for review for 6 years after conclusion of the investigation.
The investigation requirements will change the way that pharmacies and pharmaceutical logistics providers do business. Dispensers are regulated by state boards of pharmacy, and logistics providers/wholesalers are also regulated by the states. This law brings these businesses under Federal jurisdiction, with significantly different (if not more stringent) requirements. It will take some time for these businesses to get used to the new way of doing business. In the author’s opinion, these entities will experience growing pains and possible FDA disciplinary actions until they normalize operations.
For logistics providers and pharmacy wholesalers, documentation has already increased, in anticipation of future FDA licensing standards. For now, the FDA currently accepts state licensure to become “authorized” and expects an annual update of the licensing status, company name, address, and facility identifier, any disciplinary actions for the last 12 months. This will make it easier for the FDA to identify the most effective standards for supply chain control. In the future, the state standards move to a single standard for FDA “authorization” for logistics providers and pharmacy wholesalers, much as is done for “registration” in the European Commission GDP Guideline. The list of logistics providers and wholesalers is posted already online. Interested pharmaceutical companies can use this information for selecting dependable logistics services for their products.
This law has notable exceptions such as intra-company transactions, public health emergencies, and drugs for veterinary use. I have not mentioned all exceptions, but each exception appears to be as reasonable, as the three instances mentioned above.
I hope that this article enlightens readers on the key points of the DSCSA. Please send feedback and questions, and we at Compliance Team will do our best to give you the best, most accurate response.