Blue Sphere Health

Posts Tagged ‘USA’

Help, we’ve been counterfeited !

We hope your products remain safe, or at least that you have proactive brand protection and a strategy for when things go wrong. Unfortunately, experience tells us that some of you are “winging it”. Just because you haven’t found fakes yet doesn’t mean they aren’t there. It is much safer (for patients as well as your career) to plan for the possibility of counterfeiting than to do nothing and react only if and when it happens.

Ignorance is no excuse

The “do nothing” strategy is about to get even more dangerous, as regulators’ reporting expectations increase. Hidden deep in the EU Falsified Medicines Directive (Article 18, actually) is the phrase: “Where a manufacturer has reason to believe that the … product may not be authentic [he] shall immediately inform the relevant competent authorities” In the US Drug Supply Chain Security Act there are several requirements to file reports on suspect products within one business day – whether the trigger is a request from authorities or an incident identified by the stakeholder.

Don’t use Excel and duct tape

Collating, approving and filing something so business critical within 24 hours is a demanding task. It requires a software system, not crossed fingers and a spreadsheet. Serialisation software won’t solve this problem either, because those systems are designed to handle numbers, not case reports and the other disparate elements of counterfeit surveillance and incident management. If you believe your “suspect product reporting” process is not fit for purpose, we can help. Our Knowledge Capture™ software was developed by our technology partner Integritie and optimised for pharma with our help. It provides litigation-grade tools to support your brand protection function. You may not have a large team but you can have a wide reach with Knowledge Capture. Contact us today to arrange a demonstration.
Continue Reading

Epic DSCSA / FMD Fail: the apology memo to your boss

In the spirit of public service to the pharmaceutical industry as it gears up for the implementation of various traceability requirements, we are offering a free template email for late adopters. Pull this out and use it if you ever have to own up to getting serialisation really, really wrong. (NB we use the European spelling on this site but please mentally replace the middle s with a z if that bothers you). We hope you never need this email, but if you’re going to wait until next year before doing anything or talking to vendors, you might want to file this post in Favourites for re-use later.

Date: sometime in 2017

To: CEO, Pharmacorp Inc.
From: COO / Chief Compliance Officer / Head of Regulatory / SVP Manufacturing / Head of Supply Chain / Head of Technical Operations / whatever
Dear Boss
Thanks for the copy of the Drug Supply Chain Security Act / Falsified Medicines Directive and your refreshingly to-the-point enquiry about our current readiness status for “the [expletive deleted] pack coding deadlines which are only months away”. As of today, I have to admit that I don’t know if our production people will be able to get everything ready in time.
We thought it was a bluff
To your point, we have certainly been aware since 2013 (and in fact years before) of the requirement to mark packs and I agree that three years of preparation seems like an adequate amount of time to get things done. However, we were hoping that either Congress / the EU was kidding or that delays and enforcement holidays would kick this can a long way down the road. I suppose with the benefit of hindsight this may indeed look somewhat “incompetent”.
We need more cash
We have now contacted all the suitable technology vendors and serialisation consultants but it seems that their lead times may be longer than we had hoped. Apparently there is a finite availability of expert resources and the first choice partners are all maxed out with existing customers who are further down the track in preparing for the deadline. Our calculation that we could save money by waiting as long as possible and letting other people make all the mistakes now looks like it may have been wrong. We may have to revisit our budget request to ask for emergency funds to get this done.
We may not be able to sell product
You asked whether missing the deadline would have an impact on our commercial operations. After enquiring with the sales division (thanks for the introduction, by the way) it turns out that the USA and EU are our largest markets – who knew? As I understand it, we can’t sell product there if we don’t meet the legal criteria, so I guess this will have an impact on the financials at some stage. I would recommend holding a slot on the agenda at the next earnings call. If it helps at all, the delay in initiating our program means that some of the capex for equipment spend might be pushed into the next financial year. We hope to be fully compliant again as soon as we get all the process mapping done, user requirement specifications written, vendors selected and contracts finalised, necessary pilots completed, equipment installed on all lines, errors minimised and OEE brought back into line, supply chain partners up to speed, serialised and aggregated inventory flushed through distribution channels etc.
It’s everywhere
FYI, I am also hearing that the DSCSA and FMD may have parallels in other geographies. This may have some other impacts on our Rest of World operations. Our contract manufacturers are in various states of readiness and we may need to revisit key supply arrangements. As soon as I get to grips with what the requirement for serialisation and tamper-evidence means for our global manufacturing strategy I will report back.
I’ll get my coat…
Apologies once again for being caught out by this deadline creeping up on us so suddenly – after all this time. Thanks for your understanding and good luck with explaining the situation at the Board meeting.
Yours, etc.

Don’t be that person. Make sure you plan for serialisation, aggregation and tamper-evidence. If you are planning pack changes, bear in mind that all unit-of-sale packs will need to be tamper-evident in the EU by February 2019. Make allowance for strategic advice and implementation consultancy. Don’t try to wing it. This really is the last chance to get things done right and in time. Whether you are just starting, well advanced but need some help along the way, or almost done but just need a little extra resource for fine tuning, we can help. Contact us: [email protected]

Continue Reading

US drug serialization and traceability: not such a distant dream

The emergence of the Pharmaceutical Distribution Security Alliance (PDSA) as a growing force in the long running epedigree / track and trace / serialization saga was completed during a US Congressional hearing recently.  The whole hearing (which covered a variety of areas including Accelerated Approval, Medical Gas, Antibiotic Development and Downstream Pharmaceutical Supply Chain) can be heard again online but the highlights for our purposes are the opening presentation from Janet Woodcock of the Food and Drug Administration (FDA) and then “Panel III” on supply chain security from 2h 34m. The US industry consensus (manufacturers, distributors, pharmacists) is clearly aligning behind the PDSA suggestion (referred to as the “RxTEC proposal”) which calls for lot-level pedigree with unit-level pack coding.  This will entail mandatory peer-to-peer sharing of lot or batch information during the normal course of commerce, providing a lot-level transaction trail or pedigree as product moves through the supply chain.  Additionally, each individual pack will have a unique serial number which can be used for verification or other purposes but will not be part of the mandatory data set that must be passed during each transaction.  This avoids the need for many of the onerous, time-consuming and therefore expensive new processes that a full epedigree system would require.  For a fuller discussion of the various modes of traceability and their implications, see Dirk Rodgers’ excellent RxTrace blog. This hybrid model, which is either “pedigree-lite” or “serialization-plus” depending on your point of view,  has some key benefits. The first major advantage over previous attempts to implement traceability in pharma is that it is a pragmatic approach.  It is still a challenge but not an insurmountable one.  After years of meetings in Sacramento trying to persuade the California Board of Pharmacy to agree another stay of implementation of their pedigree requirement, this is a much more productive approach and probably the best shot at developing a federal solution that works. The second key step forward is that (unlike previous approaches) the RxTEC model seems to have the broad support of many of the stakeholders who will have to make it work (manufacturers, distributors and pharmacists). This gives it a fighting chance of actually happening. Thirdly, it is expandable to full pedigree as and when the capability or need is there.  Nothing in the PDSA proposition precludes a full epedigree environment in the future.  But if epedigree is like the Apollo programme, RxTEC is just taking the sensible step of testing components in Earth orbit first. Finally, global compatibility is made much easier by this new paradigm.  Blue Sphere Health does a lot of consultancy work with manufacturers on traceability in Europe, USA, India and elsewhere.  Our customers are wrestling with the problem of how to reconcile the needs of potential epedigree in the USA (because if you put systems in place for California, effectively you have to do it for your whole US supply chain) with the different system of end-to-end verification that is likely to be the model in Europe.  They also have to try to hit curve balls thrown by projects like the potential eTACT system being developed by the European Directorate on Quality of Medicines and the traceability systems in Brazil, Argentina, China, India etc. See for more on these stories. If the necessary legal language can be agreed and incorporated into the Prescription Drug User Fee Act  (PDUFA)  reauthorization process this year, which is the chosen tactic for rapid approval, then this lot-level system might happen soon (ie 2015).  It would replace the California law which has specific federal pre-emption clauses for this very purpose.  Anything which turns a state-level impasse into a pragmatic and achievable federal system deserves our backing.  Patient safety demands that we get this done. We specialize in advising clients on these issues.  Contact us for more details or email me personally at mark(dot)davison(at)bluespherehealth(dot)com.
Continue Reading

Pharmaceutical Anti-Counterfeiting: Lessons from Avastin

Counterfeit medicines are not an entirely new thing in the American consciousness but when fake Avastin was reported this week it sent a larger than usual ripple through the news media.  I have been interviewed in the past 24 hours by Al Jazeera (see link or at right) and the Wall Street Journal. Why the fuss? Maybe it was because Avastin is a Swiss-designed, injectable cancer drug used only in hospitals.  This is a long way from dodgy Viagra bought over the internet or on a foreign trip, which is the image most people associate with fake drugs – if they even consider the issue at all.  Somehow, counterfeits have breached what should be a super-safe hospital supply chain and may have put patients at risk (although exactly how many patients received the medication is unclear).  Roche and Genentech were not directly at fault in this case but are there lessons that can be learned from their misfortune? How and why did this event happen and what can companies do to stop it happening to their products? The simple answer to the “how?” question is that plausible-looking fake Avastin packs, bearing familiar brand names and logos and containing authentic-looking vials, were good enough to fool professional medics.  It might be impossible for doctors and nurses to check the chemical composition of the active ingredients, but closer inspection would have revealed that the packs were apparently French in origin and bore the hallmark of parent company Roche, not the livery of the US-licensed manufacturer (and Roche subsidiary) Genentech.  The appliance of common sense should then have started alarm bells ringing, and indeed it may have been user vigilance that picked up this event in the first place.  FDA is now investigating. The “why?” question is more complex but the answer boils down to organisations trying to shave dollars off their drug bill by buying from grey market channels.  The French packs were supplied by a foreign distributor to at least 19 practices in the USA. Where exactly the distributor got them from will be established (I hope) during the investigation.  If hospitals and medical systems stick to the standard, regulated supply chain there is very little risk of receiving counterfeit products but it is precisely when people go “off-piste”, as appears to have occurred in this incident, that they put patients’ welfare at risk. If you’re a drug manufacturer or distributor, how do you stop a counterfeiting incident damaging your reputation and harming your customers? The first stage is to have a strategic approach and to act before you have to.  Don’t wait for the calls from FDA, CNN and concerned patients.  As they say in aviation, if you think safety is expensive try having an accident. I have written here several times about our DRASTIC framework for approaching anti-counterfeiting in a planned way.  The current move to serialization, epedigree and other traceability systems is soaking up a lot of budget and management time this year. There are legislative deadlines coming up in the USA, the European Union and elsewhere that will require manufacturers to code every single pack they make.  This will enable far greater supply chain transparency than we have today and will make it far harder for counterfeiters to insert industrial quantities of product into the legitmate supply chain.  But the dash for codes should not obscure the role played by old-fashioned authentication.  Visual inspection and the use of physical features – intrinsic or added, visible or covert – to reliably differentiate real from fake products is still a valuable tool in the arsenal.  An integrated anti-counterfeiting strategy needs both digital coding and physical authentication.  Neither is sufficient in isolation but together they are a strong deterrent against all but the most determined criminals. For those who would seek to delay mandatory compliance deadlines such as those in California (2015) or the EU (2016-17), ask yourselves whether it wouldn’t be a better strategy to get organised and get moving with your own initiatives so that the next Avastin-type incident doesnt happen on your patch. If you don’t know where to start, or you need help fine-tuning your strategy and tactics, we can help.  Blue Sphere Health are worldwide specialists in serialization, epedigree, authentication and related aspects of product security.  Contact us today for a confidential discussion or get in touch with me personally right now at mark(dot)davison(at)bluespherehealth(dot)com.      
Continue Reading

Coding Packs for France (CIP13): Is Your Equipment Also Suitable for Serialization?

The need for Data Matrix codes on all pharmaceutical packs in France, from 1st January 2011, catalysed a flurry of activity as manufacturers scrambled to install printers, vision systems and pack handling equipment to get themselves ready. The good news was that the code format (GS1 ECC200 Data Matrix) was the same as was (and is) being proposed for the future pack-level traceability schemes in the EU, USA and (eg) Brazil. Therefore, the supposed side benefit for many manufacturing companies was that the equipment needed for the CIP13-containing Data Matrix code was the same type of equipment needed for any eventual full serialization programmes that might crop up. Capex investment and implementation costs were a one-off and two birds could be hit by the same stone. N’est-ce pas? Well, yes. If you are one of the companies that chose wisely. If you cut some corners to save money during CIP13 preparations you may have some upgrading to do before you are ready for full unit-level serialization. The legal requirement for France is to incorporate a fixed CIP13 number (effectively an SKU number or pseudo-GTIN) plus batch number and expiration date, into an ECC200 datamatrix code. Therefore the code is batch-specific not pack-specific, and only changes when the batch number or expiry date changes. The unchanging code can thus be verified on the line after printing using either optical character verification (OCV) or optical character recognition (OCR). As a general rule, the OCV option is easier to implement and requires lower spec (and cheaper) kit because it is just looking for the presence, absence or quality of a pre-loaded visual pattern (in this case the invariant code for that batch). This doesn’t work for unit-level serialization, because by definition every code coming down the line is different. The OCR method is needed, which analyses and “reads” each code and compares it in real time to what was supposed to have been printed upstream. This takes more computing power, needs faster synchronisation and requires higher-end vision systems. The more experienced purveyors of line equipment to pharmaceutical manufacturers have seen this coming and advised their clients to purchase suitably nimble capability the first time around. But not everyone has been so clearsighted. One major equipment vendor I spoke to predicts that manufacturers which chose to save money when implementing CIP13 by going for competitors’ products with the minimal possible specifications may have issues when switching on their OCR capability to address the need for serialization. If you think this might be you, do some testing early before compliance deadlines loom. To avoid these and other strategic and tactical mis-steps, measure twice and cut once, as the old carpenter’s adage goes. Blue Sphere Health can help you to evaluate your short and long term needs for serialization and epedigree and put in place solutions that work today and also put you in a good position to deal with foreseeable challenges tomorrow. Contact us for a confidential discussion of your requirements for authentication, serialization, epedigree or any other aspect of pharmaceutical security. For a primer on all aspects of serialization and traceability in pharma, buy the new report I have written for In the meantime, happy holidays and meilleurs voeux pour 2012. Photo by Francois Schnell from flickr
Continue Reading

Pharmaceutical Serialization: Moving from If to How

Our consultants spend many of their days discussing the intricacies of drug traceability with our customers. We add value by bringing an external perspective gained from long experience in the industry (typically 20 years plus) as well as recent intelligence gained from meetings, project implementations, and conferences. I’ve just distilled some of this knowledge into a new report “Pharmaceutical Serialization: Moving from If to How” available from Read on – there’s a way you can get it for free. Recently, the changes in EU legislation and the potential initiatives in the US have sharpened the focus on the areas of serialization, epedigree and track and trace. Making some assumptions about the most plausible dateline gives deadlines from 2015 to 2017 and beyond for full compliance, although (as with anything involving legislators) these dates may slip. Given this three to five year timeframe, our customers have typically responded in one of two ways: 1. 2015 is just around the corner. Get unit-level coding done across all impacted lines as efficiently as possible and use the time available to make sure we select the best strategy, choose the best vendors, and do sufficient testing and validation. Think about associated issues of aggregation and data connectivity well ahead of time. 2. 2015 is likely to slip outwards and anyway we have three years minimum. Delay as much capex and opex spending as possible, in these tough financial conditions, and get the job done just-in-time. Plan for spending in 2013 not 2012. Regular readers of this blog will know which side of the argument I’m going to favour. As my recent analysis of the tasks and dependencies involved showed, there isn’t really any spare time. Much of the most impactful and resource-consuming activity does not involve wrenches, vendors or production lines (although installation and validation of line equipment is undoubtedly challenging) but instead requires departmental collaboration and internal resources. For example, master data (such as stock-keeping unit [SKU] codes) needs to be identified, “cleaned” to remove confusion and duplication, harmonised to GS1 formats and made accessible to the serialization and coding systems that will need it. Many companies do not have this data in anything like a suitable form today. Some of the biggest challenges, even for top ten pharma companies, occur after the unit-level coding step has been achieved. Aggregation, in particular, can be a real headache. This process – the association of unit codes with a shipper box code, then of the shippers with a pallet code – is complex and needs time and effort to solve. It may have deep implications for your warehouse management system. The need for large data strings and codes may also require more pack space than you currently have available. Do you need to switch to a slightly bigger pack format? I will cover some of these hidden bombs of serialization in another post soon. For now, the one-line summary is: get started in 2012 if you haven’t done so already. Wherever you are in the process, contact us to arrange a call or meeting to discuss your needs – let’s get something in the diary for early 2012. I’ll go further and give you a no-lose offer. Buy my new report. It will give you the global context, bring you up to speed on key obligations and give you some guidance on how to get started or how to move forward if you’re struggling. If you buy a departmental or corporate licence for the report and then subsequently initiate a project with Blue Sphere Health before 1 March 2012, I will deduct the cost of the report from our invoice. The departmental license is currently on special introductory offer until the end of December, so act now to secure your double saving. Enjoy the coming holiday season and recharge your personal batteries for 2012. It’s going to be a busy year.
Continue Reading

Safeguarding America’s Pharmaceuticals Against Counterfeiting and Diversion

September 22nd, 2011 saw the introduction of HR 3026 or the ‘Safeguarding America’s Pharmaceuticals Act of 2011’ into the US House of Representatives. Itself an update of an earlier bill, the document contains some interesting elements that could have big repercussions. Taking the Fifth… First of all, let me give the standard caution that most bills don’t make it out of the committee stage so this is a long way from being law. However, assuming for a moment that it represents current Democrat thinking, let’s examine what it would mean if passed. Pedigrees The bill is based on the ‘pedigree’ model, with (broadly) every transaction recorded for every pack as items travel through the supply chain from Authorised Distributors of Record (ADRs) or manufacturers right through to pharmacists. This is in contrast to the likely model in Europe, where end-to-end verification is favoured as a more workable option. In the latter, so-called ‘bookend’ systems, the pack is coded and checked at the manufacturing or packaging step and again at the pharmacy before dispensing but all intermediate code checks during distribution are optional. Big Pack, Little Pack, Cardboard Box Pedigree imposes a much higher burden on the supply chain, partly because the most practical coding technology is visible printed codes – usually in a two-dimensional matrix format. These codes require line-of-sight: the scanner must be able to ‘see’ the code optically with no intervening opaque packaging. This is an obvious problem when packs are aggregated into shipping case and pallets. It is simply not feasible for distributors to unpack, scan and repack large volumes of material, so a workaround known as ‘aggregation’ is used. In this process, the unit pack codes that go into a larger box are associated together in a database together with a secondary code that is applied onto the bigger container. The process is repeated as necessary up to pallet level. Mongrels Thus by scanning a single code on the pallet, an operator can (in theory) find out the codes on all of the unit packs contained within. This all works well. Until it doesn’t. The pharmaceutical distribution process is complex and for many reasons shipments are broken down, mixed with other products and reaggregated before being sent onwards. There are multiple opportunities for someone to fumble the ball and when they do the whole consignment could become unsaleable due to lack of a viable pedigree. Return-to-Sender Encouragingly, the returns process is also addressed in the Bill and included in the pedigree requirement. The ‘reverse logistics’ operation of returning expired or unwanted goods back up the supply chain has been vulnerable to fraud in the past. Code but no Enigma Standardized numerical identifiers will be needed for a coherent coding and tracking system and this is also addressed although FDA thinking on this has been provided already. The danger of a non-globally-aligned numbering format seems to have passed and any implemented system is likely to be a GS1-harmonised structure based on existing National Drug Codes. California, USA The timetable for applying codes to packs is pretty much that of the existing California pedigree deadlines, i.e. starting on 1 January 2015, and (sensibly) any Federal regulations would automatically supersede state provisions. So no shocks there on timing but a much bigger scale of challenge to comply nationally on the same timescale. This timeline also ties in broadly with the anticipated schedule for the implementation of traceability provisions in the EU Falsified Medicines Directive. SWOT Team The Bill also calls for a study into threats, technology choices and gaps in current government processes. This is to include ‘consultation with technology developers, drug manufacturers and other interested parties’. Time to make your thoughts heard. Conclusions This is just my initial reading of a Bill that may well not come to pass. There are no easy ways through this serialization / pedigree problem but we owe it to patients to try to seal the supply chain against fake drugs. Any traceability system will be complex, but I think going for a full pedigree model in one step is not the way to go. It is technically feasible, but it will be needlessly expensive and risky compared to the alternative model. Next steps If your company is struggling with these issues and you need some advice on strategy, technology choice or other aspects, then contact Blue Sphere Health. We help customers to solve these traceability challenges cost-effectively and in a way that adds value rather than just raising costs. For a fuller discussion of supply chain issues, authentication and other elements of the fight against counterfeit drugs, see my new book “Pharmaceutical Anti-Counterfeiting: Combating the Real Danger from Fake Drugs” (Wiley, 2011) reviewed here.
Continue Reading

Contact Us

Your Name (required)

Your Email (required)


Your Message

Pharmaceutical Anti-Counterfeiting

Combating the Real Danger from Fake Drugs has become a must-have primer on anti-counterfeiting and is widely used by drug companies, regulators and others. The book covers the legal, strategic and political issues as well as the technical counter-measures such as process control, digital serialisation and physical security.

Pharmaceutical Anti-Counterfeiting book