The State of the Industry in Product Security

As legislative mandates have receded, manufacturers must undertake their own initiatives for protecting against counterfeits and diversion

The US biopharma distribution industry is coming up on a one-year anniversary of the postponement—out to 2015—of the California pedigree rules, as decided by the state’s
governor and Board of Pharmacy. That postponement is simply one of many state initiatives that did not go forward in the past few years (many states have various levels of drug-distribution documentation in effect), but it was a signal event for scaling down initiatives to secure the supply chain from manufacturer to dispenser.

Which is not to say that counterfeiting and illicit diversion has gone away. The annual count of counterfeiting cases opened by FDA’s Office of Criminal Investigation jumped in FY2008 (which ended in September 2008) to 52 (see Fig. 1). Many of these cases involve illicit Internet pharmacies or importers, which defenders of the status quo argue are not relevant to the better-regulated “normal channel of distribution” process from manufacturer, to full-line wholesaler, to pharmacist-managed store or clinic. But this channel (whose very definition breaks down around the edges) is beset by threats at many points:

• The heparin scandal of early 2008, which involved contaminated active pharmaceutical ingredient (API) from China, and led to the deaths of over 200 in the US alone;
• Data from reverse-logistics companies, showing conclusively that some 0.67-1.4% of pharmaceuticals returned from pharmacies are fakes. Because some of this product returns to the forward distribution system, the risk is that they could wind up being dispensed to patients (Pharmaceutical Commerce, May, p. 18).
• Theft of products, which goes beyond routine employee pilferage to organized hijacking teams that target specific truckloads. While much of the theft targets controlled substances, other, high-value therapeutics are of interest simply because the financial rewards can be high, while the risks are relatively low.
• The aforementioned Internet-based trade, which goes beyond consumer-facing websites to bulk shipments of APIs or unbranded pills and products.

Lacking an industry-wide, consensus-based tracking system, individual manufacturers are left to their own devices to protect their brands. Technology and service vendors have responded with a cornucopia of techniques and monitoring services—the whole gamut of security tags, inks, papers, holograms and other package-security measures; “on-dose” taggants and markings, and lab-type analysis services; and online monitoring of Internet-based trading activity.

Individual manufacturers can employ one or several of these techniques as part of a forensic field service to protect themselves and their markets—and there are consulting organizations to provide those services as well. The environment has now evolved into an ongoing cat-and-mouse game, where counterfeiters, diverters and others look for weaknesses in markets and supply chains, and manufacturers act to shut them down when discovered. The risk to patient safety—while small in absolute terms—remains a concern to all.

New pilots, new collaborations
As this issue goes to press, a pilot project organized by the European Federation of Pharmaceutical Industries Assns. (EFPIA) for tracking pharmaceutical shipments from 14 manufacturers, to two wholesalers, to a network of retail pharmacies in Sweden is up and running. That project will run for four months, says Jean-Marc Bobee, industrial affairs manager at Sanofi Aventis (Antony, France). “The information contained in 2D barcode on the product packaging will include product code, batch number, expiry date and a serial number,” he says. An IT system connecting some 180 dispensing points has been built by a consortium among Siemens, SAP and Hewlett-Packard, and will link to the IT system of Apoteket AB, a pharmacy chain, that was built by Tieto AB.

The project—arguably the broadest and most advanced running project in the worldwide biopharma industry to address drug tracking—is a showcase for supply chain collaboration in the context of European Union pharma safety initiatives. After it shuts down, it will be followed by several months of analysis of the results. On the upside, it is multinational (although limited to Europe), and collaborative between manufacturers, wholesalers and retailers. On the downside, it is limited to barcode reading and recording, and won’t necessarily set the stage for a worldwide standard.

Meanwhile, individual efforts continue for the very simple reason that counterfeiting and diversion go on. Supply chain managers and pharmaceutical buyers should have been on alert during this summer as a large shipment of insulin was stolen, and then product from those diverted lots began showing up in hospital and clinical pharmacies in multiple locations. FDA issued an alert in late August (having already put the industry on notice with an earlier announcement) reminding pharmacists to be on guard. “Evidence gathered to date suggests that the stolen insulin was not stored and handled properly and may be dangerous for people to use. The FDA has received multiple reports of patients who suffered an adverse event due to poor control of glucose levels after using a vial from one of the stolen lots,” said FDA. “So far only about 2% of the total amount stolen has been recovered.”

Theft has emerged as one of the main concerns of supply chain security in the past few years. FreightWatch USA (Austin, TX), a logistics consulting firm specializing in supply chain security, reported that while pharmaceutical freight-theft incidents dropped by nearly half from the first six months of 2008 to that of 2009, the average incident value increased from $705,000 to $6.71 million (Fig 2).

Most reputable carriers make significant loss-prevention efforts, but some feel that a new level of security is desirable. National Retail Systems (North Bergen, NJ), whose traditional business is the delivery of high-value consumer goods, says that it is receiving heightened queries from pharma companies trying to reduce risk, according to John Tabor, director of security. NRS touts high-end services like a network of secured depots across the country, redundant vehicle tracking systems, and a close collaboration with federal transportation authorities.

Counterfeiting has been a recurring theme of the pharma industry going back to its very earliest days (it turns out that there was a product called “snake oil” over a century ago—and that the counterfeiting of it created the business of snake oil salesmen). The conventional wisdom about anti-counterfeiting features is to use a layered approach, with multiple features on the primary and secondary containers, the patient insert or label, even on the product itself. Pharma companies doing their own packaging can acquire security inks, paper, taggants, holography or other optical technologies from a variety of vendors. Several contract packagers, including Catalent Pharma Solutions, Cortegra, Nosco, Colbert Packaging, Keller Crescent, Alcan Packaging and others, provide a coordinated range of offerings. Because labels are frequently printed with variable features specific to each lot of a production run, the label converters are also a ready source of anticounterfeiting features.

There has been some buzz in the 12 months over “on-dose” anticounterfeiting features (which are on tablets themselves), which advocates point out are the most reliable form of brand protection, since it is usually possible to separate a product from its packaging or labeling. FDA issued new guidance this summer (“Draft Guidance for Industry: Incorporation of Physical-Chemical Identifiers into Solid Oral Dosage Form Drug Products for Anticounterfeiting”), recommending that the lowest-possible level of these colorants, inks or “molecular tags” be used. Such products or techniques are available from JDSU, ARmark, NanoGuardian and 3S Simons Security, among others.
NanoGuardian has taken its marking technology (which, to be precise, is a surface treatment and not the placement of additives in or on tablets) one step further by partnering with SDI Health, a healthcare-data company best known for reporting on pharmaceutical sales and prescribing data. Together, they will offer “Closed-Loop Protection,” with NanoGuardian’s “nanocodes” that identify each tablet, and a pharmacy-auditing service from SDI Health. "With Closed-Loop Protection, we can proactively identify costly counterfeiting and illegal diversion activities as they occur, which allows more time for action and reduces the risk to pharmaceutical companies and patients,” says Dean Hart, Nanoguardian EVP.
“Reading” tablets for additives or markings is one way to authenticate a product directly; another is simply to analyze the product’s chemistry and compare it to stored spectroscopic data. That’s the approach of Ahura Scientific, which got its start in explosion-detection for the Homeland Security Administration, and has now distributed its handheld Raman spectroscopy device to many pharma companies, both for product authentication and for routine quality assurance. Another firm, XStream Systems, uses x-ray diffraction to similar effect. XStream says that a number of pharma wholesalers or reverse-logistics providers are using its desktop-scale technology to monitor the authenticity of pharma shipments.
Yet another approach to anticounterfeiting monitoring is to monitor not actual products, but the volume and source of inventories being offered for online sale. That’s the approach of New Momentum LLC, which offers an “Enterprise Brand Intelligence” service. Integrichain has offered a similar service, based on tracking wholesaler data.
What might be called the “shoe leather” approach to monitoring trade channels comes from Cegedim Dendrite’s BuzzeoPDMA unit, which has a network of inspectors around the country, as well as a license for a retail pharmacy. The company can make purchases of pharmaceuticals from various channels, then send them off to be analyzed for authenticity. One evaluation, says president Bill Buzzeo, is to verify that a retail pharmacy actually exists, and is not simply a storefront for acquiring pharmaceuticals that can then be sold into other channels at higher prices.

The state of track-and-trace
Packaging countermeasures, chemical analyzers and onsite inspectors all are effective, but are limited to the initiatives of individual companies. Hardening the overall supply chain was the goal of e-pedigree programs or comparable “track and trace” systems that have been proposed, but only partially put into effect.
The GS1 Healthcare US Group, part of the international GS organization for product information, has had success in bringing many hospital group purchasing organizations together to unit in establishing “sunrise” dates when product shipments and documentation will need to use the GLN (Global Location Number) (in 2010) and GTIN (Global Trade Identification Number) (in 2012), leading to an eventual Global Data Synchronization Network (GDSN). Worked into the GS1 structure is a framework for exchanging product information among trading partners, the Electronic Product Code Information Services (EPCIS). Software for EPCIS has been developed by Axway, IBM, SAP, and TraceLink (the new owner of SupplyScape—see p. 33), among others for pharma applications.
Next March, FDA is due to make recommendations on a data standard for drug identification to Congress under the FDA Amendments Act of 2007. With the healthcare provider network uniting behind GS1, and with few other broad, multinational efforts going on, it’s hard to see how the FDA recommendation could be anything but GS1.


Market analysis firm AMR Research (Boston), in looking at the state of track-and-trace efforts last spring, noted that “If participants of the healthcare value chain focus only on compliance with track-and-trace legislation, they will miss real opportunities to drive business benefits such as improved supply chain visibility and demand forecasting. The emphasis needs to be on collaboration between trading partners up and down the supply chain (see Fig 3) which, when reduced to IT communications, could conceivably be handled by cloud computing.


Fig. 1. FDA’s annual count of new counterfeit-drug cases opened, shows that agency focus remains strong on ferreting out crime

Fig. 2. A map of first-half 2009 supply chain theft (of all types, not just pharmaceuticals) shows that thieves target interstate highways. (credit: FreightWatch Group)

Fig. 3. With the many trading partners involved in pharma distribution, could cloud computing be the solution? (credit: AMR Research