GatewayChecker

How to ensure conformance to EPCIS standards in drug traceability

Within the next 30 months, some US pharmaceutical wholesalers are planning to be traceability-ready in accordance with the Drug Supply Chain Security Act (DSCSA). To some that might sound like plenty of time. To those of us with years of experience in the industry, it sounds more like a sprint to the finish line rather than a pleasant jog.
Even now, the US drug supply network is struggling with electronic, interoperable traceability without alignment around a common set of application standards. A report from the Office of Inspector General of HHS, while evaluating the current status of DSCSA traceability, recommended that “FDA offer educational outreach to trading partners about required drug product tracing information and data standardization guidelines.” [1]

There is a broadly (but not universally) accepted standard for trading-data communication: the EPCIS standard of the GS1 organization. But to ensure that EPCIS is being effectively employed by pharma trading partners, and the software vendors serving them, a testing protocol has been developed and sanctioned by GS1. This article will explain its justification and application.

Supply chain events
Drug traceability captures transaction events as individualized medicine containers and their parent cases travel from manufacturer to the point of dispense. By aggregating these events, regulators can understand location history, who has handled the product and for what purpose. FDA wants to ensure that only legitimate, uniquely identified product moves through the supply chain and that it is being handled by legitimate, licensed, and authorized trading partners.
To attain electronic, interoperable pharmaceutical traceability, each member of the drug supply network must connect and exchange information sufficient to enable supply chain transparency and integrity.

GatewayChecker Connectivity

The US pharma supply chain has thousands of interconnections.

In fulfilling more than 25,000 prescription SKUs, thousands of companies around the world must establish an electronic, interoperable dialog. There is no shortage of connections to be made. On the production side there are as many as 5,000 connections necessary to network packagers, drug manufacturers, repackagers, and third-party logistics providers assuming each of the 2,000 producers needs on average 2 -3 connections per manufacturer. The largest wholesale distributors connect to as many as 500 drug producers which means for just the “Big Three”, 1,500 connections are needed. The remaining 90+ wholesale distributors are likely to, on average, need to connect to six drug producers, increasing the number of connections by an additional 500. Therefore, an estimated 2,000 connections are necessary for drug producers to connect inbound to distribution. Finally, each point of distribution must connect and communicate with more than 200,000 healthcare providers, which is likely to require an additional 2,000 connections.

Need for standards
As complexity increases and information exchange becomes more important, it is necessary for standards to be formed to ensure that products, processes, and procedures fit together and interoperate — and that there is a “universal language” of sorts to relay this information.

When it is critical for businesses to communicate effectively, standards matter. Standards allow different businesses to act in harmony enabling uniformity, reliability, accuracy, and precision. By adhering to standards, companies and organizations can work together to build products like cars, computers, and cell phones, or securely exchange personal, patient, product, and financial information. Without well-defined requirements and strict adherence to standards, we struggle to establish interoperability and information exchange. To achieve accurate, rapid, robust, reliable connectivity with minimal errors, conformance to accepted standards is essential.

DSCSA application standards
Application standards are necessary to trace uniquely identified medicine containers as they move from initial packaging through the warehouse and then to the point of drug dispensation. The entities and their location involved with each drug transaction from initial introduction into commerce to the point of dispense must be captured, stored in immutable records, and be easily understood.

Fortunately, tracking, capturing, and accessing this data is made possible by the Electronic Product Code Information Services (EPCIS), a GS1 standard which enables trading partners to represent and share information about the physical movement and status of products as they travel throughout the supply chain. It is essentially a common language that knows the details of each transaction (the what, where, when, and why) and facilitates a shared view of physical objects within, and between, enterprises.

Since EPCIS is in use around the world to address a variety of business needs across many industries, application specific standards are necessary to tailor EPCIS to suit a specific purpose. The GS1 Healthcare US working group, made up of 50+ companies representing a cross-section of the industry, published EPCIS application standards governing DSCSA traceability in 2016. Within months, each of the major US wholesalers published EPCIS onboarding guides based on the GS1 DSCSA application standards. Impediments to change, such as re-validating an existing system, are a barrier to standards adoption. However, things are changing; most new deployments are specifying EPCIS 1.2, a prerequisite for DSCSA traceability conformance.

Although the drug manufacturer is responsible for product packaging and drug-transaction data accuracy, it is the drug wholesaler that feels the impact of standards non-conformance. As noted, the wholesalers face the daunting task of having to onboard and receive drug traceability information from hundreds of manufacturers.

“A high-percent of the files we see for the first time have EPCIS conformance issues,” says Jeff Denton, VP of Supply Chain at AmerisourceBergen. “Avoidable issues require a significant amount of human resources to identify, communicate, resolve, and retest. It simply isn’t scalable for wholesalers to troubleshoot the standards conformance issues that conformance testing could address ahead of time.”

‘Almost’ compliant?
One EPCIS solution provider wrote us recently “If we are not currently perfectly compliant with GS1 standards, we are extremely close.”
As Ken Traub, an EPCIS visionary and the inspiration for our conformance tools once remarked: “There is no such thing as ‘almost’ standards compliant; it either is or it is not.”

Recognizing the need to establish unambiguous DSCSA conformance, GS1 established a conformance testing certification program to identify non-conformances and improve DSCSA traceability and interoperability. Requirements were developed for a reliable, scalable, and robust testing and certification service.
Rigorous testing benchmarks were established by the GS1 US working group to ensure common assessments of similarly constructed traceability scenarios. A certification program was launched to certify independent companies, like Gateway Checker, as a Conformance Testing Service.

As a result, opinions and creative interpretations can be supplanted with facts and an unambiguous assessment. Unbiased third parties can objectively test and evaluate conformance to GS1 standards for DSCSA traceability.

Conformance testing ensures implementation consistency among trading partners, aligns data structures, enables common data definitions, and avoids deployment delays.

As a supply integrity consultant assisting with the deployment of serialization systems, I see first-hand the time and effort wasted on bridging the standards conformance gaps. With full DSCSA standards compliance, different solution providers could generate or receive EPCIS messages in a “connect compatible” manner. All required elements would be structured correctly. All necessary content requirements would be mutually understood by the parties. The missing element to assure drug supply interoperability is a testing and certification system that can unambiguously assure message conformance to the DSCSA application standards.

In 2017 I assembled a team of traceability experts and industry practitioners to transform the 35,000 words published in the DSCSA Traceability application standards into a conformance assurance system. Our efforts resulted in a rules-based conformance assessment platform that became known as Gateway Checker. Our conformance assurance service was tested and certified by GS1 as a Conformance Testing Service in 2019. Other conformance testing services are available. [2]

The Gateway Checker conformance testing system relies on hundreds of rules to examine the structure and content of EPCIS messages. Gateway identifies each non-conformance, provides a description of the issue and links to the offended section of the application standard. The system renders an ambiguous response; pass or fail. Passing EPCIS messages can be certified to one of 16 GS1 pharmaceutical traceability scenarios.

With Gateway Checker, proficient analysts can easily self-diagnose compliance gaps within their submitted EPCIS messages. “The Gateway Conformance Testing application provides unparalleled insight into traceability requirements,” said Vasudeva Saladi, Solution Architect, AmerisourceBergen. “It productively identified issues and highlighted what was needed to remedy them.” Late last year, within just a few weeks’ time, AmerisourceBergen became the first company to become Gateway Certified and attain the industry’s first GS1 Trust Mark.

Cost of nonconformance
Not following standards can result in spectacular failures. Who can forget the $125 million Mars orbiter crashing into the planet because an engineering team used English measurement standards instead of the metric system?

DSCSA nonconformance costs are not the type of dramatic failure that panics the industry into change. Rather, it is a steady stream of lost time, excessive resource expense, and unnecessary rework that stretches onboarding projects from weeks to months. Custom-coded connectivity maps resist change and hinder adaptability to new technology and evolving regulatory requirements. Aggregate all the wasted time and effort into a bucket and the industry impact is in the millions of dollars. We know there are significant gaps in drug traceability standards adoption. We have tested more than 100 industry files from different applications and found very few are able to fully conform.

There are substantial benefits from attaining DSCSA Gateway Certification. We have seen first time connections succeed and fully satisfying validation requirements without issue. Imagine the time saved, costs avoided, and confidence established when systems connect and communicate, first time, every time. We are in this together. US drug traceability will advance when manufacturers, contract packagers, repackagers, regulators, and EPCIS solution providers understand that conformance to standards matters! To this end, Gateway Checker is offering a complimentary readiness assessment of an EPCIS file: go to https://gatewaychecker.com/readiness-assessment/ and use the code PharmaComJune20 to begin the process.

References
1. https://oig.hhs.gov/oei/reports/oei-05-17-00460.pdf
2. https://www.gs1us.org/what-we-do/partners/find-gs1-us-solution-partner/find-rx-epcis-conformance-tester

About the Author
Gary LernerGary Lerner, founder of Gateway Checker, is an accomplished architect of supply integrity solutions. An expert in item-level serialization, Gary has developed successful supply chain and channel integrity solutions for nearly 100 leading brands around the world, serving the needs of pharmaceutical, medical device, packaged food, electronics and apparel manufacturers.