FMD (EU) and DSCSA (US) — how they differ
Introduction
Pharmaceutical companies, Contract Manufacturers or repackaging companies face many difficulties when working to meet the traceability requirements from different countries, and they face significant challenges in order to comply with those regulations without spending too much time and resources.
We outlined in our roadmap that we will help provide organisations with the tools to meet the compliance regulations and satisfy the latest requirements by utilising the FarmaTrust Zoi platform.
In this article, we will highlight the key differences between the Falsified Medicines Directive (FMD) int he EU and Drug Supply Chain Security Act (DSCSA) in the US, and how we help you to meet the requirement using our Zoi Platform. If you are in a rush, or want to have a quick glance, here is a general overview.
FMD vs. DSCSA — Key milestones
Milestones of the regulations, next year or four years later
The DSCSA has three main milestones, first in 2015 which is the lot-based documentation and then 2017–2019 item-level traceability started, then the final one in 2023, when all the related parties should have completed adapted their systems to comply with the new regulation. As for FMD/DR, there’s only one milestone, which is February 9, 2019.
For both regulations, we have already prepared our system to handle the track and trace to the lowest saleable level (we will show you how in the following sections).
Printing Info and data format, NDC or GTIN
While both DSCSA and FMD/DR mandate that the manufacturers and repackagers are required to label every package with different serial numbers for the purposes of verification, the two differ in the type of information they require to be printed.
The following data is required be collected for the DSCSA:
- The National Drug Code (NDC interchangeable with GTIN, FDA)
- The lot number, where the product originated
- The expiry date
- Serial number (S/N), randomization is NOT required
The FMD/DR requires collection of the following data:
- Product code (GTIN according to EFPIA, European Federation of Pharmaceutical Industries and Associations)
- The lot number
- The expiry date
- Serial number, randomization is required
If the product is for domestic use, the companies need only comply with one set of rules. However if the product MAY be destined for export and import into another jurisdiction then the variance between the two sets of regulations becomes tricky.
So there are two problems we need to solve before contemplating the export of US products to the EU. Firstly, the Zoi platform has the ability to inherit NDC identifier data and present it as GTIN supply chain identifier, which will help those US companies which continue to use NDC before exporting their products to EU. Secondly, the US manufacturers need to make sure the production line for the product destined for export to the EU can support the fully randomized serial number. Where the Zoi platform also supports a fully randomized solution for the production line so manufacturers can proceed smoothly.
Business events (steps), whether or not to include certain event(s)
In the GS1 standard, there is a defined set of business events which cover most of the business processes that a product could possibly experience throughout the product life cycle. Although both regulations accept the general GS1 rules, it is still worth highlighting the differences. Because FMD/DR has included “commissioning” and “decommissioning” as a part of the business events set, all the product that are destined to be exported to EU from the US need to make sure the “commissioning” event has been properly recorded. For the user on the Zoi platform, it’s as easy as ticking a checkbox if you are to export this product to the EU, and the system will automatically keep the “commissioning” as part of the historical transaction.
Data, central data hub or manage your own data
No matter whether your products are for import/export or are for domestic consumption and, therefore, just satisfy the regulations of a single region, essentially you will need to know where and how to submit your data to comply with the regulation.
For those manufacturers in the EU, the data should be uploaded through a central router called EU hub. This data will then be shared with relevant countries within EU.
Things are more complicated in the US, although the GS1 implementation guide for DSCSA has suggested that Global Data Synchronization Network (GDSN) is a place to store identifiers and attributes, and all the other functions for the new track and trace regulation.
However, there’s no detailed instructions of how an entity should work with the GDSN.
From our clients in the US, the approach they and their business partners take is they each hold responsibility to record the 3Ts: Transaction Information, Transaction Statement, and the Transaction History.
Therefore, in the case of a EU company importing medicines from a US manufacturer, they only need to update the commissioning event information and the new product printing information to the EU data hub. But if a US company is importing a shipment of medicine from another country, they would need to ensure the 3Ts are prepared for the possible inspections.
Once you have decided to work with FarmaTrust, we will assign a team to assist you to bridge this gap of different compliance regimes which are mandated in the different jurisdictions.
Track and Trace, when and how to verify?
The US and the EU systems also have different timings when and how often the product is to be verified. In the EU, every drug must be verified before it is dispensed to a patient, that’s why they strictly require the “decommissioning” event to be part of the business process. Whereas in the US the only verification point is when the medicines are returned or seen as suspect, and the related companies are obliged to provide the full information within 24hrs.
To address the variance between different verification needs, the Zoi platform has an inbuilt Identity and Access Management (IAM) system to give the control of the data back to the data owners and the governments, whereby the data owner can decide what data they wish to share and with whom the data is to be shared, according to their domestic regulation requirements.
Finally…
Since neither the FMD/DR or the DSCSA provide guidance regarding implementing any serial number systems or data collection systems, the decision is left to the individual companies. However most of our clients already have systems in place to help address these issues and the Track and Trace solution we provide is to connect the missing links, enabling the business to continue the day to day work without switching systems.
The FarmaTrust solution uses blockchain to create an immutable record of all events throughout the supply chain. The platform has been architected as an interoperable solution, which can connect with your current system. Use of this abstraction technique allows your business to adapt to the regulation(s) relevant to your organisation such that you are able to focus your energies on enabling your business to operate more effectively whilst ensuring compliance.
