The debate over the desirability of electronic pedigrees is largely over. With less than a year until the kickoff of California's
e-pedigree law, companies are moving toward implementation. The new conventional wisdom: Electronic pedigrees not only improve
patient safety and product security but also enable business value.
Industry experts have concluded that e-pedigrees are the most effective way to prevent counterfeit drugs from entering the
drug supply chain. The rich, precise, and secure product information and transaction detail within the e-pedigree provides
a chain of custody as a drug moves through trading networks. The result is a new level of threat detection and investigative
capability for all companies in the pharmaceutical supply chain.
These security investments can be turned into business value: Sharing the electronically captured information with trade relations,
sales, supply chain management, and manufacturing operations groups can improve supply chain operations and related business
As the January 1 deadline to meet California's mandate approaches, companies need an e-pedigree road map to expedite their
path to regulatory compliance and product security and to position themselves to capitalize on their e-pedigree investment
by gaining greater control of their supply chain.
Laying the Foundation
The e-pedigree movement reached an important milestone in 2007 with the ratification of the EPCglobal Drug Pedigree Messaging
Standard (DPMS). The standard provides a data format that complies with all state and federal government regulations and allows
trading partners to send and receive data in a secure, interoperable manner, using existing data-transfer technologies.
The standard's security mechanisms ensure that data cannot be forged without easy detection, while interoperability provisions
ensure pedigrees are understandable by all trading partners, regardless of e-pedigree vendor.
The standard is the key to enabling pedigree compliance in California—and the rest of the country. More than 100 companies
across the industry are implementing electronic pedigrees based on DPMS. They are establishing an interoperable information
network to support secure trading-partner collaborations and communications.
E-pedigree's security and business potential are apparent from its contents. E-pedigrees contain data on a product's physical
movement and financial flows with a granularity and timeliness not previously available. Product information includes the
drug name, National Drug Code (NDC), unique pedigree serial number, lot numbers, expiration dates, quantity and strength,
and product serial number (if product is serialized at the item level). Transaction information consists of transaction dates;
trading-partner identification (name, address, license number); date received; related financial transaction information (such
as purchase order or invoice number); company representative receiving the product; and each transaction's validation.
You must understand state and federal regulations and how your company will be affected by these complex and varying requirements.
With that analysis in hand, you can develop your specific regulatory requirements and map your pedigree initiatives to your
company's product-security and business requirements. As part of the plan, you will identify how e-pedigree will affect operations,
which IT systems are affected, and the scope of required resources.
It is important to plan nationally. While initial deployment may focus on a single state, you should build the foundation
for a national rollout, since most pharma products are sold in all states.
To develop an e-pedigree road map that aligns your business goals with an e-pedigree technology solution, consider these main
Vendor/product selection The first step is the selection of an e-pedigree software vendor. Look specifically at exception-processing support, integration
points, deployment requirements, hardware and software prerequisites, costs, and how much operational support a vendor's product
Product functionality The software should provide all the capabilities you require. Otherwise, you'll incur higher operational costs or require
custom development to supply the functionality.
Software delivery Will the software be delivered as a packaged solution or as a toolkit? If you go with a toolkit approach, you will need to
plan for custom code development. If you select a packaged solution vendor, make sure the vendor is committed to future-proofing
its solution as regulatory standards, operational factors, and technologies evolve.