Are you overlooking something in preparing for the Drug Supply Chain Security Act (DSCSA)? DSCSA will be mandatory in just under a year, and similar to many companies, you may primarily be focused on what to put on pallets, cartons, and packages; However, there are broader concerns that you overlook at your own peril – and that of the patients: data integrity.
The serialization mandate
The DSCSA will enable the U.S. Food and Drug Administration (FDA) to track-and-trace drug products to the individual unit of sale. As per the FDA “DSCSA, outlines steps to build an electronic, interoperable system to identify and trace certain prescription drugs as they are distributed in the United States. This will enhance FDA’s ability to help protect consumers from exposure to drugs that may be counterfeit, stolen, contaminated, or otherwise harmful. The system will also improve detection and removal of potentially dangerous drugs from the drug supply chain to protect U.S. consumers.”
On the proactive front, this adds another layer of security to ensure legitimate prescription drugs make it to customers and potentially, very harmful, falsified and counterfeit versions of those drugs do not. The illegitimate drug issue has an estimated monetary cost of $75 billion to pharmaceutical companies annually. Source: Joe Whyte, Rockwell. The human cost, however, is far higher: between 100,000 to 1,000,000 people die every year due to falsified drugs. Source: Alexandra Ossola, (@ossolalex) Newsweek. As a way to help combat the extreme loss of life as well as the financial costs, the drive to serialization is easy to understand.
On the reactive side, DSCSA makes it far easier to track-and-trace drugs expeditiously throughout the lifecycle from manufacturing to consumer purchase. This is highly beneficial in the case of a recall or other concerns regarding a drug.
That covers the “why?” of serialization, but the most pressing for many companies is the “how?” On this point, the discussion can become very narrow, or nerve-rackingly broad, depending on how you approach it.
Beyond the Box
Many companies are looking at the ISA-95 model as an architecture for serialization. This is comprised of several “levels,” starting from the most granular. For DSCSA, some are adding a 5th layer for cloud-based solutions that allow regulatory bodies to view the data.
In the fully digitized process that the DSCSA envisions, data integrity is paramount. Most companies are primarily focused on meeting the requirements that the FDA has laid out, and rightly so; but there is a parallel opportunity for companies to increase both their security and productivity.
If your company has implemented the right solution for serialization and you can track your product all the way back to its origin, you may believe you can check a box and move on. However, you need to ask yourself: can the data be trusted?
The crucial first step in any enterprise protecting their assets is authentication. Unfortunately, many companies continue to use outdated methods of authentication throughout their manufacturing process. If there isn’t a strong case of user non-repudiation, can you trust the integrity of the data being produced? Though mundane to some and taken for granted by most, authentication is one of the most critical components of the modern workplace, specifically in manufacturing.
Most of the proof around who-did-what-and-when is currently handled by username/password input. While better than pen and paper, but still far from ideal: one in five business passwords is considered weak or – even worse – shared. Source: Alison DeNisco (@AlisonDeNisco) TechRepublic. This approach also creates extra work for the employee, and when the burden of authentication grows too large, employees frequently figure out shortcuts, thus weakening a company’s security posture. Even supplemented with a smart card to create a two-factor authentication scenario, the burden remains with the employee.
Enter the Nymi solution, featuring a biometrically authenticated wearable device that satisfies all constituents in the process.
- Companies increase their security and compliance posture, avoiding costly audits and potential fines.
- IT teams have real-time control over who is allowed to do what.
- Users now authenticate with minimal friction and risk of private information escaping the cloud because the biometric data ONLY resides on the Nymi Band and isn’t shared at any point in the process.
Data integrity comes into question when a company cannot confidently say who has done what on the manufacturing line. This lack of data integrity can have deleterious effects on a company during audit scenarios, both internal and external.
Are you currently working through the challenges of bringing manufacturing processes up to date to meet the DSCSA deadline? Then you may want to take a look at your methods of authentication as well. Gain confidence in your data without burdening shop floor employees and extend the benefits achieved as part of the shift to Industry 4.0.