Anteing Up for RFID

As industry tests RFID technology for track and trace, companies await standards uniformity.



By David Vaczek
Senior Editor


DePuy Orthopaedics places UPM Raflatac Gen 2 UHF Dogbone tags on orthopedic implants and parts. Containerized product is read in Odin Technologies� EasyTunnel interrogation cell, in a solution that reduces inspection times and supports inventory control. (See sidebar)

As industry presses ahead with track and trace implementation, it is looking for guidance from FDA and Congress.

Although viewpoints diverge over the most feasible drug pedigree alternatives, technology, and time lines—and whether RFID and authentication systems are even necessary—the delay of California’s e-pedigree requirement leaves companies with little breathing space for developing anticounterfeiting solutions.

“The California ruling gives the industry enough time to do it right,” says Peter Spellman, senior vice president, products and software-as-a-service (SaaS), SupplyScape Corp. (Woburn, MA). “But even with the extension, the timing will be very tight.”

While hospital deployments demonstrate RFID’s value, rolling out track and trace in the arena of drug manufacturing and broad-scale drug distribution presents a formidable challenge.

Some drug firms have expanded their RFID programs. Building on lessons learned from tagging Viagra, Pfizer extended RFID tagging to cases and pallets of Celebrex. Drug wholesalers are testing systems for enabling distribution efficiencies and joining supplier partners in e-pedigree pilots.

“Large manufacturers with a global view are looking to get capabilities in place, with centralized repositories for managing serialized data,” says Paul Schmidt, secure supply-chain practice lead at research and development firm Accenture. “We have seen some smaller companies put their projects on hold for the rest of the calendar year. It will not take them as long to modify their packaging lines.”

“One wild card is the increased use of contract packagers,” Schmidt adds. “They are continuing to get pressure from their customers to get those capabilities enabled, and, as with the wholesalers, they are facing somewhat inconsistent requests as to the form factor and mechanism for receiving and reporting the data.”

Cardinal Health has tested RFID with a number of manufacturer partners at its Sacramento, CA, facility, after its pilot testing of the technology last year.

“We validated the conclusion that we had come to after our RFID pilot—that RFID is viable for track and trace purposes,” says Julie Kuhn, director of operations analytics. “A great deal of additional work, however, needs to be taken on by stakeholders to address challenges to track and trace technology, before any industrywide solution can be adopted.”

“For instance, we see a need for global standards; privacy concerns need to be addressed; and the industry needs to determine how to safely handle special products like biologics within a track and trace system,” Kuhn adds. “These are all issues that no one player in the supply chain can solve—stakeholders across the industry need to work together to create solutions to these issues.”

In responses in May to FDA on track and trace standards, some drug companies expressed support for an e-pedigree requirement, with a risk-based approach to serialization. Pharmacies, on the other hand, are arguing that the technology is unproven, too expensive, and would disrupt patient care.

Asserting that “track and trace technology has not yet reached maturity,” the National Association of Chain Drug Stores (NACDS) wrote to FDA stating: “We expect that manufacturers will use a combination of 2-D bar code and multiple different frequencies for RFID tags. This variety will exponentially increase the cost of track and trace to retail pharmacies. This is why a phased-in approach is problematic. That approach allows manufacturers to spread their costs out over a number of years, whereas pharmacies would have to be fully prepared on day one for any number of different technologies.”

Seeking Uniformity

By contrast, drug wholesalers are favoring an expansive RFID-based system, with RFID use and product serialization starting with the manufacturer. The wholesalers have also voiced strong support for the Safeguarding America Pharmaceuticals Act of 2008 (Buyer-Matheson) as, “establishing rigorous new pedigree requirements that will apply uniformly across all 50 states.”

Buyer-Matheson (HR 5839) would preempt the diversity of standards that states have enacted or are planning. The bill calls for a risk-based approach for the application of unique standard numerical identifiers (SNIs) to drugs that FDA would identify as at high risk.

“Buyer-Matheson supersedes any state laws. It specifically calls out that a state cannot go beyond its mandate. States are free to go beyond what FDA asks for, as the PDMA [Prescription Drug Marketing Act] law is written today,” says Bob Celeste, director, GS1 Healthcare US.

Noting that it has not taken a formal position on HR 5839, the Pharmaceutical Research and Manufacturers of America (PhRMA) called the measure “a strong anticounterfeiting bill that could help protect patient health and safety.

“We appreciate the thoughtful process set out to apply anticounterfeiting technologies to prescription medicines based on the potential risks posed by counterfeiting and diversion,” PhRMA said, adding that the risk-based approach has worked well in other regulatory contexts, supporting effectiveness and efficiencies.

Among the many issues that guidance might resolve:

  • Will a requirement for a pedigree, paper-based or electronic, precede requirements for serialization?
  • Will the drug manufacturer or wholesaler initiate the pedigree?
  • Will there be a phased implementation of serialization?
  • What will standards say about 2-D bar codes?
  • How will FDA define the SNI (and will it include the National Drug Code)?

A risk-based approach was favored by drug firms commenting to FDA.

“We recommend that priorities for standards implementation be established on a risk-based approach” as “each manufacturer is in the best position to assess the risk of a product being counterfeited and to also contribute to the evaluation of the public health impact of such counterfeiting,” Merck wrote.

Pfizer said that “requiring manufacturer-initiated e-pedigrees is a feasible and necessary near-term step to help secure the drug supply chain. Pedigrees should be implemented in the near term, while serialization of additional products occurs.”

Grading Data Carriers

For item level UHF tagging, the Gen 2 RxTRAK tag from Tagsys uses antenna coupling to support item reads in closely packed pharmaceutical containers.

Noting that most manufacturers continually assess counterfeiting risk, Tap Pharmaceuticals Inc. said that SNIs at the item level should be reserved for products at the highest risk. “SNIs applied at the case level should be considered for products at medium risk . . . with products at low risk not required to have an SNI but be protected by electronic pedigree.”

California’s State Board of Pharmacy expressed its support for mass unit–level serialization, using RFID as the “vastly superior technology,” with 2-D bar codes used only as temporary or interim solutions, or as backup technology.

But drug firms noted 2-D’s advantages in commenting to the agency on the pros and cons of different data carriers.

“RFID deployment is currently an issue due to cost and limited use within the pharmaceutical supply chain, particularly since it is also possible to trace product movement with 2-D or linear bar codes,” Pfizer said.

“We believe that, at least in the near future, widespread use of RFID is not feasible,” with barriers including potential compatibility issues with certain products,” the company said.

In signaling support for broad implementation of RFID and product serialization, McKesson said that 2-D bar codes should be supported as an RFID alternative, with inference allowed for case package contents.

“McKesson prefers the use of RFID for logistical and security reasons,” the company wrote. “However, we understand that 2-D bar codes are preferable to many of our branded, generic, and biotech manufacturer suppliers.”

Accenture’s Schmidt predicts that 2-D item coding will be “the prevalent approach for the foreseeable future. Item-level labels with embedded RFID tags cost 40–50 cents at the cheapest. For companies tagging hundreds of millions of units a year, $25 million in recurring costs is hard to justify. 2-D is not zero cost, but it’s cheaper than RF at this point.”

In response to FDA’s question on a standard for a numerical identifier, McKesson advised that SNIs should follow GS1 Healthcare standards for EPC and 2-D coding.

Merck wrote: “Many GS1 Healthcare standards are currently available and adopted,” with additional standards available by mid-2008. “We expect to adopt the standards as they are approved. GS1 is developing a traceability standard. We recommend that all parties in the supply chain including manufacturers, wholesalers, retailers, and regulatory agencies participate.”

An EPCglobal traceability standard for the healthcare industry under development is “an umbrella standard that talks about how to use all of our standards for traceability,” says GS1 Healthcare US’s Celeste.

Additionally, a GS1 Healthcare US task force is documenting an approach for combining the GS1 EPCglobal Drug Pedigree Messaging Standard (DPMS) with its EPCIS standard.

“Companies would like to use one or the other to comply with the pedigree requirements, or leverage data [for sharing supply-chain information],” Celeste says. “The task force is looking at how these could be used in an interoperable fashion. Companies would not have to worry about an obsolete investment in one solution or the other.”

“In our comments to FDA, we have asked the agency not to overregulate things by focusing on a particular technology, [but rather] continue working with industry as both pedigree and serialization technology matures,” he says.

SupplyScape has outlined a proposal that couples the DPMS and EPCIS models “so that pedigree data can be located and shared using EPCIS-based applications.”

“EPCIS is a general interface for selective sharing of information about serialized product events,” Spellman says. “But it does not have the specificity needed to implement all of the pedigree laws in the different states. In merging the two, you have a high bar for ensuring compliance with regulations, with an infrastructure in place for achieving business value from these technology investments.”

A hybrid interoperative model would support the DPMS with digital signatures, with cross supply-chain visibility of granular transactional data using EPCIS, Schmidt says.

“I think companies will favor digital signatures in DPMS transactions. Some companies are saying they have contractual relationships that establish that the data they receive is true and accurate. But how do you ensure the data haven’t been modified by other trading partners at some point further down the supply chain?” he says.

At the same time, not all transactions involve a change in ownership, such as when a contract packager sends serialized data to a manufacturer. “It’s not a pedigree event,” Schmidt says. “EPCIS is a great way to pass that parent/child hierarchy information, where there is no digital signature requirement.”

Finding Partners

AmerisourceBergen has tested IBM’s EPCIS solution, which also supports DPMS. “EPCIS is our preferred mechanism of data exchange, but we also plan to have the ability to receive pedigree data in the DPMS format. The ultimate solution will depend on whether or not there is federal pedigree legislation,” says Heather Zenk, integrated solutions project director.

“What we would like to see is universal product serialization, with uniform standards across all states,” Zenk says. “Our goal is to accommodate any e-pedigree requirements, with a robust solution that provides business value.”

“In our Sacramento pilot, we have conducted a limited amount of data exchange. While the pilot is still in place, we have slowed down our development process while we see how things develop on the legislative front,” she adds.

Golden State Medical Supply (Camarillo, CA) has adopted IBM’s Solution for Pharmaceutical Track and Trace, including its WebSphere RFID Information Center data repository for managing and sharing serialized data, and WebSphere Premises Servers for device and serialization work flow management.

Starting in business in 1986, Golden State is a wholesaler and contract manufacturer and packager with a 96,000-sq-ft facility. Jim Stroud, CEO, says the solution will provide business advantages, besides ensuring compliance with the state’s e-pedigree requirements.

“With this solution, we are in a position to help our pharmaceutical partners increase the security of the drug supply chain,” Stroud says. “Since we are small, we knew we could move quickly. This investment has taken a big part of our budget, but I think in the long term it will pay off.”

The company has started conversations with upstream and downstream partners for launching e-pedigree and EPCIS transactions. “We see the biggest potential with manufacturers who have told us they are not ready to take on the additional production step of serializing product,” Stroud says.

Golden State’s largest customers are the big wholesalers through whom it supplies government contracts and other products. “We need to establish them as partners for pedigree data exchange. We also see an opportunity to support the big drug chains by providing tagging and serialization in a logistics role.

“To test this out, we need to find trading partners,” Stroud adds. “We are here to communicate with whoever is out there.”

Golden State’s installation demonstrates that IBM’s track and trace products can be tailored to small customers, providing “as little or as much as a customer needs. Golden State is using the same solution as AmerisourceBergen and our other large customers,” says John Del Pizzo, global solutions executive, sensor and actuator solutions.


Del Pizzo says wholesalers are just starting to test reliable data sharing with partners.

The California delay shifts company emphasis from strict e-pedigree compliance to achieving business value through the EPCIS event format model.

“For complying with California, 80–90% of the effort is not the pedigree,” Del Pizzo says. “It’s the process of serialization, capturing the product movement as you move from step A to step B in the business process, and linking it to product data. The EPCIS model allows you to then send discrete events so the clients get just the data they are looking for.” EPCIS serialized data can also populate a pedigree document, which is “just a view of data in your event repository,” Del Pizzo adds.

For using serialized data in trading partner collaboration, SupplyScape has launched Nexus, a network-based or SaaS platform hosting business applications. Nexus represents an advanced stage in the company’s strategic initiative to create a wealth of business value from serialized data, Spellman says.

“Nexus puts booster rockets on the EPC network.” says Spellman. “A core capability of Nexus is it allows you to model bi-directional business relationships with trading partners for sharing only essential data.”

Nexus features include a Trading Partner Directory and portal services that speed process connectivity, and Web 2.0 user interface technologies. SupplyScape provides services for integrating Nexus with client ERP and EPCIS solutions.

“EPCglobal defines the fundamental interface for queries and data capture, but it doesn’t address the business context. As companies begin to share EPCIS data, deploying data outside their fire walls, they have to establish security policies and authorization rules. This will often require custom coding for each partner.

“Nexus removes the friction from business transactions, with a framework for building business process applications,” he adds.

No votes yet