On June 10th, the long-awaited first draft guidance under the DSCSA was released by the FDA. For those holding high expectations that the guidance would offer specific direction on how to handle suspect/illegitimate products internally, you may come away feeling a little shortchanged. However, in the past, the FDA has come under scrutiny for using guidance to replace rule making, since this requires legislative involvement, so the lack of detail in the draft may be an effort to make room for flexibility that industry felt they weren’t getting before.
Whatever the intent, the draft guidance does provide some learning opportunities and also a very subtle call to action. I recently spoke with David Colombo and Dawn Wang with KPMG Life Sciences Advisory to find out what can be learned from this draft and where we go from here.
What We Can Learn:
As stated on page four of the Draft Guidance for Industry: Drug Supply Chain Security Act Implementation: Identification of Suspect Product and Notification, the document is “intended to aid trading partners (manufacturers, repackagers, wholesale distributors, or dispensers) in identifying a suspect product and terminating notifications regarding illegitimate product.” Since these terms and their definitions were already defined in the legislation, it would seem that the other piece to be provided would be how a company would investigate and handle them. This is a major area where the draft falls short. There is no detail around what these internal processes should look like; however, this is where Colombo and Wang say this room for interpretation should encourage action on behalf of all trading partners.
Dave Colombo, KPMG Life Sciences Advisory
In most organizations, the quality group will already have standard operating procedures (SOPs) outlining the internal processes around product investigations, complaints, “suspect” or “illegitimate” products, as well as corrective and preventative action (CAPA) responses. Matching terms used in these existing processes with those used in the regulation allows a company to then assess which definitions need edited in order to align with the FDA’s terms and definitions. “If an organization hasn’t formally established terms that align with the definitions provided under the DSCSA, then those need to be addressed. In the case that terms have been established, they will need to be reviewed to ensure that any overlaps or conflicts in the interpretation can be addressed,” says Colombo.
“As an example, in the past, an organization may use different SOPs to respond to stolen versus counterfeit products. Under the DSCSA, the definition of suspect and illegitimate can apply in cases identified across various SOPs and will now require standard ways of quarantining, reporting, and dispositioning of the product,” adds Wang about the draft and the process it outlines for reporting illegitimate products through the new Form 3911, which must occur no later than 48 hours after determining that a product is indeed illegitimate. “Fortunately, the guidance provides some clarity to the piece on notifying and reporting to authorities, if not to the piece on the coordination with trading partners. The nature of relationships with trading partners, though, is quite different than that with authorities, so it may be good to keep the definition of business relationship processes out of scope of the guidance. Organizations are starting with baseline SOPs to build off of and will just need to examine the elements of the law and guidance to make sure they are all tied in.” Part of updating these procedures includes making sure that outdated pedigree legislation is not mentioned in any existing SOPs. This would include state laws that were preempted by the passing of the DQSA, or soon-to-be-outdated legislation, such as the Prescription Drug Marketing Act (PDMA), which is going to be sunsetted as of January 1st, 2015.
Not only is it important to identify the definition of a “suspect” and “illegitimate” products (which is done in the legislation itself), but it’s also important to be aware of situations when there is a heightened risk for a suspect product to enter the pharmaceutical supply chain. While it is stated it is not an exhausted list, the draft guidance does offer possible scenarios industry should be aware of when: engaging with trading partners and product sourcing that put the product at risk; dealing with a product that is vulnerable based on its supply, demand, history, and value, and/or a product that has suspicious form or packaging.
What We Still Need To Know:
As indicated in the legislation, the suspect product must be put in quarantine to prevent it from being shipped. Once this is done, the first step is to make sure the expiration date on the product and the relevant transaction data, which is the transaction associated with the lot number, have the right association. As previously stated, the company must provide these materials within 24 hours or a maximum of 48 (if the notification of verification request occurred over the weekend) and then complete an investigation and report the results to the FDA. If you’ve determined the product does not actually seem to be suspect, when can the quarantine end and shipping resume? While this is not clearly identified in the draft, Wang says having the lot-level data at your fingertips will allow for a quicker investigation, which should reduce the amount of time any product is under quarantine. “The intent of the requirements on product verification within the law is to make lot-level product date more readily available in order to aid stakeholders to identify or clear suspect and illegitimate product. With this data, stakeholders should be able to more accurately define the impact of the suspect or illegitimate product, and reduce the amount of time a product sits in quarantine.”
Also, many questions still swarm around what should happen if an illegitimate product is found. Does the entire lot have to go back to the manufacturer, does it all have to be destroyed, or does a company just continue what they would do in the situation of a theft or a counterfeit? Like any draft guidance, the FDA is soliciting comments from interested stakeholders for 60 days from the date of publication. It is through these comments where good discussions and thoughts may drive an industry standard, even if the FDA doesn’t necessarily do something tangible with those that are submitted. Additionally, keeping an eye on information coming from organizations, such as the Healthcare Distribution Management Association (HDMA) or the Pharmaceutical Distribution Security Alliance (PDSA), may prove beneficial if the FDA coordinates behind the scenes efforts with these organizations to fill in the gaps through suggested best practices. “Most stakeholders understand that the FDA, industry associations, and standards organizations have different roles and areas of expertise when it comes to defining requirements versus issuing technical guidance or implementation methods. Industry stakeholders will apply the requirements to specific scenarios that are applicable to them. One example of this is that HDMA is planning to release its interpretation of the types of transaction scenarios that occur in the distribution chain, and what data elements are required to be sent and received in each of those cases,” explains Wang.
Although the ambiguity of the guidance leaves many unanswered questions, the fact that the FDA is allowing stakeholders to develop their own processes should be embraced as something positive. A trust is building between the industry and the regulators that has resulted in some level of independence, and it’ll be interesting to see how this develops as the remaining milestones in the DQSA play out over the next 9 ½ years. Not just domestically but internationally, we are attempting to take back the supply chain from the vulnerability it’s been exposed to for so long and protect the patients who trust us to do. The commitment from the FDA to release the guidance this month as promised (even if it is a little late) shows that the effort is well underway.
