With the publication of the Delegated Act on safety features, those who manufacture, sell, or dispense medications in the European Union (EU) have until February 2019 to comply with complex new track-and-trace regulations outlined in the Falsified Medicines Directive (FMD).
Because the EU is one of the largest global markets, it is crucial for pharmaceutical companies, their CMO/CPO partners, and their 3PL partners to start now in understanding the extensive serialization, compliance reporting, verification, and other requirements to ensure full EU FMD compliance.
An Overview of the EU FMD and its Track-and-Trace Model
The Falsified Medicines Directive introduces tougher rules to improve the protection of public health with new harmonized, pan-European measures to ensure that medicines for human use are safe and that the trade in medicines is rigorously controlled. The FMD includes diverse rules for API producers, guidelines for GMP of active substances, logos for online pharmacies, and on-package authenticity features known as Safety Features.
The Safety Feature regulations of FMD impose the greatest data management and transaction processing challenges for all stakeholders in the supply chain, with on-package authenticity features coupled with new serialization, compliance reporting, and verification regulations. Some of these align with other global regulations and standards, and some of these are completely unique to the EU.
Medications in Europe are generally packaged and sold at the “unit of use” level, so the unit volume of product that needs to be serialized can range into the hundreds of millions of units per year for a given company. Serialized product will generate 1,000 times the data storage requirements and 10,000 times the transaction volumes of those seen today for lot-level product. Overall, the universe of data to be produced, managed, and reported on will be massive—and in Europe, there is the added complexity that each EU Member State is given flexibility to apply their own unique requirements.
The FMD requires serialization at the saleable pack or secondary level. For each unit of drug product, a unique serial number, coupled with the manufacturer product code, batch number, and expiration date, are to be encoded in both a GS1 2D DataMatrix and in human readable form. A fifth data element, such as a national reimbursement number, may be required based on country requirements.
Serialization at other packaging levels, such as at the transport case level, is not required nor is aggregation required under law. Regardless, considerable industry discussion has already started on the potential business or operational needs for multi-level serialization and related aggregation activities.
The Marketing Authorization Holder has several reporting and notification requirements under the FMD. The two primary ones are for product master data and serialized product pack data. First, master data about the product including product codes, form, strength, doses per pack, pack type, and target market(s) for distribution must be reported to the European Hub for each unique product form produced. Subsequent updates to product master data must also be reported. Serialized product pack data must also be reported, including product codes, lot/batch number, expiry data, and serial numbers for each unit of drug product shipped into the supply chain. Drug product status must also be maintained and updates made to the EU Hub. These status updates may be required at a batch level if a recall is initiated, or at a saleable unit level in situations such as the decommissioning of serial numbers due to destruction of drug product.
Verification and Safety Features
EU FMD provides for verification of the safety features, including the serialized product identifier, at least once before the product leaves the supply chain and is dispensed to the patient. This may be a fairly simple process executed at point of dispense under simple distribution. Or, it may be a highly complicated one involving risk-based verification by wholesale distributors or parallel importers/repackagers depending on the supply path of the drug product and whether or not the drug product was repackaged.
A Compliance Data Exchange Example for Simple Distribution
In a simple distribution scenario, a pharmaceutical manufacturer sells a drug product to a wholesale distributor and that wholesale distributor sells the drug product directly to a pharmacy.
We will follow the information flow in this scenario:
The pharmaceutical manufacturer generates and reports product master data to the EU Hub. Then, as products are packed, serialized, and shipped, product pack and serialization compliance data is also reported to EU Hub for each unit of drug product. The European Hub pushes some of the information down to the National System repositories of the target markets for the products.
In the simple distribution scenario, a verification of safety features is then performed at point of dispense: the pharmacy. The pharmacy scans the drug product, and a verification inquiry for the product identifier is sent to the National System supporting the member state where the pharmacy is located. The National System checks to verify that the product code and serial number of the product scanned matches an active unique identifier in the system.
The regulations provide for a myriad of additional verification checks, reports, and notifications depending on product path and changes in packaging. Should one wholesaler purchase product from another wholesaler, they must verify the safety features of the purchased product prior to resale. Saleable product returns also trigger verification inquiries prior to resale. In addition, if parallel importation and repackaging occurs of an original manufactured product, a cascade of verification inquiries, decommissioning status updates, product master data reports, and product pack/serialization data reports are required against the original product and the repackaged product.
The Falsified Medicines Directive Creates Diverse Serialization Challenges
The EU FMD creates an umbrella regulation covering the member states of the European Union, plus several other countries aligning to FMD requirements. The EU FMD also acknowledges the uniqueness of each member by providing flexibility in how the regulations apply for drug products targeted for dispensation within a given country. So, a pharmaceutical company preparing for EU FMD regulations needs to design their serialization and compliance infrastructure both for the extreme scalability challenges presented by the FMD and the flexibility required to serve the member states.
For example, a drug product may be regulated as a prescription medicine in one member state but not another, thereby creating serialization requirements for some drug packages and not others. Certain prescription drug products may be white-listed, or exempted, from the safety feature requirements. A member state may choose to allow a standard GS1 GTIN to identify the drug product, or they may require a unique national product code. Member states may also require additional data to be captured, stored, and reported with each drug product, such as a national reimbursement number. These are some of the complexities facing a pharmaceutical company preparing their internal packaging sites and external CMO network, and the CMO looking to serve a diverse pharma client base.
How to Prepare Now for the 2019 Deadline?
With the publication of the final Delegated Acts and a closer look at the many nuanced operational and data management requirements they create, the industry is now realizing the highly complex set of product information, serialization data, and serialized product events which need to be planned for and exchanged with network partners to enable a secure, scalable, and cost-effective EU compliance infrastructure. In order to meet the EU Falsified Medicines Directive requirements by the February 2019 deadline, the thousands of pharmaceutical companies, CMOs, and 3PLs serving the EU market have a lot of work ahead of them to ensure serialization readiness at a massive scale and full compliance readiness for a complex set of reporting requirements.
Therefore, it is crucial to take a network-centric view of your supply ecosystem to fully understand the compliance requirements imposed by your product portfolio and their target markets, the network of supply partners you work with, the product master data and serialized product data exchange issues you will need to master across internal systems and external partners, and the operational process changes required in your finished goods distribution network. This is particularly important if your company or partners also serve markets outside of the EU.
For any individual company, this is a considerable effort that will involve the coordination of dozens to hundreds of supply/distribution partners and integrated connections to an equal amount of enterprise, packaging, and distribution systems. By starting now, you can develop a clear strategy for understanding the data you need to collect and manage, the network you need to exchange information with, and the serialization management and compliance reporting tools that will ensure you reduce time, cost, and risk in meeting FMD requirements.
February 2019 may seem far away, but as experience across the United States, India, South Korea, China, and Brazil has shown, serialization and compliance readiness always takes much longer and is much more complicated than expected. The time to prepare for EU compliance is now.
About the Author