As the pharmaceutical supply chain industry looks toward 2023, PDG has collaborated with industry stakeholders to develop a Foundational Blueprint for 2023 Interoperability (The Blueprint). The Blueprint is a critical initial framework for implementation of the Drug Supply Chain Security Act (DSCSA)’s 2023 interoperability requirements across the pharmaceutical supply chain, and is an important step toward achieving PDG’s mission to develop, advance, and sustain an effective and efficient model for interoperable tracing and verification of prescription pharmaceuticals.
This document sets forth the PDG-defined compliance requirements and business requirements for 2023 interoperability. Compliance requirements represent characteristics of proposed systems and processes that are necessary to meet the statutory obligations of the DSCSA. Business requirements represent technical characteristics of proposed systems and processes that are operationally necessary to satisfy a compliance requirement. Individual companies’ legal interpretations of the specific scope compliance may differ, PDG believes all of the requirements in this document are practically necessary to efficiently achieve interoperability as intended by the DSCSA.
Chapter 1: Understanding of Compliance Requirements and Baseline Business Requirements
Drug traceability is a highly technical and detailed topic and the systems and processes necessary to implement it are complex. The DSCSA, for the most part, provides only general requirements and leaves many of the details of implementation to industry and/or FDA. Recognizing the divergence between statute and practice, this Chapter provides PDG’s general understanding of the statutory requirements of the DSCSA and defines baseline business requirements that frame the general systems and processes for implementation of the main components of the DSCSA: (1) secure, electronic, interoperable systems and processes for the exchange of serialized transaction information (TI) and transaction statements (TS), (2) secure, electronic, interoperable systems and processes for product-identifier verification, and (3) secure, electronic, interoperable systems and processes for tracing. The June 2022 changes approved to the Blueprint may be viewed here, and the December 2022 changes approved to the Blueprint may be viewed here.
Chapter 2: Functional Design
The Drug Supply Chain Security Act (DSCSA) is organized around a Chain of Ownership model, which poses a challenge to the industry in architecting an interoperable system in a world where it is natural to be of a mindset of a “Chain of Possession.”
By the time the DSCSA was signed into law, leading supply chain stakeholders of the US Pharmaceutical industry had already been hard at work adopting standards, developing component designs, and consenting to a wide range of business and systems changes that collectively contribute to the DSCSA Enhanced Drug Distribution Security (EDDS) network. The DSCSA uses terms such as “processes and procedures necessary ….”, “systems and processes”, “interoperable”, etc. in defining this “interoperable, electronic system”. In fact, the EDDS network is a highly decentralized system of systems, where interoperability is accomplished through standardization of data interfaces (messages, events, etc.) and agreement on how trading partners (and their systems) will interpret, manage, and respond to messages and events received from other trading partners or DSCSA authorities.
Existing and new functionality are coming together as the industry adopts and implements components that add to the interoperable EDDS network.
Chapter 3: TI/TS Exchange Functional Design
The TI/TS exchange functional designs in this chapter provide detailed information on how the TI/TS Exchange components of the PDG-defined EDDS network will function. This document is created based on the high-level requirements for Serialized TI and TS Data Exchange (Chapter 1) and functional requirements, constraints, and recommendations of PDG. Included in this section are detailed functional requirements including use cases, system inputs and outputs, process flows, diagrams, and sample TI Exchange scenarios.
Chapter 4: Product Identifier Verification Functional Design
This Product Identifier Verification Functional Design provides detailed information on how electronic PI Verification functional components of the PDG-defined DSCSA EDDS network operate. This document is created based on the high-level requirements for PI Verification (Chapter 1), the functional requirements, existing requirements, constraints, guidelines, and specifications of both the Healthcare Distribution Alliance (HDA) and GS1 US, recommendations of the PDG PI Verification Work Group, and agreed to by the PDG membership. Included in this section are detailed functional requirements including use cases, system inputs and outputs, process flows, diagrams, and sample PI Verification scenarios.
Chapter 5: Tracing Architectural Functional Design
This Tracing Functional Design chapter provides functional design and requirements to be implemented by trading partners, authorities and trace solutions to trace product using the PDG-defined DSCSA EDDS network in support of suspect product, illegitimate product, recalled product investigations and compliance audits.
This chapter provides detailed information on how DSCSA Transaction Information and Transaction Statement information (TI/TS data) is gathered to form a trace of drug product ownership going back to the Manufacturer or Repackager in support of suspect, illegitimate and recalled product investigations utilizing the PDG-defined EDDS network.
Chapter 6: Credentialing and User Authentication
This chapter presents the digital representation of the credentialing process using OCI-specified digital credentials built on W3C standard Verifiable Credentials. Chapter 1 defines requirements and recommendations for credentialing trading partners to ensure they are “authorized,” as required by the DSCSA, and identity-proofed for PI Verification and TI Tracing processes within the PDG-defined Enhanced Drug Distribution Security System (EDDS) network. Derived from DSCSA language, the key driver of this functional design is the requirement that all users of the DSCSA EDDS network be “authenticated” or identity-proofed, “authorized,” and specifically, be credentialed.
It is important to note that the requirements and recommendations of this Chapter were developed with the perspective of, and apply to, PI Verification and TI Tracing, which may necessitate electronic interaction between trading partners that do not have a direct business relationship. The credentialing described in this Chapter does not apply to the exchange of TI, which is definitionally between trading partners with a direct business relationship. While individual trading partners may find business value in extending these credentialing processes to their TI exchange processes and may pursue that as a matter of business practice, PDG does not apply digital credentialing to the TI exchange process, and the requirements and recommendations of this chapter were not designed to address all the considerations that may apply to TI exchange.
Blueprint Public Workshops
PDG will host a series of public workshops to discuss the content of the Blueprint and next steps as industry works toward full compliance with the DSCSA 2023 requirements. The public workshops are open to all industry stakeholders.
Each workshop will cover different substantive components of 2023 interoperability, building on the foundation set by the initial chapter of the Blueprint and encouraging broad industry dialogue on the path forward.
- Workshop 1: Serialized TI Exchange and Verification
- Workshop 2: Interoperable Tracing
- Workshop 3: ATP Credentialing
- Workshop 4: Pilot Tabletop and Workshop
- June 15-16, 2022
- Download the formal workshop report HERE.
Blueprint Public Webinars
PDG will host a series of public webinars to discuss the DSCSA, the content of the Blueprint, Interoperability, the role of ATPs, and the importance of achieving full compliance with the DSCSA 2023 requirements. The public webinars are open to all industry stakeholders.
- Webinar Episode 1: DSCSA Overview, Interoperability, & the Role of ATPs
- Webinar Episode 2: TI/TS Exchange
- Webinar Episode 3: Verification
- Webinar Episode 4: Tracing
- March 16, 1:00 – 2:00pm ET
- Register HERE.
- Webinar Episode 5: Credentialing
- March 23, 1:00 – 2:00pm ET
- Register HERE.
Join the Conversation
The Blueprint should not be taken as requirements and recommendations only for members of PDG. As an independent, balanced, and sector-neutral governance body, PDG believes this member-approved, consensus-based output from months of collaboration will begin to provide the necessary certainty and longevity of an effective implementation plan for the DSCSA’s 2023 requirements for all pharmaceutical industry stakeholders.
PDG is not a governmental entity or agency thereof and therefore does not represent the views or positions of the government or enforcement agencies. Trading partners can implement the DSCSA requirements and comply fully with the DSCSA without implementing the PDG blueprint. However, PDG’s goal is that the Blueprint can serve as an optimal approach to implementation that trading partners will opt to follow.
Change Request Form
It is PDG’s goal that the Blueprint will serve as an optimal approach to DSCSA implementation and that trading partners will find it presents the most efficient pathway to compliance. Stakeholder feedback is essential to that goal. To support broad stakeholder adoption, the Blueprint Change Request process is available to all stakeholders without regard to PDG membership.
To propose a change, addition, or clarification in the Blueprint, please submit a change request.
Change requests will be promptly reviewed and acted upon by the PDG Interoperability Committee according to the urgency level assigned by the Committee Chairs. To facilitate that process you may be asked to clarify your request or join the PDG discussion of your proposal. For questions about the Change request process, please contact firstname.lastname@example.org.